From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <serge@ukr-fin.com.ua>
From: Serge Polkovnikov <serge@ukr-fin.com.ua>
To: community@altlinux.ru
Subject: Re: [Comm] HELP!
	=?koi8-u?b?8NLPwtLP0yDQz9LUz9cg3sXSxdogxsHK0tfPzMwg0yDQz8zJ1MnLz8o=?=
	=?koi8-u?b?IERST1A=?=
Date: Tue, 7 Sep 2004 10:06:38 +0300
User-Agent: KMail/1.6.2
References: <20040903091400.2c3df2fd.Maxim.Savrilov@socenter.ru>
	<20040904002217.4c9c9da1.dima@sakhalin.ru>
	<20040907092720.653cbf0d.Maxim.Savrilov@socenter.ru>
In-Reply-To: <20040907092720.653cbf0d.Maxim.Savrilov@socenter.ru>
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature";
	micalg=pgp-sha1; boundary="Boundary-02=_E4VPBqe8Kl79BmC";
	charset="koi8-u"
Content-Transfer-Encoding: 7bit
Message-Id: <200409071006.44505.serge@ukr-fin.com.ua>
X-Virus-Scanned: by amavisd-new at astral-on.net
X-BeenThere: community@altlinux.ru
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: community@altlinux.ru
List-Id: Mailing list for ALT Linux users <community.altlinux.ru>
List-Unsubscribe: <https://lists.altlinux.ru/mailman/listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=unsubscribe>
List-Archive: <http://lists.altlinux.ru/pipermail/community>
List-Post: <mailto:community@altlinux.ru>
List-Help: <mailto:community-request@altlinux.ru?subject=help>
List-Subscribe: <https://lists.altlinux.ru/mailman/listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2004 07:11:07 -0000
Archived-At: <http://lore.altlinux.org/community/200409071006.44505.serge@ukr-fin.com.ua/>
List-Archive: <http://lore.altlinux.org/community/>
List-Post: <mailto:mandrake-russian@linuxteam.iplabs.ru>


--Boundary-02=_E4VPBqe8Kl79BmC
Content-Type: text/plain;
  charset="koi8-u"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

=D7=A6=D7=D4=CF=D2=CF=CB, 07-=D7=C5=D2-2004 05:27, Maxim.Savrilov@socenter.=
ru =CE=C1=D0=C9=D3=C1=CC:
> # Diable forwarding
> echo 0 > /proc/sys/net/ipv4/ip_forward
>
> LAN_IP_NET=3D'192.168.0.1/24'
> LAN_NIC=3D'eth1'
> WAN_IP=3D'x.x.x.x'
> WAN_NIC=3D'eth0'
> FORWARD_IP=3D'y.y.y.y'
>
> # load some modules (if needed)
>
> # Flush
> iptables -t nat -F POSTROUTING
> iptables -t nat -F PREROUTING
> iptables -t nat -F OUTPUT
> iptables -F
>
> iptables -P INPUT DROP
> iptables -P FORWARD DROP
> iptables -P OUTPUT ACCEPT
>
> # STATE RELATED for router
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>
> # Open ports to server on LAN
> iptables -A FORWARD -j ACCEPT -p tcp --dport 3389

=E1 =D0=D2=C1=D7=C9=CC=CF =D2=C1=DA=D2=C5=DB=C1=C0=DD=C5=C5 =D0=D2=CF=C8=CF=
=D6=C4=C5=CE=C9=C5 =D0=C1=CB=CF=D4=CF=D7 =D7 =CF=C2=D2=C1=D4=CE=D5=C0 =D3=
=D4=CF=D2=CF=CE=D5?


> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT
> --to y.y.y.y:3389
>
> # Enable forwarding
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
>
>
> =D5=D6 =D4=D5=D4-=D4=CF =DE=D4=CF =CE=C5 =D4=C1=CB?

=2D-=20
=F3 =D5=D7=C1=D6=C5=CE=C9=C5=CD,
   =F3=C5=D2=C7=C5=CA =F0=CF=CC=CB=CF=D7=CE=C9=CB=CF=D7        JID: p_serge=
@jabber.ru

--Boundary-02=_E4VPBqe8Kl79BmC
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQBBPV4ESFt0OyMZCDARAvkOAKCMQyUCkw5LBEP8x9LWfuN1hnEMJgCfRns5
kdJkf5et1Tv8x6M0LtuCvsY=
=dkYB
-----END PGP SIGNATURE-----

--Boundary-02=_E4VPBqe8Kl79BmC--