Hey, I've got one script on web. But I'm not able to implement it on my FC3 server. Plz. look the following url, -
Microsoft VPN behind IPTABLES firewall
What I want to do is same which is mentioned in above url but it's not working on my server. I'm getting several warnings which I saw the message log, -
====================================================================
Oct 2 15:40:17 nashik kernel: ## FW_I_BLOCK ## IN=ppp0 OUT= MAC= SRC=203.197.174.81 DST=59.95.54.252 LEN=1492 TOS=0x00 PREC=0x00 TTL=55 ID=24677 PROTO=TCP SPT=80 DPT=2313 WINDOW=6432 RES=0x00 ACK URGP=0
Oct 2 15:40:17 nashik kernel: ## FW_I_BLOCK ## IN=ppp0 OUT= MAC= SRC=218.248.240.24 DST=59.95.54.252 LEN=364 TOS=0x00 PREC=0x00 TTL=25 ID=63219 PROTO=UDP SPT=53 DPT=1034 LEN=344
Oct 2 15:40:20 nashik kernel: ACPI: PCI interrupt 0000:00:02.0[A] -> GSI 10 (level, low) -> IRQ 10
Oct 2 15:40:20 nashik kernel: [drm] Initialized i915 1.1.0 20040405 on minor 0:
Oct 2 15:40:20 nashik kernel: mtrr: base(0xd0020000) is not aligned on a size(0x300000) boundary
Oct 2 15:40:25 nashik kernel: ## FW_F_BLOCK ## IN=eth0 OUT=ppp0 SRC=192.168.0.112 DST=220.119.176.238 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=46691 PROTO=UDP SPT=15536 DPT=11268 LEN=33
Oct 2 15:40:25 nashik kernel: ## FW_F_BLOCK ## IN=eth0 OUT=ppp0 SRC=192.168.0.112 DST=116.42.57.42 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=46692 PROTO=UDP SPT=15536 DPT=15188 LEN=33
Oct 2 15:40:25 nashik kernel: ## FW_F_BLOCK ## IN=eth0 OUT=ppp0 SRC=192.168.0.112 DST=122.164.226.253 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=46693 PROTO=UDP SPT=15536 DPT=27214 LEN=33
Oct 2 15:40:25 nashik kernel: ## FW_F_BLOCK ## IN=eth0 OUT=ppp0 SRC=192.168.0.112 DST=89.39.185.77 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=46694 PROTO=UDP SPT=15536 DPT=9634 LEN=33
Oct 2 15:40:25 nashik kernel: ## FW_F_BLOCK ## IN=eth0 OUT=ppp0 SRC=192.168.0.112 DST=75.39.22.137 LEN=53 TOS=0x00 PREC=0x00 TTL=127 ID=46695 PROTO=UDP SPT=15536 DPT=8819 LEN=33
Oct 2 15:40:34 nashik kernel: ## FW_I_BLOCK ## IN=ppp0 OUT= MAC= SRC=203.197.114.21 DST=59.95.54.252 LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=0 DF PROTO=TCP SPT=80 DPT=1438 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Oct 2 15:40:35 nashik kernel: ## FW_I_BLOCK ## IN=ppp0 OUT= MAC= SRC=203.200.85.168 DST=59.95.54.252 LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=0 DF PROTO=TCP SPT=80 DPT=2327 WINDOW=5840 RES=0x00 ACK SYN URGP=0
Oct 2 15:40:36 nashik kernel: ## FW_I_BLOCK ## IN=ppp0 OUT= MAC= SRC=217.163.21.31 DST=59.95.54.252 LEN=1492 TOS=0x00 PREC=0x00 TTL=51 ID=42717 PROTO=TCP SPT=80 DPT=2328 WINDOW=8001 RES=0x00 ACK URGP=0
Oct 2 15:41:01 nashik crond(pam_unix)[3293]: session opened for user root by (uid=0)
====================================================================
Also I'm printing here my ifconfig output, -
===============================================
eth0 Link encap:Ethernet HWaddr 00:134:19:CE:37
inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:135663 errors:0 dropped:0 overruns:0 frame:0
TX packets:139336 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
Interrupt:5 Base address:0xe400
eth1 Link encap:Ethernet HWaddr 00:08:A1:78:26:A6
inet addr:192.168.1.10 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:200113 errors:0 dropped:0 overruns:0 frame:0
TX packets:103677 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
Interrupt:11 Base address:0xe000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:44691 errors:0 dropped:0 overruns:0 frame:0
TX packets:44691 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
ppp0 Link encap:Point-to-Point Protocol
inet addr:59.95.27.221 P-t-P:59.96.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:199370 errors:0 dropped:0 overruns:0 frame:0
TX packets:102927 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
===============================================
Please help me out to develop the VPN server access through the firewall.
Thanks.
Regards,
Ashwin