From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_00,FH_DATE_PAST_20XX, SPF_PASS autolearn=no version=3.2.5 Date: Wed, 6 Jan 2010 20:02:39 +0300 From: Afanasov Dmitry To: sisyphus@lists.altlinux.org Message-ID: <20100106170236.GA4174@utvuk.ender.rk> Mail-Followup-To: sisyphus@lists.altlinux.org References: <4B44A964.20603@tula.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="vkogqOf2sHV7VnPd" Content-Disposition: inline In-Reply-To: <4B44A964.20603@tula.net> User-Agent: Mutt/1.5.20 (2009-06-23) Subject: Re: [sisyphus] =?koi8-r?b?MiDQ0s/XwcrExdLBLiDrwcs/?= X-BeenThere: sisyphus@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Sisyphus discussions List-Id: ALT Linux Sisyphus discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jan 2010 17:03:04 -0000 Archived-At: List-Archive: List-Post: --vkogqOf2sHV7VnPd Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jan 06, 2010 at 06:16:52PM +0300, =E5=D7=C7=C5=CE=C9=CA wrote: > Hi All. >=20 > =F7=CF=D4 =D7 =CE=C1=DE=C1=CC=C5 =EE=CF=D7=CF=C7=CF =E7=CF=C4=C1 =D0=CF= =D1=D7=C9=CC=D3=D1 =D5 =CD=C5=CE=D1 =C5=DD=A3 =CF=C4=C9=CE =D0=D2=CF=D7=C1= =CA=C4=C5=D2. > =FA=C1=C8=CF=D4=C5=CC=CF=D3=D8 =D2=C1=DA=D2=D5=CC=C9=D4=D8 =C9=C8 =D3=CC= =C5=C4=D5=C0=DD=C9=CD =CF=C2=D2=C1=DA=CF=CD: =D3=C5=D2=D7=C5=D2 =D3=C9=C4= =C9=D4 =CE=C1 =CF=C4=CE=CF=CD =CB=C1=CE=C1=CC=C5=20 > (=CF=C2=DA=CF=D7=D5 =C5=C7=CF =D0=C5=D2=D7=D9=CD), =C1 =CB=CC=C9=C5=CE=D4= =D9 =CE=C1 =C4=D2=D5=C7=CF=CD (=D7=D4=CF=D2=CF=CD). =EB =D4=CF=CD=D5 =D6=C5= , =CB=CC=C9=C5=CE=D4=D9=20 > =C4=CF=CC=D6=CE=D9 =D0=CF=D0=C1=C4=C1=D4=D8 =D7 "=CC=CF=CB=C1=CC=D8=CE=D9= =C5" =D3=C5=D4=C9 =D0=C5=D2=D7=CF=C7=CF =D0=D2=CF=D7=C1=CA=C4=C5=D2=C1. >=20 > =E1 =D7=CF=D4 =CB=C1=CB =DC=D4=CF =D2=C5=C1=CC=C9=DA=CF=D7=C1=D4=D8 - =DA= =C1=D4=D2=D5=C4=CE=D1=C0=D3=D8. =DC=D4=CF source route - =CD=C1=D2=DB=D2=D5=D4=C9=DA=C1=C3=C9=D1 =CF=D4 =C9= =D3=D4=CF=DE=CE=C9=CB=C1. =D2=C5=C1=CC=C9=DA=D5=C5=D4=D3=D1 =DE=C5=D2=C5=DA= ip rule (=D7 LARTC =CF=D0=C9=D3=C1=CE) =D7 =C4=C1=CE=CE=CF=CD =D3=CC=D5=DE=C1=C5 =C2=D5=C4=C5=D4 =D7=D9=C7=CC=D1= =C4=C5=D4=D8 =CB=C1=CB cat "50 second" >> /etc/iproute2/rt_tables ip rule add pref 5000 from 192.168.4.0/24 table second ip route add table second throw 192.168.2.0/24 ip route add table second throw ip route add table second default via 192.168.2.1 > =F0=D2=CF=D0=C9=D3=C1=CC > [0:0] -A POSTROUTING -s 192.168.4.0/24 -d 0/0 -j SNAT --to-source 192.168= =2E2.2 =D4=C1=CB=D6=C5 =C4=C1, =CE=D5=D6=CE=CF =C4=D7=C1 =CE=C1=D4=C1: =C4=CC=D1 = =D0=C5=D2=D7=CF=C7=CF =C9 =D7=D4=CF=D2=CF=C7=CF =D0=D2=CF=D7=C1=CA=C4=C5=D2= =C1. net'=D9 =D0=D2=C5=C4=D0=CF=DE=C9=D4=C1=C0 =C4=C5=CC=C1=D4=D8 =D0=CF =C4=C5=D7=C1=CA= =D3=C1=CD, =D4=CF =C5=D3=D4=D8: [0:0] -A POSTROUTING -o first -j SNAT --to-source [0:0] -A POSTROUTING -o second -j SNAT --to-source 192.168.2.2 =D0=D2=C5=C4=D5=D0=D2=C5=D6=C4=C1=C0 =D3=D2=C1=DA=D5, =DE=D4=CF =CD=C1=D2= =DB=D2=D5=D4=D9 =D3=CD=CF=D4=D2=D1=D4=D3=D1 =D3=CE=C1=DE=C1=CC=C1 =D0=CF = =D4=C1=C2=CC=C9=C3=C1=CD, =D0=CF=D4=CF=CD =D0=CF =CF=DE=C5=D2=C5=C4=C9 =D7 =D4=C1=C2=CC=C9=C3=C5. default route =D1=D7=CC=D1= =C5=D4=D3=D1 =D7=D9=C8=CF=C4=CF=CD =C9=DA =D0=D2=CF=D7=C5=D2=CB=C9 =CD=C1= =DB=D2=D5=D4=CF=D7. =D0=CF=D4=CF=CD=D5 =C9=CD=C5=C5=CD, =DE=D4=CF =C4=CC=D1 =D7=D3=C5=C8 =C9=DA= 192.168.4.0/24 =C2=D5=C4=C5=D4 =D0=D2=CF=D7=C5=D2=D1=D4=D8=D3=D1 =D4=C1=C2= =CC=C9=C3=C1 second =C9 =D4=CF=CC=D8=CB=CF second, =D4=C1=CB =CB=C1=CB =D0=CF "default v= ia" =C2=D5=C4=C5=D4 =D7=D9=C8=CF=C4 =C9=DA =D0=D2=CF=D7=C5=D2=CF=CB. =D0=CF=D4=CF=CD =C4=CC=D1 =D2=C5=DB=C5=CE=C9=D1 "=CB=CC=C9=C5=CE=D4=D9 =C4= =CF=CC=D6=CE=D9 =D0=CF=D0=C1=C4=C1=D4=D8 =D7 "=CC=CF=CB=C1=CC=D8=CE=D9=C5" = =D3=C5=D4=C9 =D0=C5=D2=D7=CF=C7=CF =D0=D2=CF=D7=C1=CA=C4=C5=D2=C1." =D7 =D4=C1=C2=CC=C9=C3=C5 second =C4=CF=CC= =D6=CE=D9 =C2=D9=D4=D8 =CC=C9=C2=CF =D0=D2=CF=C4=D5=C2=CC=C9=D2=CF=D7=C1=CE= =D9 =CC=C9=C2=CF =D5=CB=C1=DA=C1=CE=D9 =CB=C1=CB throw =CD=C1=D2=DB=D2=D5=D4=D9 =C9=DA =D4=C1=C2=CC=C9=C3=D9 main. throw =D7 =C4=C1=CE=CE=CF=CD =D3=CC=D5=DE=C1=C5 - =D7=D9=CA=D4=C9 =C9=DA = =D4=C1=C2=CC=C9=C3=D9 =C9 =D0=D2=CF=D7=C5=D2=D1=D4=D8 =C4=C1=CC=D8=DB=C5, = =3D=3D -j RETURN =D7 iptables, =D0=D2=CF=D3=D4=CF=CD=D5 return =D7 C. Note: =DC=D4=CF =D7=CF=CF=C2=DD=C5-=D4=CF =C4=CC=D1 sysadmins@ --=20 =F3 =D5=D7=C1=D6=C5=CE=C9=C5=CD =E1=C6=C1=CE=C1=D3=CF=D7 =E4=CD=C9=D4=D2=C9=CA --vkogqOf2sHV7VnPd Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (GNU/Linux) iEYEARECAAYFAktEwiwACgkQ72GKvac0Iyx7twCfQrgTR/h4+6tdY0IxfhNT7stj w2IAnRfFVerHz+V2bdDqCPd70LG2NiCA =p291 -----END PGP SIGNATURE----- --vkogqOf2sHV7VnPd--