From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Sat, 9 Mar 2002 19:43:56 +0200 From: Aleksandr Blohin To: sisyphus@altlinux.ru Message-Id: <20020309194356.0d61e602.sass@uustoll.ee> In-Reply-To: <20020309134847.741B19276@VL3143.spb.edu> References: <20020309134847.741B19276@VL3143.spb.edu> X-Mailer: stuphead ver. 0.5.5 (Alternative-cvs) (GTK+ 1.2.10; Linux 2.4.18-alt1-sass; i686) Mime-Version: 1.0 Content-Type: text/plain; charset="KOI8-R" Content-Transfer-Encoding: 8bit Subject: [sisyphus] =?KOI8-R?B?UmU6IFtzaXN5cGh1c10g7sHT1NLPysvBINzMxc3FztTB0s7Px88gzcHTy8HSwcTB?= Sender: sisyphus-admin@altlinux.ru Errors-To: sisyphus-admin@altlinux.ru X-BeenThere: sisyphus@altlinux.ru X-Mailman-Version: 2.0 Precedence: bulk Reply-To: sisyphus@altlinux.ru List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Archived-At: List-Archive: On Sat, 9 Mar 2002 16:48:47 +0300 Vitaly Lipatov wrote: VL> На худой конец может кто может файлом VL> /etc/rc.d/rc.firewall.inet_sharing VL> готовым поделится. #----------------------------------------------------------------- #!/bin/sh insmod ip_conntrack insmod ip_conntrack_ftp # Interface to Internet EXTIF=ppp+ ANY=0.0.0.0/0 localnet="192.168.0.0/24" firewallhost="192.168.0.8/32" localhost_localdomain="127.0.0.1/32" iptables -P INPUT ACEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD # Deny TCP and UDP packets to privileged ports iptables -A INPUT -i $EXTIF -d $ANY -p udp -dport 0:1023 -j DROP iptables -A INPUT -i $EXTIF -d $ANY -p tcp -dport 0:1023 -j DROP # Маскарадим ppp0. iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE # Включаем маршрутизацию пакетов. echo 1 > /proc/sys/net/ipv4/ip_forward #----------------------------------------------------------------- -- Best regards AB -- ... In nomine Altli, et Ctrli, et Spititus Deli, Reset!