Não pude encontrar a porta 21, o que sera que tem na porta 21?<div><br></div><div><br><br><div class="gmail_quote">2009/11/13 Wagner Quedi <span dir="ltr"><<a href="mailto:wagner@quedinet.com.br">wagner@quedinet.com.br</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">amigos, gostaria de uma ajuda de vcs para tentar entender pq FTP nao<br>
passa por esse firewall<br>
nem via internet explorer / firefox nem via filezilla<br>
<br>
IPTABLE-SAVE<br>
[root@xeon squid]# iptables-save<br>
# Generated by iptables-save v1.3.5 on Fri Nov 13 10:10:38 2009<br>
*mangle<br>
:PREROUTING ACCEPT [81554731:45935143966]<br>
:INPUT ACCEPT [71344510:41716336442]<br>
:FORWARD ACCEPT [10175480:4216524496]<br>
:OUTPUT ACCEPT [75822741:44330541946]<br>
:POSTROUTING ACCEPT [85748172:48529137407]<br>
COMMIT<br>
# Completed on Fri Nov 13 10:10:38 2009<br>
# Generated by iptables-save v1.3.5 on Fri Nov 13 10:10:38 2009<br>
*nat<br>
:PREROUTING ACCEPT [787179:52922477]<br>
:POSTROUTING ACCEPT [4202374:263842377]<br>
:OUTPUT ACCEPT [4205329:264793510]<br>
-A PREROUTING -i eth0 -p tcp -m tcp --dport 22 -j LOG --log-prefix<br>
"ACESSO SSH INVALIDO "<br>
-A PREROUTING -i eth0 -p tcp -m tcp --dport 2123 -j LOG --log-prefix<br>
"ACESSO SSH VALIDO "<br>
-A PREROUTING -i eth0 -p tcp -m tcp --dport 8291 -j LOG --log-prefix<br>
"ACESSO WINBOX "<br>
-A PREROUTING -p tcp -m tcp --dport 3389 -j LOG --log-prefix "ACESSO<br>
TERMINAL REMOTO WIN "<br>
-A PREROUTING -p tcp -m tcp --dport 1863 -j REDIRECT --to-ports 16667<br>
-A PREROUTING -p tcp -m tcp --dport 5222 -j REDIRECT --to-ports 16667<br>
-A PREROUTING -p tcp -m tcp --dport 5223 -j REDIRECT --to-ports 16667<br>
-A PREROUTING -p tcp -m tcp --dport 5190 -j REDIRECT --to-ports 16667<br>
-A PREROUTING -p tcp -m tcp --dport 5050 -j REDIRECT --to-ports 16667<br>
-A PREROUTING -p tcp -m tcp --dport 6667 -j REDIRECT --to-ports 16667<br>
-A PREROUTING -p tcp -m tcp --dport 8074 -j REDIRECT --to-ports 16667<br>
-A PREROUTING -s <a href="http://192.168.0.0/255.255.255.0" target="_blank">192.168.0.0/255.255.255.0</a> -p tcp -m tcp --dport 80 -j<br>
DNAT --to-destination <a href="http://192.168.0.1:3128" target="_blank">192.168.0.1:3128</a><br>
-A PREROUTING -s <a href="http://10.1.1.0/255.255.255.0" target="_blank">10.1.1.0/255.255.255.0</a> -p tcp -m tcp --dport 80 -j<br>
DNAT --to-destination <a href="http://192.168.0.1:3128" target="_blank">192.168.0.1:3128</a><br>
-A PREROUTING -p tcp -m tcp --dport 21 -j LOG --log-prefix "ACESSO-FTP 1: "<br>
-A PREROUTING -p tcp -m tcp --dport 21 -j ACCEPT<br>
-A PREROUTING -i eth0 -p tcp -m tcp --dport 8291 -j DNAT<br>
--to-destination 10.1.1.2<br>
-A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT<br>
--to-destination 192.168.0.161<br>
-A PREROUTING -i eth1 -p tcp -m tcp --dport 3389 -j DNAT<br>
--to-destination 192.168.0.161<br>
-A PREROUTING -i eth2 -p tcp -m tcp --dport 3389 -j DNAT<br>
--to-destination 192.168.0.161<br>
-A POSTROUTING -s <a href="http://192.168.0.0/255.255.255.0" target="_blank">192.168.0.0/255.255.255.0</a> -j MASQUERADE<br>
-A POSTROUTING -s <a href="http://10.1.1.0/255.255.255.0" target="_blank">10.1.1.0/255.255.255.0</a> -j MASQUERADE<br>
COMMIT<br>
# Completed on Fri Nov 13 10:10:38 2009<br>
# Generated by iptables-save v1.3.5 on Fri Nov 13 10:10:38 2009<br>
*filter<br>
:INPUT ACCEPT [71344513:41716336648]<br>
:FORWARD ACCEPT [9925408:4198594581]<br>
:OUTPUT ACCEPT [75822716:44330539614]<br>
-A FORWARD -m layer7 --l7proto bittorrent -j DROP<br>
-A FORWARD -m layer7 --l7proto gnutella -j DROP<br>
-A FORWARD -m layer7 --l7proto edonkey -j DROP<br>
-A FORWARD -m layer7 --l7proto directconnect -j DROP<br>
-A FORWARD -m layer7 --l7proto napster -j DROP<br>
-A FORWARD -m layer7 --l7proto soulseek -j DROP<br>
-A FORWARD -m layer7 --l7proto fasttrack -j DROP<br>
-A FORWARD -m layer7 --l7proto ares -j DROP<br>
-A FORWARD -m layer7 --l7proto httpvideo -j DROP<br>
-A FORWARD -m layer7 --l7proto skypeout -j DROP<br>
-A FORWARD -m layer7 --l7proto skypetoskype -j DROP<br>
-A FORWARD -m layer7 --l7proto msn-filetransfer -j DROP<br>
COMMIT<br>
# Completed on Fri Nov 13 10:10:38 2009<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
alguem poderia me dar uma luz ???<br>
<br>
--<br>
Muitas pessoas poderiam ter sucesso em pequenas coisas se não se<br>
deixassem atormentar por grandes ambições!<br>
------------------------------------------------------<br>
Wagner Quedi Rosa .·.<br>
QuediNet Internet Service<br>
Soluções Inteligentes em T.I.<br>
<br>
Fone: (69) 8403-1158<br>
Skype: wagner_quedi<br>
E-Mail/MSN: <a href="mailto:wagner@quedinet.com.br">wagner@quedinet.com.br</a><br>
Site: <a href="http://www.quedinet.com.br" target="_blank">www.quedinet.com.br</a><br>
------------------------------------------------------<br>
_______________________________________________<br>
CentOS-pt-br mailing list<br>
<a href="mailto:CentOS-pt-br@centos.org">CentOS-pt-br@centos.org</a><br>
<a href="http://lists.centos.org/mailman/listinfo/centos-pt-br" target="_blank">http://lists.centos.org/mailman/listinfo/centos-pt-br</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>Att.,<br><br>Ciro M. Brandão<br><br>CONTATO<br>Cel.: +55 (75) 8835-1778<br>MSN: <a href="mailto:cirobrandao@gmail.com">cirobrandao@gmail.com</a><br>Skype: ciro.uwc32<br>
</div>