From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:date:from:x-mailer:reply-to:x-priority:message-id:to:subject:in-reply-to:references:mime-version:content-type:content-transfer-encoding; b=dPU4wlt75vTCTfSyWN1JuVzynjViAM14r4TuQ9MNDKI5uE9AWYN/OKHYYkifLZtnXeo+bbxYbCXHnN2J4+b1XOD/yj8w38vmxNatjnbkRwbW4Ay0aTFpQYTKTs0/6JxUJf2hp3dWO+4elIkrxypMP5JY7h64gWveqvvO+RYPrHE= Date: Thu, 13 Oct 2005 17:17:53 +0400 From: CyberSkunk X-Mailer: The Bat! (v3.0.1.33) Professional X-Priority: 3 (Normal) Message-ID: <1487230687.20051013171753@gmail.com> To: community@altlinux.ru Subject: Re[5]: [Comm]routing problems, iptables? - SOLUTION? In-Reply-To: <105571641.20051013143014@maximagroup.ru> References: <777642185.20051012184700@gmail.com> <1173843028.20051012192946@maximagroup.ru> <822451409.20051013142340@gmail.com> <105571641.20051013143014@maximagroup.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: quoted-printable X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.5 Precedence: list Reply-To: gmail , ALT Linux Community List-Id: ALT Linux Community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Oct 2005 13:15:25 -0000 Archived-At: List-Archive: List-Post: >> =FA=C4=D2=C1=D7=D3=D4=D7=D5=CA=D4=C5, CyberSkunk. >>> =E5=D3=D4=D8 =D0=D2=CF=D7=C1=CA=C4=C5=D2. =E9=CE=C5=D4 =DE=C5=D2=C5=DA = =C1=C4=D3=CC-=CD=CF=C4=C5=CD. >>> =E5=D3=D4=D8 IP =C1=C4=D2=C5=D3(IP_ADDR1). >>> =E5=D3=D4=D8 =D7=D4=CF=D2=CF=CA IP =CF=D4 =D4=CF=C7=CF =D6=C5 =D0=D2=CF= =D7=C1=CA=C4=C5=D2=C1(IP_ADDR2). >>> =E8=CF=DE=C5=D4=D3=D1 =D3=C4=C5=CC=C1=D4=D8 DNAT =CE=C1 =CD=C1=DB=C9=CE= =D5 =C9=DA =CC=CF=CB=C1=CC=D8=CE=CF=CA =D3=C5=D4=C9(LAN_IP)=CE=C1 =CD=C1=DB= =C9=CE=C5 >>> =D3 IP_ADDR1 =D4=C9=D0=C1 >>> iptables -t nat -A PREROUTING -d IP_ADDR2 -j DNAT --to-destinnation LAN= _IP >>> =DE=D4=CF=C2=D9 =D0=D2=C9 =CB=CF=CE=CE=C5=CB=D4=C5 =C9=DA =C9=CE=C5=D4= =C1 =CE=C1 IP_ADDR2 =D0=C1=CB=C5=D4=D9 =D0=CF=D2=C5=CB=C9=C4=D9=D7=C1=CC=C9= =D3=D8 =D7 =CC=CF=CB=C1=CC=CB=D5 >>> =CE=C1 LAN_IP =CD=C1=DB=C9=CE=CF=CA =D3 IP_ADDR1. >>> =EE=C5 =D2=C1=C2=CF=D4=C1=C5=D4. >>> =EF=D4=CB=D5=C4=C1 =CD=CF=C7=D5=D4 =CE=CF=C7=C9 =D2=C1=D3=D4=C9? =EB=C1= =CB =CD=CF=D6=CE=CF =DC=D4=C9 =CE=CF=C7=C9 =D0=CF=C9=D3=CB=C1=D4=D8? >>> -- >>> Best regards, >>> CyberSkunk mailto:cyberskunk@gmail.com >>> _______________________________________________ >>> Community mailing list >>> Community@altlinux.ru >>> https://lists.altlinux.ru/mailman/listinfo/community >>> =EE=D5 =D7=CF=D0=C5=D2=D7=D9=C8 =CF=C2=D2=C1=D4=CE=D9=CA =D4=D2=C1=C6= =C9=CB =CE=C1=C4=CF =D7=D9=D0=D5=D3=D4=C9=D4 (=D7=D9=D0=CF=CC=CE=D1=D4=D8 S= NAT) >> =E1 =D2=C1=DA=D7=C5 DNAT =CE=C5 =C4=C5=CC=C1=C5=D4 =CF=C2=D2=C1=D4=CE=D5= =C0 =DA=C1=CD=C5=CE=D5 =C1=C4=D2=C5=D3=C1? =F7=D0=D2=CF=DE=C5=CD, =DC=D4=CF= =CE=C5 =D7=C1=D6=CE=CF, >> =D1 =D0=D2=CF=C2=CF=D7=C1=CC =C9 =CE=C5=DE=D4=CF =D7=D2=CF=C4=C5 >> iptables -t nat -A POSTROUTING -s ! LAN_IP -j SNAT --to-source\ >> IP_ADDR_1 >> iptables -t nat -A POSTROUTING -s LAN_IP -j SNAT --to-source\ >> IP_ADDR2 >>> =D7=CF =D7=D4=CF=D2=D9=C8 =C6=CF=D2=D7=C1=D2=C4=C9=CE=C7 =D0=C1=CB=C5= =D4=CF=D7 =D2=C1=DA=D2=C5=DB=C9=D4=D8 >> =E1 =D1 =C9=DA =DC=D4=CF=CA =CC=CF=CB=C1=CC=CB=C9, =D4=C1=CB =DE=D4=CF = =C5=D3=CC=C9 =C2=D9 =C2=D9 =C5=C7=CF =CE=C5 =C2=D9=CC=CF, =D1 =C2=D9 =CE=C5= =D3=CD=CF=C7 >> =D0=C9=D3=D8=CD=C1 =D0=CF=D3=CC=C1=D4=D8:) >>> =D7 =D4=D2=C5=D4=D8=C9=C8 =D7 =D4=C1=C2=CC=C9=C3=C5 filter =D5=CB=C1=DA= =C1=D4=D8 =D3=CF=CF=D4=D7=C5=D4=D3=D4=D7=D5=C0=DD=C9=C5 =D0=D2=C1=D7=C9=CC= =C1 =C4=CC=D1 >>> =D4=D2=C1=CE=DA=C9=D4=CE=D9=C8 =D0=C1=CB=C5=D4=CF=D7( =C3=C5=D0=CF=DE= =CB=C1 FORWARD) >> =E5=D3=D4=D8 =D4=C1=CB=CF=C5 =C4=C5=CC=CF. >> =EE=CF =D7=D3=C5 =D2=C1=D7=CE=CF =CE=C5 =D0=C1=DB=C5=D4. >> -- >> Best regards, >> CyberSkunk mailto:cyberskunk@gmail.com >> _______________________________________________ >> Community mailing list >> Community@altlinux.ru >> https://lists.altlinux.ru/mailman/listinfo/community >> InetIP -=F2=C5=C1=CC=D8=CE=D9=CA =C1=C4=D2=C5=D3 =CD=C1=DB=C9=CE=D9 =D7 = =C9=CE=C5=D4=C5 >> SrvIP -IP =C1=C4=D2=C5=D3 =CD=C1=DB=C9=CE=D9 =D7 =D3=C5=D4=C9 =CE=C1 = =CB=CF=D4=CF=D2=D5=C0 =CF=D3=D5=DD=C5=D3=D4=D7=CC=D1=C5=D4=D3=D1 =CD=C1=D2= =DB=D2=D5=D4=C9=DA=C1=C3=C9=D1 echo "1" >> /proc/sys/net/ipv4/ip_forward =D7=CB=CC=C0=DE=C1=C5=CD echo "1" >> =C6=CF=D2=D7=C1=D2=C4=C9=CE=C7 =D0=C1=CB=C5=D4=CF=D7 =D1=C4=D2= =C5 >=DC=D4=CF =D0=CF=CE=D1=D4=CE=CF >> iptables -t nat -A POSTROUTING -s 0/0 -j SNAT --to-source IP_ADDR_1 SrvIP >=CE=C5 =D3=CF=D7=D3=C5=CD =D0=CF=CE=D1=CC =DE=D4=CF =D0=D2=C9 =DC=D4=CF=CD= =D0=D2=CF=C9=D3=C8=CF=C4=C9=D4, >=CE=CF =D7=D9=D1=D3=CE=C9=CC =D4=C1=CB=D5=C0 =DB=D4=D5=CB=D5: >=C5=D3=CC=C9 =DA=C1=D0=D5=D3=D4=C9=D4=D8 =CE=C1 =C8=CF=D3=D4=C5, =CB=CF=D4= =CF=D2=D9=CA =D0=D2=CF=D7=CF=C4=C9=D4 =CD=C1=D2=DB=D2=D5=D4=C9=DA=C1=C3=C9= =C0 >tcpdump -i eth0 dst IP_ADDR2 >=C9 =D0=CF=D0=D2=CF=C2=CF=D7=C1=D4=D8 =D3 =D5=C4=C1=CC=C5=CE=CE=CF=CA =CD= =C1=DB=C9=CE=D9 =D0=C9=CE=C7=C1=CE=D5=D4=D8 IP_ADDR2, =D4=CF =D1 =D7=C9=D6= =D5 >14:34:50.899457 arp who-has IP_ADDR2 tell IP_PROV_GW >=C7=C4=C5 IP_PROV_GW - =C1=C4=D2=C5=D3 =D0=D2=CF=D7=C1=CA=C4=C5=D2=CF=D7= =D3=CB=CF=C7=CF =C7=C5=CA=D4=D7=C5=D1. =FE=D4=CF =D3 =DC=D4=C9=CD =CD=CF=D6= =CE=CF >=D3=C4=C5=CC=C1=D4=D8? >-- >Best regards, > CyberSkunk mailto:cyberskunk@gmail.com =ED=CE=C5 =D0=CF=CD=CF=C7=CC=CF =C4=CF=D0=C9=D3=D9=D7=C1=CE=C9=C5 =D3=D4=C1= =D4=C9=DE=C5=D3=CB=CF=CA =DA=C1=D0=C9=D3=C9 =D7 arp-=CB=DC=DB =D7=CE=C5=DB= =CE=C5=C7=CF =C9=CE=D4=C5=D2=C6=C5=CA=D3=C1, =CE=C5 =DA=CE=C1=C0 =D5=D6 =CE=C1=D3=CB=CF= =CC=D8=CB=CF =DC=D4=CF =D0=D2=C1=D7=C9=CC=D8=CE=CF: arp -i eth0 -Ds IP_ADDR2 eth0 pub =C7=C4=C5 eth0 - =C9=CE=D4=C5=D2=C6=C5=CA=D3 =D3 =C1=C4=D2=C5=D3=CF=CD IP_A= DDR1 -- Best regards, CyberSkunk mailto:cyberskunk@gmail.com