Iptables a 802.1q
Ross Jendrejcik
ross na atlas.cz
Čtvrtek Červen 6 16:00:12 CEST 2002
Zdravim vsechny ... zkousim rozchodit jednoduchy firewall na 802.1q ... a
porad mi to nejede. Chtel bych se tedy zeptat, zdali s tim nema nekdo
prakticke zkusenosti ... nebo delam neco blbe?
**************************************************************
eth0 Link encap:Ethernet HWaddr 00:04:76:8F:8D:59
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:40615 errors:0 dropped:0 overruns:1 frame:0
TX packets:29599 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:7087407 (6.7 Mb) TX bytes:7425002 (7.0 Mb)
Interrupt:10 Base address:0xdc00
eth0.10 Link encap:Ethernet HWaddr 00:04:76:8F:8D:59
inet addr:120.12.32.1 Bcast:120.12.32.0 Mask:255.255.255.252
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10095 errors:0 dropped:0 overruns:0 frame:0
TX packets:10567 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3992776 (3.8 Mb) TX bytes:3371831 (3.2 Mb)
eth0.20 Link encap:Ethernet HWaddr 00:04:76:8F:8D:59
inet addr:192.168.1.1 Bcast:192.168.1.0 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24264 errors:0 dropped:0 overruns:0 frame:0
TX packets:19032 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2123652 (2.0 Mb) TX bytes:4024961 (3.8 Mb)
***********************************************************************
iptables -F
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F -t mangle
iptables -F -t nat
iptables -X
iptables -P FORWARD DROP
iptables -t nat -A POSTROUTING -o vlan0010 -j SNAT --to 120.12.32.1
echo "1" > /proc/sys/net/ipv4/ip_forward
***********************************************************************
Diky za kazkou radu
Ross
Další informace o konferenci Linux