спасибо всё работает <font size="3">echo 1 > /proc/sys/net/ipv4/ip_forward</font><br><br><div class="gmail_quote">6 мая 2008 г. 19:21 пользователь Дмитрий Филиппов <<a href="mailto:archangel.night@gmail.com">archangel.night@gmail.com</a>> написал:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Помогите с проблемой нет доступа в интернет из локальной сети:<br>Linux <a href="http://proxy.mx-arkada.ru" target="_blank">proxy.mx-arkada.ru</a> 2.6.18-53.el5 #1 SMP Mon Nov 12 02:22:48 EST 2007 i686 i686 i386 GNU/Linu CentOS 5.1<br>
# route<br>
Kernel IP routing table<br>Destination Gateway Genmask Flags Metric Ref Use Iface<br><a href="http://gw64.san.ru" target="_blank">gw64.san.ru</a> * <a href="http://255.255.255.255" target="_blank">255.255.255.255</a> UH 0 0 0 ppp0<br>
<a href="http://192.168.1.0" target="_blank">192.168.1.0</a> * <a href="http://255.255.255.0" target="_blank">255.255.255.0</a> U 0 0 0 eth0<br><a href="http://169.254.0.0" target="_blank">169.254.0.0</a> * <a href="http://255.255.0.0" target="_blank">255.255.0.0</a> U 0 0 0 eth1<br>
<a href="http://10.0.0.0" target="_blank">10.0.0.0</a> * <a href="http://255.0.0.0" target="_blank">255.0.0.0</a> U 0 0 0 eth1<br>default * <a href="http://0.0.0.0" target="_blank">0.0.0.0</a> U 0 0 0 ppp0<br>
# iptables -L<br>Chain INPUT (policy ACCEPT)<br>target prot opt source destination <br>LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level info prefix `ACC_OUT:' <br>
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,ACK/SYN LOG level debug tcp-options <br>REJECT tcp -- anywhere anywhere tcp flags:FIN,SYN,ACK/SYN reject-with icmp-port-unreachable <br>
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp <br>ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 <br>ACCEPT tcp -- anywhere anywhere tcp dpt:imap <br>
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh <br>ACCEPT all -- anywhere anywhere <br>ACCEPT all -- anywhere anywhere <br>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED <br>
<br>Chain FORWARD (policy ACCEPT)<br>target prot opt source destination <br>DROP tcp -- anywhere anywhere <br>ACCEPT all -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere <br>
ACCEPT all -- anywhere <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> <br>DROP tcp -- anywhere anywhere <br>DROP tcp -- anywhere anywhere <br>
ACCEPT icmp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere <br>ACCEPT icmp -- anywhere <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> <br>
ACCEPT udp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere udp dpt:domain <br>
ACCEPT udp -- anywhere <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> udp spt:domain <br>ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport dports ftp-data <br>
ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport dports ftp <br>ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport dports smtp <br>
ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport dports http <br>ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport dports pop3 <br>
ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport dports webcache <br>ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport sports ftp-data <br>
ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport sports ftp <br>ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport sports smtp <br>
ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport sports http <br>ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport sports pop3 <br>
ACCEPT tcp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere multiport sports webcache <br>DROP !icmp -- <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> anywhere state INVALID <br>
DROP !icmp -- anywhere <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> state INVALID <br>DROP all -- anywhere anywhere <br><br>Chain OUTPUT (policy ACCEPT)<br>
target prot opt source destination <br>
LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level info prefix `ACC_IN:' <br><br>
</blockquote></div><br>