Hi all,
I get a virtualmin server on ubuntu 12.04
Everything was good until i decided to add a second network card to connect the server to my LAN.
For now it's still working perfectly from the outside meaning that my WAN IP address is still correct.
here is my ifconfig:
eth0 Link encap:Ethernet HWaddr 00:0c:29:96:40:2c
inet adr:84.253.XX.XX Bcast:84.253.XX.XX Masque:255.255.255.252
adr inet6: fe80::20c:29ff:fe96:402c/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Packets reçus:2664035 erreurs:0 :0 overruns:0 frame:0
TX packets:2826116 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
Octets reçus:673594010 (673.5 MB) Octets transmis:571750257 (571.7 MB )
eth1 Link encap:Ethernet HWaddr 00:0c:29:96:40:36
inet adr:192.168.0.XX Bcast:192.168.0.255 Masque:255.255.255.0
adr inet6: fe80::20c:29ff:fe96:4036/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Packets reçus:5034437 erreurs:0 :751 overruns:0 frame:0
TX packets:757841 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
Octets reçus:595863867 (595.8 MB) Octets transmis:91481995 (91.4 MB)
lo Link encap:Boucle locale
inet adr:127.0.0.1 Masque:255.0.0.0
adr inet6: ::1/128 Scope:Hôte
UP LOOPBACK RUNNING MTU:16436 Metric:1
Packets reçus:78431 erreurs:0 :0 overruns:0 frame:0
TX packets:78431 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
Octets reçus:8651952 (8.6 MB) Octets transmis:8651952 (8.6 MB)
and here is my iptable:
root@test:~# sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH _IN:"
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:20000
ACCEPT tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:submission
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH _IN:"
Chain FORWARD (policy ACCEPT)
target prot opt source destination
LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH _OUT:"
LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH _IN:"
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH _OUT:"
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
It seems that what is missing is called Hairpinning NAT.
May someone help me putting this in place ?
Thank you very much,
Fred