New server, not working...

1. Linux server 2.6.38-10-server #44-Ubuntu SMP Thu Jun 2 21:49:30 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
2. root@server:~# cat /etc/iproute2/rt_tables
3. #
4. # reserved values
5. #
6. 255 local
7. 254 main
8. 253 default
9. 0 unspec
10. #
11. # local
12. #
13. #1 inr.ruhep
14. 1 ISP1
15. 2 ISP2
16. 3 VPN1
17.  
18. root@server:/etc# ip route show | sort
19. 10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.2
20. 174.4.4.74 dev eth0 scope link src 174.4.4.74
21. 174.4.4.0/22 dev eth0 proto kernel scope link src 174.4.4.74 metric 10
22. 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1 metric 10
23. 50.92.224.0/19 dev eth2 proto kernel scope link src 50.92.247.211 metric 10
24. 50.92.247.211 dev eth2 scope link src 50.92.247.211
25. 63.211.239.14 via 50.92.224.1 dev eth2
26. 8.3.252.23 via 50.92.224.1 dev eth2
27. default via 174.4.4.1 dev eth0
28.  
29. root@server:~# ip rule show
30. 0: from all lookup local
31. 32760: from all fwmark 0x3 lookup VPN1
32. 32761: from all fwmark 0x2 lookup ISP2
33. 32762: from all fwmark 0x1 lookup ISP1
34. 32763: from 10.8.0.2 lookup VPN1
35. 32764: from 50.92.247.211 lookup ISP2
36. 32765: from 174.4.4.74 lookup ISP1
37. 32766: from all lookup main
38. 32767: from all lookup default
39.  
40. root@server:~# iptables -S
41. -P INPUT ACCEPT
42. -P FORWARD ACCEPT
43. -P OUTPUT ACCEPT
44. -A INPUT -s 207.150.193.134/32 -p tcp -m tcp --dport 5060:5061 -j ACCEPT
45. -A INPUT -s 64.34.96.201/32 -p tcp -m tcp --dport 5060:5061 -j ACCEPT
46. -A INPUT -s 64.34.96.202/32 -p tcp -m tcp --dport 5060:5061 -j ACCEPT
47. -A INPUT -s 8.3.252.23/32 -p tcp -m tcp --dport 5060:5061 -j ACCEPT
48. -A INPUT -s 63.211.239.14/32 -p tcp -m tcp --dport 5060:5061 -j ACCEPT
49. -A INPUT -s 207.150.193.134/32 -p udp -m udp --dport 5060:5061 -j ACCEPT
50. -A INPUT -s 64.34.96.201/32 -p udp -m udp --dport 5060:5061 -j ACCEPT
51. -A INPUT -s 64.34.96.202/32 -p udp -m udp --dport 5060:5061 -j ACCEPT
52. -A INPUT -s 8.3.252.23/32 -p udp -m udp --dport 5060:5061 -j ACCEPT
53. -A INPUT -s 63.211.239.14/32 -p udp -m udp --dport 5060:5061 -j ACCEPT
54. -A INPUT -i eth0 -p tcp -m tcp --dport 5060:5061 -j DROP
55. -A INPUT -i eth2 -p tcp -m tcp --dport 5060:5061 -j DROP
56. -A INPUT -i eth0 -p udp -m udp --dport 5060:5061 -j DROP
57. -A INPUT -i eth2 -p udp -m udp --dport 5060:5061 -j DROP
58. -A INPUT -s 68.75.86.8/32 -j DROP
59. -A INPUT -s 174.133.3.178/32 -j DROP
60.  
61. root@server:~# iptables -S -t nat
62. -P PREROUTING ACCEPT
63. -P INPUT ACCEPT
64. -P OUTPUT ACCEPT
65. -P POSTROUTING ACCEPT
66. -A PREROUTING -i eth0 -p tcp -m tcp --dport 88 -j DNAT --to-destination 192.168.1.19
67. -A PREROUTING -i eth0 -p tcp -m tcp --dport 3074 -j DNAT --to-destination 192.168.1.19
68. -A PREROUTING -i eth2 -p tcp -m tcp --dport 88 -j DNAT --to-destination 192.168.1.19
69. -A PREROUTING -i eth2 -p tcp -m tcp --dport 3074 -j DNAT --to-destination 192.168.1.19
70. -A PREROUTING -i eth0 -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.9:80
71. -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 192.168.1.9:443
72. -A PREROUTING -i eth0 -p tcp -m tcp --dport 4343 -j DNAT --to-destination 192.168.1.9:443
73. -A PREROUTING -i eth0 -p tcp -m tcp --dport 69 -j DNAT --to-destination 192.168.1.9:69
74. -A PREROUTING -i eth0 -p udp -m udp --dport 69 -j DNAT --to-destination 192.168.1.9:69
75. -A PREROUTING -i eth0 -p tcp -m tcp --dport 22 -j DNAT --to-destination 192.168.1.9:22
76. -A PREROUTING -i eth0 -p tcp -m tcp --dport 2323 -j DNAT --to-destination 192.168.1.201:23
77. -A PREROUTING -i eth0 -p tcp -m tcp --dport 2380 -j DNAT --to-destination 192.168.1.201:80
78. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5501 -j DNAT --to-destination 192.168.1.98:5501
79. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5800 -j DNAT --to-destination 192.168.1.98:5800
80. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5900 -j DNAT --to-destination 192.168.1.98:5900
81. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5901 -j DNAT --to-destination 192.168.1.98:5901
82. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5902 -j DNAT --to-destination 192.168.1.98:5902
83. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5903 -j DNAT --to-destination 192.168.1.98:5903
84. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5904 -j DNAT --to-destination 192.168.1.98:5904
85. -A PREROUTING -i eth0 -p tcp -m tcp --dport 5910 -j DNAT --to-destination 192.168.1.9:5900
86. -A PREROUTING -i eth0 -p tcp -m tcp --dport 40696 -j DNAT --to-destination 192.168.1.99:40696
87. -A PREROUTING -i eth0 -p tcp -m tcp --dport 50263 -j DNAT --to-destination 192.168.1.9:50263
88. -A PREROUTING -i eth0 -p udp -m udp --dport 4444 -j DNAT --to-destination 192.168.1.9:4444
89. -A PREROUTING -i eth0 -p udp -m udp --dport 6881 -j DNAT --to-destination 192.168.1.9:6881
90. -A PREROUTING -i eth0 -p tcp -m tcp --dport 6881 -j DNAT --to-destination 192.168.1.9:6881
91. -A PREROUTING -i eth0 -p udp -m udp --dport 1200 -j DNAT --to-destination 192.168.1.98:1200
92. -A PREROUTING -i eth0 -p udp -m udp --dport 27000:27015 -j DNAT --to-destination 192.168.1.98
93. -A PREROUTING -i eth0 -p tcp -m tcp --dport 27030:27039 -j DNAT --to-destination 192.168.1.98
94. -A POSTROUTING -o tun0 -j SNAT --to-source 10.8.0.2
95. -A POSTROUTING -o eth2 -j SNAT --to-source 50.92.247.211
96. -A POSTROUTING -o eth0 -j SNAT --to-source 174.4.4.74
97.  
98. root@server:~# iptables -S -t mangle
99. -P PREROUTING ACCEPT
100. -P INPUT ACCEPT
101. -P FORWARD ACCEPT
102. -P OUTPUT ACCEPT
103. -P POSTROUTING ACCEPT
104. -A PREROUTING -i eth1 -p udp -m udp --dport 4569 -j MARK --set-xmark 0x2/0xffffffff
105. -A PREROUTING -p udp -m udp --dport 5060:5061 -j MARK --set-xmark 0x2/0xffffffff
106. -A PREROUTING -p udp -m udp --dport 10000:20000 -j MARK --set-xmark 0x2/0xffffffff
107. -A PREROUTING -s 192.168.1.19/32 -i eth1 -j MARK --set-xmark 0x3/0xffffffff
108. -A PREROUTING -d 69.53.236.17/32 -i eth1 -p tcp -m tcp --dport 80 -j MARK --set-xmark 0x3/0xffffffff
109. -A PREROUTING -d 69.53.236.17/32 -i eth1 -p tcp -m tcp --dport 443 -j MARK --set-xmark 0x3/0xffffffff
110. -A PREROUTING -d 24.244.52.99/32 -i eth1 -p tcp -m tcp --dport 80 -j MARK --set-xmark 0x3/0xffffffff
111. -A PREROUTING -d 24.244.52.81/32 -i eth1 -p tcp -m tcp --dport 80 -j MARK --set-xmark 0x3/0xffffffff
112. -A PREROUTING -d 24.244.52.104/32 -i eth1 -p tcp -m tcp --dport 80 -j MARK --set-xmark 0x3/0xffffffff
113. -A PREROUTING -d 24.244.52.83/32 -i eth1 -p tcp -m tcp --dport 80 -j MARK --set-xmark 0x3/0xffffffff
114. -A PREROUTING -d 24.244.52.104/32 -i eth1 -p tcp -m tcp --dport 443 -j MARK --set-xmark 0x3/0xffffffff
115. -A PREROUTING -d 24.244.52.83/32 -i eth1 -p tcp -m tcp --dport 443 -j MARK --set-xmark 0x3/0xffffffff
116. -A PREROUTING -d 64.59.168.13/32 -i eth1 -j MARK --set-xmark 0x1/0xffffffff
117. -A PREROUTING -d 64.59.168.15/32 -i eth1 -j MARK --set-xmark 0x1/0xffffffff
118. -A PREROUTING -d 154.11.128.187/32 -i eth1 -j MARK --set-xmark 0x2/0xffffffff
119. -A PREROUTING -d 154.11.128.59/32 -i eth1 -j MARK --set-xmark 0x2/0xffffffff
120. -A PREROUTING -p tcp -m tcp --sport 80 -j TOS --set-tos 0x10/0x3f
121. -A PREROUTING -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10/0x3f
122. -A PREROUTING -p tcp -m tcp --sport 4569 -j TOS --set-tos 0x10/0x3f
123. -A PREROUTING -p tcp -m tcp --sport 21 -j TOS --set-tos 0x10/0x3f
124. -A PREROUTING -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08/0x3f
125. -A PREROUTING -p icmp -m icmp --icmp-type 8 -j TOS --set-tos 0x10/0x3f
126. -A PREROUTING -p udp -j TOS --set-tos 0x10/0x3f
127. -A OUTPUT -p tcp -m tcp --dport 80 -j TOS --set-tos 0x10/0x3f
128. -A OUTPUT -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10/0x3f
129. -A OUTPUT -p tcp -m tcp --dport 4569 -j TOS --set-tos 0x10/0x3f
130. -A OUTPUT -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10/0x3f
131. -A OUTPUT -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08/0x3f
132. -A OUTPUT -p icmp -m icmp --icmp-type 8 -j TOS --set-tos 0x10/0x3f
133. -A OUTPUT -p udp -j TOS --set-tos 0x10/0x3f
134.  
135. root@server:~# iptables -S -t raw
136. -P PREROUTING ACCEPT
137. -P OUTPUT ACCEPT