What part of my iptable isn't working correctly?Unable to make outbound SNMP connections when IPTables is enabledIptables in linuxISC DHCP Server - A Client's Uplink Is Not Workingopenvpn: iptables not forwardingHow to block communication between 2 different subnets?IPTable mangle rule to mark traffic for route tableiptables - 2 Internetprovider - routingopenvpn connect two netsHow to catch conntrack markers correctly?How to route traffic from a specific user through a VPN on Linux

Does the average primeness of natural numbers tend to zero?

New order #4: World

A poker game description that does not feel gimmicky

extract characters between two commas?

Patience, young "Padovan"

Why did the Germans forbid the possession of pet pigeons in Rostov-on-Don in 1941?

COUNT(*) or MAX(id) - which is faster?

"My colleague's body is amazing"

Is there any use for defining additional entity types in a SOQL FROM clause?

Finding files for which a command fails

Why do we use polarized capacitors?

Shall I use personal or official e-mail account when registering to external websites for work purpose?

Is Social Media Science Fiction?

What does 'script /dev/null' do?

Information to fellow intern about hiring?

Lied on resume at previous job

What are the advantages and disadvantages of running one shots compared to campaigns?

What happens when a metallic dragon and a chromatic dragon mate?

Symmetry in quantum mechanics

How would photo IDs work for shapeshifters?

Extreme, but not acceptable situation and I can't start the work tomorrow morning

Filling an area between two curves

Why do UK politicians seemingly ignore opinion polls on Brexit?

Is there a name of the flying bionic bird?



What part of my iptable isn't working correctly?


Unable to make outbound SNMP connections when IPTables is enabledIptables in linuxISC DHCP Server - A Client's Uplink Is Not Workingopenvpn: iptables not forwardingHow to block communication between 2 different subnets?IPTable mangle rule to mark traffic for route tableiptables - 2 Internetprovider - routingopenvpn connect two netsHow to catch conntrack markers correctly?How to route traffic from a specific user through a VPN on Linux






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















I've followed two separate guides(1, 2) to setup my Raspberry Pi up as a VPN router. To clarify, the RPi isn't acting as a VPN server but rather acting as a router to forward traffic from some, but not all, LAN clients to a third party VPN provider.



The network topology is as follows. There are a number of clients that connect to a home router either by wireless or Ethernet. The Pi hosting the VPN is connected to the router by Ethernet and is assigned a static IP.



Some of the clients use the router as their default gateway. Their traffic is passed on without entering the VPN tunnel. Other clients use the Pi's IP address as their default gateway. The Pi receives their traffic and then forwards it on through the VPN tunnel.



Rather than just mindlessly copy and paste commands I wanted to know what I was doing. When I encountered iptables I went over a few basic tutorials to try understand them.



I ended up with the following set of iptables (a mix of both guides):



-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -p tcp -m tcp --dport 4711:4720 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i lo -m comment --comment Loopback -j ACCEPT
-A INPUT -i eth0 -p icmp -m comment --comment IMCP -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -m comment --comment SSH -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5900 -m comment --comment "VNC 5900" -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5901 -m comment --comment "VNC 5901" -j ACCEPT
-A FORWARD -i eth0 -o tun0 -m comment --comment "Enable LAN connection" -j ACCEPT
-A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o tun0 -m comment --comment vpn -j ACCEPT (rule 1)
-A OUTPUT -o eth0 -p icmp -m comment --comment icmp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -m comment --comment openvpn -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -m comment --comment ssh -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -m comment --comment "Network Time Protocol" -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -m comment --comment lan -j ACCEPT (rule 8)
-A OUTPUT -o eth0 -j DROP (rule 9)


The purpose of these rules is to accomplish three things:



  1. Route all traffic the Pi receives from within the LAN out through the VPN tunnel.

  2. Try provide some security from WAN to LAN.

  3. Restrict traffic so that the traffic from the LAN clients can only go out through the VPN.

With the above iptable none of the connected clients can access the internet. To troubleshoot I removed rule 9 from the output chain. This resolved my issue and as far as I can tell is working as I intend.



With rule 9 removed the clients connect through the VPN and when the VPN goes down they cannot access the internet.



Questions 1.
Why does rule 9 currently block all my traffic? From my understanding rule 1 should allow all traffic going out onto the VPN (tun0 interface) and rule 8 should allow the traffic to return to a client on the LAN(for example the client at 192.168.0.1). From my understanding either rule 1 or rule 8 appears to not be working as intended.



Question 2.
I am correct in thinking that rule 9 is redundant? I think this because the default action of the forward chain is drop and unless traffic from eth0 is going to tun0 then it will be dropped anyway?






iptables routing vpn







share|improve this question
























  • Please describe your network topology. For example, is this device between the LAN and WAN? Is it the main WAN router? How do you differentiate the "some" clients that can use it and those that can't. What should happen to traffic from this second group of clients? Which routes should be sent across the VPN and which should not?

    – roaima
    Mar 28 at 19:53












  • Please add all that to your question - ideally as if you'd provided it originally. Don't use "edit" or "update", but make the question flow. Comments don't always get read by people answering a question, and can be deleted. Make it easy for us to help you.

    – roaima
    Mar 29 at 7:47

















0















I've followed two separate guides(1, 2) to setup my Raspberry Pi up as a VPN router. To clarify, the RPi isn't acting as a VPN server but rather acting as a router to forward traffic from some, but not all, LAN clients to a third party VPN provider.



The network topology is as follows. There are a number of clients that connect to a home router either by wireless or Ethernet. The Pi hosting the VPN is connected to the router by Ethernet and is assigned a static IP.



Some of the clients use the router as their default gateway. Their traffic is passed on without entering the VPN tunnel. Other clients use the Pi's IP address as their default gateway. The Pi receives their traffic and then forwards it on through the VPN tunnel.



Rather than just mindlessly copy and paste commands I wanted to know what I was doing. When I encountered iptables I went over a few basic tutorials to try understand them.



I ended up with the following set of iptables (a mix of both guides):



-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -p tcp -m tcp --dport 4711:4720 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i lo -m comment --comment Loopback -j ACCEPT
-A INPUT -i eth0 -p icmp -m comment --comment IMCP -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -m comment --comment SSH -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5900 -m comment --comment "VNC 5900" -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5901 -m comment --comment "VNC 5901" -j ACCEPT
-A FORWARD -i eth0 -o tun0 -m comment --comment "Enable LAN connection" -j ACCEPT
-A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o tun0 -m comment --comment vpn -j ACCEPT (rule 1)
-A OUTPUT -o eth0 -p icmp -m comment --comment icmp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -m comment --comment openvpn -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -m comment --comment ssh -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -m comment --comment "Network Time Protocol" -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -m comment --comment lan -j ACCEPT (rule 8)
-A OUTPUT -o eth0 -j DROP (rule 9)


The purpose of these rules is to accomplish three things:



  1. Route all traffic the Pi receives from within the LAN out through the VPN tunnel.

  2. Try provide some security from WAN to LAN.

  3. Restrict traffic so that the traffic from the LAN clients can only go out through the VPN.

With the above iptable none of the connected clients can access the internet. To troubleshoot I removed rule 9 from the output chain. This resolved my issue and as far as I can tell is working as I intend.



With rule 9 removed the clients connect through the VPN and when the VPN goes down they cannot access the internet.



Questions 1.
Why does rule 9 currently block all my traffic? From my understanding rule 1 should allow all traffic going out onto the VPN (tun0 interface) and rule 8 should allow the traffic to return to a client on the LAN(for example the client at 192.168.0.1). From my understanding either rule 1 or rule 8 appears to not be working as intended.



Question 2.
I am correct in thinking that rule 9 is redundant? I think this because the default action of the forward chain is drop and unless traffic from eth0 is going to tun0 then it will be dropped anyway?






iptables routing vpn







share|improve this question
























  • Please describe your network topology. For example, is this device between the LAN and WAN? Is it the main WAN router? How do you differentiate the "some" clients that can use it and those that can't. What should happen to traffic from this second group of clients? Which routes should be sent across the VPN and which should not?

    – roaima
    Mar 28 at 19:53












  • Please add all that to your question - ideally as if you'd provided it originally. Don't use "edit" or "update", but make the question flow. Comments don't always get read by people answering a question, and can be deleted. Make it easy for us to help you.

    – roaima
    Mar 29 at 7:47













0












0








0








I've followed two separate guides(1, 2) to setup my Raspberry Pi up as a VPN router. To clarify, the RPi isn't acting as a VPN server but rather acting as a router to forward traffic from some, but not all, LAN clients to a third party VPN provider.



The network topology is as follows. There are a number of clients that connect to a home router either by wireless or Ethernet. The Pi hosting the VPN is connected to the router by Ethernet and is assigned a static IP.



Some of the clients use the router as their default gateway. Their traffic is passed on without entering the VPN tunnel. Other clients use the Pi's IP address as their default gateway. The Pi receives their traffic and then forwards it on through the VPN tunnel.



Rather than just mindlessly copy and paste commands I wanted to know what I was doing. When I encountered iptables I went over a few basic tutorials to try understand them.



I ended up with the following set of iptables (a mix of both guides):



-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -p tcp -m tcp --dport 4711:4720 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i lo -m comment --comment Loopback -j ACCEPT
-A INPUT -i eth0 -p icmp -m comment --comment IMCP -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -m comment --comment SSH -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5900 -m comment --comment "VNC 5900" -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5901 -m comment --comment "VNC 5901" -j ACCEPT
-A FORWARD -i eth0 -o tun0 -m comment --comment "Enable LAN connection" -j ACCEPT
-A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o tun0 -m comment --comment vpn -j ACCEPT (rule 1)
-A OUTPUT -o eth0 -p icmp -m comment --comment icmp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -m comment --comment openvpn -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -m comment --comment ssh -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -m comment --comment "Network Time Protocol" -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -m comment --comment lan -j ACCEPT (rule 8)
-A OUTPUT -o eth0 -j DROP (rule 9)


The purpose of these rules is to accomplish three things:



  1. Route all traffic the Pi receives from within the LAN out through the VPN tunnel.

  2. Try provide some security from WAN to LAN.

  3. Restrict traffic so that the traffic from the LAN clients can only go out through the VPN.

With the above iptable none of the connected clients can access the internet. To troubleshoot I removed rule 9 from the output chain. This resolved my issue and as far as I can tell is working as I intend.



With rule 9 removed the clients connect through the VPN and when the VPN goes down they cannot access the internet.



Questions 1.
Why does rule 9 currently block all my traffic? From my understanding rule 1 should allow all traffic going out onto the VPN (tun0 interface) and rule 8 should allow the traffic to return to a client on the LAN(for example the client at 192.168.0.1). From my understanding either rule 1 or rule 8 appears to not be working as intended.



Question 2.
I am correct in thinking that rule 9 is redundant? I think this because the default action of the forward chain is drop and unless traffic from eth0 is going to tun0 then it will be dropped anyway?






iptables routing vpn







share|improve this question
















I've followed two separate guides(1, 2) to setup my Raspberry Pi up as a VPN router. To clarify, the RPi isn't acting as a VPN server but rather acting as a router to forward traffic from some, but not all, LAN clients to a third party VPN provider.



The network topology is as follows. There are a number of clients that connect to a home router either by wireless or Ethernet. The Pi hosting the VPN is connected to the router by Ethernet and is assigned a static IP.



Some of the clients use the router as their default gateway. Their traffic is passed on without entering the VPN tunnel. Other clients use the Pi's IP address as their default gateway. The Pi receives their traffic and then forwards it on through the VPN tunnel.



Rather than just mindlessly copy and paste commands I wanted to know what I was doing. When I encountered iptables I went over a few basic tutorials to try understand them.



I ended up with the following set of iptables (a mix of both guides):



-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -p tcp -m tcp --dport 4711:4720 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i lo -m comment --comment Loopback -j ACCEPT
-A INPUT -i eth0 -p icmp -m comment --comment IMCP -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -m comment --comment SSH -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5900 -m comment --comment "VNC 5900" -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5901 -m comment --comment "VNC 5901" -j ACCEPT
-A FORWARD -i eth0 -o tun0 -m comment --comment "Enable LAN connection" -j ACCEPT
-A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o tun0 -m comment --comment vpn -j ACCEPT (rule 1)
-A OUTPUT -o eth0 -p icmp -m comment --comment icmp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -m comment --comment openvpn -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -m comment --comment ssh -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -m comment --comment "Network Time Protocol" -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -m comment --comment lan -j ACCEPT (rule 8)
-A OUTPUT -o eth0 -j DROP (rule 9)


The purpose of these rules is to accomplish three things:



  1. Route all traffic the Pi receives from within the LAN out through the VPN tunnel.

  2. Try provide some security from WAN to LAN.

  3. Restrict traffic so that the traffic from the LAN clients can only go out through the VPN.

With the above iptable none of the connected clients can access the internet. To troubleshoot I removed rule 9 from the output chain. This resolved my issue and as far as I can tell is working as I intend.



With rule 9 removed the clients connect through the VPN and when the VPN goes down they cannot access the internet.



Questions 1.
Why does rule 9 currently block all my traffic? From my understanding rule 1 should allow all traffic going out onto the VPN (tun0 interface) and rule 8 should allow the traffic to return to a client on the LAN(for example the client at 192.168.0.1). From my understanding either rule 1 or rule 8 appears to not be working as intended.



Question 2.
I am correct in thinking that rule 9 is redundant? I think this because the default action of the forward chain is drop and unless traffic from eth0 is going to tun0 then it will be dropped anyway?






iptables routing vpn




iptables routing vpn






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 29 at 14:36







Pusdeo Squirrel

















asked Mar 28 at 16:31









Pusdeo SquirrelPusdeo Squirrel

315




315












  • Please describe your network topology. For example, is this device between the LAN and WAN? Is it the main WAN router? How do you differentiate the "some" clients that can use it and those that can't. What should happen to traffic from this second group of clients? Which routes should be sent across the VPN and which should not?

    – roaima
    Mar 28 at 19:53












  • Please add all that to your question - ideally as if you'd provided it originally. Don't use "edit" or "update", but make the question flow. Comments don't always get read by people answering a question, and can be deleted. Make it easy for us to help you.

    – roaima
    Mar 29 at 7:47

















  • Please describe your network topology. For example, is this device between the LAN and WAN? Is it the main WAN router? How do you differentiate the "some" clients that can use it and those that can't. What should happen to traffic from this second group of clients? Which routes should be sent across the VPN and which should not?

    – roaima
    Mar 28 at 19:53












  • Please add all that to your question - ideally as if you'd provided it originally. Don't use "edit" or "update", but make the question flow. Comments don't always get read by people answering a question, and can be deleted. Make it easy for us to help you.

    – roaima
    Mar 29 at 7:47
















Please describe your network topology. For example, is this device between the LAN and WAN? Is it the main WAN router? How do you differentiate the "some" clients that can use it and those that can't. What should happen to traffic from this second group of clients? Which routes should be sent across the VPN and which should not?

– roaima
Mar 28 at 19:53






Please describe your network topology. For example, is this device between the LAN and WAN? Is it the main WAN router? How do you differentiate the "some" clients that can use it and those that can't. What should happen to traffic from this second group of clients? Which routes should be sent across the VPN and which should not?

– roaima
Mar 28 at 19:53














Please add all that to your question - ideally as if you'd provided it originally. Don't use "edit" or "update", but make the question flow. Comments don't always get read by people answering a question, and can be deleted. Make it easy for us to help you.

– roaima
Mar 29 at 7:47





Please add all that to your question - ideally as if you'd provided it originally. Don't use "edit" or "update", but make the question flow. Comments don't always get read by people answering a question, and can be deleted. Make it easy for us to help you.

– roaima
Mar 29 at 7:47










0






active

oldest

votes












Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509264%2fwhat-part-of-my-iptable-isnt-working-correctly%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes















draft saved

draft discarded
















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509264%2fwhat-part-of-my-iptable-isnt-working-correctly%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-iptables, routing, vpn
-

Popular posts from this blog

Identify plant with long narrow paired leaves and reddish stems Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?What is this plant with long sharp leaves? Is it a weed?What is this 3ft high, stalky plant, with mid sized narrow leaves?What is this young shrub with opposite ovate, crenate leaves and reddish stems?What is this plant with large broad serrated leaves?Identify this upright branching weed with long leaves and reddish stemsPlease help me identify this bulbous plant with long, broad leaves and white flowersWhat is this small annual with narrow gray/green leaves and rust colored daisy-type flowers?What is this chilli plant?Does anyone know what type of chilli plant this is?Help identify this plant

Image
Apollo command module space walk? prime numbers and expressing non-prime numbers Can a non-EU citizen traveling with me come with me through the EU passport line? Extract all GPU name, model and GPU ram How to deal with a team lead who never gives me credit? Why was the term "discrete" used in discrete logarithm? Why do we bend a book to keep it straight? When do you get frequent flier miles - when you buy, or when you fly? How come Sam didn't become Lord of Horn Hill? At the end of Thor: Ragnarok why don't the Asgardians turn and head for the Bifrost as per their original plan? Is it true that "carbohydrates are of no use for the basal metabolic need"? Using et al. for a last / senior author rather than for a first author How to tell that you are a giant? How to react to hostile behavior from a senior developer? String `!23` is replaced with `docker` in command line How to find out what spells would be useless to a blind NPC sp...
Read more

fontconfig warning: “/etc/fonts/fonts.conf”, line 100: unknown “element blank” The 2019 Stack Overflow Developer Survey Results Are In“tar: unrecognized option --warning” during 'apt-get install'How to fix Fontconfig errorHow do I figure out which font file is chosen for a system generic font alias?Why are some apt-get-installed fonts being ignored by fc-list, xfontsel, etc?Reload settings in /etc/fonts/conf.dTaking 30 seconds longer to boot after upgrade from jessie to stretchHow to match multiple font names with a single <match> element?Adding a custom font to fontconfigRemoving fonts from fontconfig <match> resultsBroken fonts after upgrading Firefox ESR to latest Firefox

Image
How to type this arrow in math mode? Multiply Two Integer Polynomials What do hard-Brexiteers want with respect to the Irish border? Why isn't the circumferential light around the M87 black hole's event horizon symmetric? For what reasons would an animal species NOT cross a *horizontal* land bridge? Can one be advised by a professor who is very far away? Identify boardgame from Big movie slides for 30min~1hr skype tenure track application interview Why do we hear so much about the Trump administration deciding to impose and then remove tariffs? If I score a critical hit on an 18 or higher, what are my chances of getting a critical hit if I roll 3d20? Can we generate random numbers using irrational numbers like π and e? Worn-tile Scrabble Output the Arecibo Message What is the meaning of Triage in Cybersec world? How are circuits which use complex ICs normally simulated? Shouldn't "much" here be used instead of "more"? Dele...
Read more

Shilpa Shastras Contents Description In painting In carpentry In metallurgy Shilpa Shastra education in ancient India Treatises on Shilpa Shastras See also References Further reading External links Navigation menueOverviewTraditions of the Indian Craftsman251930242ŚilpinŚilpiniTraditions of the Indian CraftsmanThe Technique of Wall Painting in Ancient IndiaEssay on the Architecture of the HindusThe Journal of the Society of Arts10.1007/s11837-998-0378-3The role of India in the diffusion of early culturesTraditions of the Indian CraftsmanAn Encyclopedia of Hindu ArchitectureBibliography of Vastu Shastra Literature, 1834-2009The Technique of Wall Painting in Ancient India4483067Les lapidaires indiens

Image
Hindu textsHindu architectureIndian architectural historyIndian iconography SanskritHindu textsHindu iconographyMonier-WilliamsVastu ShastrasVishvakarmaHindu templecupolacrucibleblowerpanchadhatuashtadhatuIron Pillar of DelhiParasharadharmaPurusha Shilpa Shastra Temples Carpentry Sculpture 1st century BC jewelry Shilpa Shastras are ancient texts that describe design and principles for a wide range of arts and crafts. [1] Part of a series on Hinduism Hindus History Origins History Indus Valley Civilisation Historical Vedic religion Śramaṇa Tribal religions in India Main traditions Vaishnavism Shaivism Shaktism Smartism Deities Trimurti Brahma Vishnu Shiva Other major Devas / Devis Vedic Indra Agni Prajapati Rudra Devi Saraswati Ushas Varuna Vayu Post-Vedic Durga Ganesha Hanuman Kali Kartikeya Krishna Lakshmi Parvati Radha Rama Shakti Sita Concepts Worldview Hindu cosmology Puranic chronology Hindu mythology Supreme Reality Brahman Om God Ishvara God in Hinduism God and ...
Read more