Видео смотреть бесплатно

Смотреть жесткое видео

Официальный сайт aktuell 24/7/365

Смотреть видео бесплатно

  1. welinux.ru
  2. Вопросы и ответы
  3. Talks!
  4. Лента
Регистрация Войти
ibchgroup 13.09.2010 10:57

Есть проблема!Не работает форвардинг RDP на сервере openSUSE 11.2

Не получается настроить проброс для RDP-сервера извне на 192,168,0,100:3389 .
iptables --list такой:

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
linux-deny:~ # iptables --list
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            state RELATED
input_int  all  --  anywhere             anywhere
input_ext  all  --  anywhere             anywhere
input_ext  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET '
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
forward_int  all  --  anywhere             anywhere
forward_ext  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING '
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-OUT-ERROR '

Chain forward_ext (1 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp address-mask-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp protocol-unreachable
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp redirect
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
LOG        tcp  --  anywhere             localhost           limit: avg 3/min burst 5 tcp dpt:ndl-aas state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDext-ACC-REVMASQ '
ACCEPT     tcp  --  anywhere             localhost           tcp dpt:ndl-aas
ACCEPT     tcp  --  localhost            anywhere            state RELATED,ESTABLISHED
LOG        tcp  --  anywhere             localhost           limit: avg 3/min burst 5 tcp dpt:ndl-aas state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDext-ACC-REVMASQ '
ACCEPT     tcp  --  anywhere             localhost           tcp dpt:ndl-aas
ACCEPT     tcp  --  localhost            anywhere            state RELATED,ESTABLISHED
LOG        tcp  --  anywhere             192.168.0.100       limit: avg 3/min burst 5 tcp dpt:ms-wbt-server state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDext-ACC-REVMASQ '
ACCEPT     tcp  --  anywhere             192.168.0.100       tcp dpt:ms-wbt-server
ACCEPT     tcp  --  192.168.0.100        anywhere            state RELATED,ESTABLISHED
LOG        udp  --  anywhere             192.168.0.100       limit: avg 3/min burst 5 udp dpt:ms-wbt-server state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDext-ACC-REVMASQ '
ACCEPT     udp  --  anywhere             192.168.0.100       udp dpt:ms-wbt-server
ACCEPT     udp  --  192.168.0.100        anywhere            state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere            PKTTYPE = multicast
DROP       all  --  anywhere             anywhere            PKTTYPE = broadcast
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-FWDext-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWDext-DROP-DEFLT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min burst 5 state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDext-DROP-DEFLT '
DROP       all  --  anywhere             anywhere

Chain forward_int (1 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp address-mask-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp protocol-unreachable
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp redirect
ACCEPT     all  --  anywhere             anywhere            state NEW,RELATED,ESTABLISHED
LOG        tcp  --  anywhere             localhost           limit: avg 3/min burst 5 tcp dpt:ndl-aas state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDint-ACC-REVMASQ '
ACCEPT     tcp  --  anywhere             localhost           tcp dpt:ndl-aas
ACCEPT     tcp  --  localhost            anywhere            state RELATED,ESTABLISHED
LOG        tcp  --  anywhere             localhost           limit: avg 3/min burst 5 tcp dpt:ndl-aas state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDint-ACC-REVMASQ '
ACCEPT     tcp  --  anywhere             localhost           tcp dpt:ndl-aas
ACCEPT     tcp  --  localhost            anywhere            state RELATED,ESTABLISHED
LOG        tcp  --  anywhere             192.168.0.100       limit: avg 3/min burst 5 tcp dpt:ms-wbt-server state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDint-ACC-REVMASQ '
ACCEPT     tcp  --  anywhere             192.168.0.100       tcp dpt:ms-wbt-server
ACCEPT     tcp  --  192.168.0.100        anywhere            state RELATED,ESTABLISHED
LOG        udp  --  anywhere             192.168.0.100       limit: avg 3/min burst 5 udp dpt:ms-wbt-server state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDint-ACC-REVMASQ '
ACCEPT     udp  --  anywhere             192.168.0.100       udp dpt:ms-wbt-server
ACCEPT     udp  --  192.168.0.100        anywhere            state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere            PKTTYPE = multicast
DROP       all  --  anywhere             anywhere            PKTTYPE = broadcast
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-FWDint-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWDint-DROP-DEFLT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min burst 5 state NEW LOG level warning tcp-options ip-options prefix `SFW2-FWDint-DROP-DEFLT '
reject_func  all  --  anywhere             anywhere

Chain input_ext (2 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere            PKTTYPE = broadcast
ACCEPT     icmp --  anywhere             anywhere            icmp source-quench
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
ACCEPT     rdp  --  anywhere             anywhere
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:ftp-data flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:ftp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ftp-data
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ftp
LOG        udp  --  anywhere             anywhere            udp dpt:ms-wbt-server state NEW limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC '
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ms-wbt-server
LOG        tcp  --  anywhere             anywhere            tcp dpt:ms-wbt-server state NEW limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ms-wbt-server
LOG        tcp  --  anywhere             anywhere            tcp dpt:49155 state NEW limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:49155
LOG        udp  --  anywhere             anywhere            udp dpt:49155 state NEW limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC '
ACCEPT     udp  --  anywhere             anywhere            udp dpt:49155
DROP       all  --  anywhere             anywhere            PKTTYPE = multicast
DROP       all  --  anywhere             anywhere            PKTTYPE = broadcast
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min burst 5 state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
DROP       all  --  anywhere             anywhere

Chain input_int (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain reject_func (1 references)
target     prot opt source               destination
REJECT     tcp  --  anywhere             anywhere            reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere            reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere            reject-with icmp-proto-unreachable
linux-deny:~ #

Что посоветуете?
telnet 127.0.0.1 3389 пишет connection refused

Тэги: iptables OpenSuSE
+ 2 -
Похожие Поделиться
DobrijZmej 13.09.2010 11:04 #
+ 0 -
как минимум, советую использовать cat
mikle 13.09.2010 12:01 #
+ 2 -
Думаю это должно помочь
iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 192.168.0.100:3389
iptables -A FORWARD -d 192.168.0.100 -p tcp -m tcp --dport 3389 -j ACCEPT


у меня так работало
ibchgroup 13.09.2010 12:50 #
+ 0 -
Единственная проблема:

linux-deny:~ # iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 192.168.0.100:3389
iptables: No chain/target/match by that name.
mikle 13.09.2010 13:35 #
+ 1 -
ой, извини
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 192.168.0.100:3389
ibchgroup 13.09.2010 15:35 #
+ 0 -
telnet 127.0.0.1 3389
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused

:(
mikle 13.09.2010 15:39 #
+ 0 -
а если все таки пробовать извне подключиться, а не на локалхост
zorggg 14.09.2010 20:15 #
+ 0 -
1. Правило для нат есть?Надо натом выпускать ответы.
2. На винде RDP проверял?в пределах серой сети работает?

Смотреть видео онлайн

Онлайн видео бесплатно


Смотреть русское с разговорами видео

Online video HD

Видео скачать на телефон

Русские фильмы бесплатно

Full HD video online

Смотреть видео онлайн

Смотреть HD видео бесплатно

School смотреть онлайн