What does
Iptables -nL
Show? ------Original Message------ From: Marcus Moeller Sender: centos-bounces@centos.org To: CentOS mailing list ReplyTo: CentOS mailing list Sent: Feb 6, 2009 1:15 PM Subject: Re: [CentOS] iptables: forwarding on internal device
Dear Josh,
What does your input and output chains show?
Josh
I guess you mean the forward rules:
ACCEPT all -- eth0 eth0 anywhere anywhere state NEW,RELATED,ESTABLISHED
Best Regards Marcus _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Sent via BlackBerry from T-Mobile
Hi Again.
Iptables -nL
Show?
Here is the complete output (there are a lot of other rules active on that machine):
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 my_drop all -- 10.0.0.0/8 0.0.0.0/0 my_drop all -- 172.16.0.0/12 0.0.0.0/0 my_drop all -- 192.168.0.0/16 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW my_drop tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3128 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 172.28.0.16 tcp dpt:1249 ACCEPT tcp -- 0.0.0.0/0 192.168.171.253 tcp dpt:25 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:1194 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1723 state NEW ACCEPT 47 -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1494 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:8000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:1000:1004 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:6667 state NEW ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:866 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 134.130.4.17 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 130.149.17.21 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:123 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:43 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:113 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain my_drop (7 references) target prot opt source destination REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:4661:4662 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4665 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1214 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:137:139 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 reject-with icmp-port-unreachable LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP-SYN ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-UDP ' REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable DROP udp -- 0.0.0.0/0 0.0.0.0/0 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `DROP-ICMP ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-PROTO-ETC ' REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable DROP all -- 0.0.0.0/0 0.0.0.0/0
Best Regards Marcus
You are going to have to add rules to both your INPUT and OUTPUT chains to allow this traffic through. Could you send on a copy of /etc/sysconfig/iptables, if that is how your are loading these rules? I could then send you the exact commands to run.
Josh
On Fri, Feb 6, 2009 at 1:57 PM, Marcus Moeller mm@gcug.de wrote:
Hi Again.
Iptables -nL
Show?
Here is the complete output (there are a lot of other rules active on that machine):
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 my_drop all -- 10.0.0.0/8 0.0.0.0/0 my_drop all -- 172.16.0.0/12 0.0.0.0/0 my_drop all -- 192.168.0.0/16 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW my_drop tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3128 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 172.28.0.16 tcp dpt:1249 ACCEPT tcp -- 0.0.0.0/0 192.168.171.253 tcp dpt:25 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:1194 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1723 state NEW ACCEPT 47 -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1494 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:8000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:1000:1004 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:6667 state NEW ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:866 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 134.130.4.17 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 130.149.17.21 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:123 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:43 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:113 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain my_drop (7 references) target prot opt source destination REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:4661:4662 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4665 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1214 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:137:139 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 reject-with icmp-port-unreachable LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP-SYN ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-UDP ' REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable DROP udp -- 0.0.0.0/0 0.0.0.0/0 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `DROP-ICMP ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-PROTO-ETC ' REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable DROP all -- 0.0.0.0/0 0.0.0.0/0
Best Regards Marcus _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Dear Joshua.
You are going to have to add rules to both your INPUT and OUTPUT chains to allow this traffic through. Could you send on a copy of /etc/sysconfig/iptables, if that is how your are loading these rules? I could then send you the exact commands to run.
I am not sure why I schould add input and output rules if I want to forward packages through a device but I can give it a try.
Btw. I am using service iptables save at the bottom of my script to store the rules.
Best Regards Marcus
Josh
On Fri, Feb 6, 2009 at 1:57 PM, Marcus Moeller mm@gcug.de wrote:
Hi Again.
Iptables -nL
Show?
Here is the complete output (there are a lot of other rules active on that machine):
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 my_drop all -- 10.0.0.0/8 0.0.0.0/0 my_drop all -- 172.16.0.0/12 0.0.0.0/0 my_drop all -- 192.168.0.0/16 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW my_drop tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3128 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 172.28.0.16 tcp dpt:1249 ACCEPT tcp -- 0.0.0.0/0 192.168.171.253 tcp dpt:25 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:1194 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1723 state NEW ACCEPT 47 -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1494 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:8000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:1000:1004 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:6667 state NEW ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:866 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 134.130.4.17 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 130.149.17.21 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:123 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:43 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:113 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain my_drop (7 references) target prot opt source destination REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:4661:4662 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4665 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1214 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:137:139 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 reject-with icmp-port-unreachable LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP-SYN ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-UDP ' REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable DROP udp -- 0.0.0.0/0 0.0.0.0/0 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `DROP-ICMP ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-PROTO-ETC ' REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable DROP all -- 0.0.0.0/0 0.0.0.0/0
Best Regards Marcus _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Thx Joshua Gimer _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Sat, 2009-02-07 at 08:43 +0100, Marcus Moeller wrote:
Dear Joshua.
You are going to have to add rules to both your INPUT and OUTPUT chains to allow this traffic through. Could you send on a copy of /etc/sysconfig/iptables, if that is how your are loading these rules? I could then send you the exact commands to run.
One thing I notice is that you call the my_drop chain from INPUT, OUTPUT and FORWARD chains. Since you are trying to route packets in/out the same interface, there is no way to tell whether the packets are actually being dropped on INPUT, OUTPUT or FORWARD. If you were to change things, at least temporarily so that your DROP printed a different message for INPUT, OUTPUT and FORWARD, you would at least be able to tell where the packets are being dropped. The fastest way to do this might be to duplicate the my_drop chain as my_drop_input, my_drop_output and my_drop_forward, change the message in each and call the correct one from each chain. Then you would at least know where the problem was.
Nataraj
I am not sure why I schould add input and output rules if I want to forward packages through a device but I can give it a try.
Btw. I am using service iptables save at the bottom of my script to store the rules.
Best Regards Marcus
Josh
On Fri, Feb 6, 2009 at 1:57 PM, Marcus Moeller mm@gcug.de wrote:
Hi Again.
Iptables -nL
Show?
Here is the complete output (there are a lot of other rules active on that machine):
Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 my_drop all -- 10.0.0.0/8 0.0.0.0/0 my_drop all -- 172.16.0.0/12 0.0.0.0/0 my_drop all -- 192.168.0.0/16 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW my_drop tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3128 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 172.28.0.16 tcp dpt:1249 ACCEPT tcp -- 0.0.0.0/0 192.168.171.253 tcp dpt:25 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:1194 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1723 state NEW ACCEPT 47 -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:37 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:1494 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:8000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:1000:1004 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:6667 state NEW ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:3000 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:866 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:6277 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:2703 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:446 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpts:20:21 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:443 state NEW ACCEPT tcp -- 0.0.0.0/0 192.168.100.4 tcp spts:1024:65535 dpt:443 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53 state NEW ACCEPT udp -- 0.0.0.0/0 134.130.4.17 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 130.149.17.21 udp spts:1024:65535 dpt:37 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:123 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:43 state NEW ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:113 state NEW ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 my_drop all -- 0.0.0.0/0 0.0.0.0/0
Chain my_drop (7 references) target prot opt source destination REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:4661:4662 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4665 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1214 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:137:139 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 reject-with icmp-port-unreachable LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP-SYN ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-TCP ' REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset DROP tcp -- 0.0.0.0/0 0.0.0.0/0 LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-UDP ' REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable DROP udp -- 0.0.0.0/0 0.0.0.0/0 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `DROP-ICMP ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 6 prefix `DROP-PROTO-ETC ' REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable DROP all -- 0.0.0.0/0 0.0.0.0/0
Best Regards Marcus _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Thx Joshua Gimer _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Dear Nataraj,
You are going to have to add rules to both your INPUT and OUTPUT chains to allow this traffic through. Could you send on a copy of /etc/sysconfig/iptables, if that is how your are loading these rules? I could then send you the exact commands to run.
One thing I notice is that you call the my_drop chain from INPUT, OUTPUT and FORWARD chains. Since you are trying to route packets in/out the same interface, there is no way to tell whether the packets are actually being dropped on INPUT, OUTPUT or FORWARD. If you were to change things, at least temporarily so that your DROP printed a different message for INPUT, OUTPUT and FORWARD, you would at least be able to tell where the packets are being dropped. The fastest way to do this might be to duplicate the my_drop chain as my_drop_input, my_drop_output and my_drop_forward, change the message in each and call the correct one from each chain. Then you would at least know where the problem was.
Thanks for the tip. I am going to give it a try.
Best Regards Marcus
-
jgimer@gmail.com -
Joshua Gimer
-
Marcus Moeller -
Nataraj