From: Tufan Deveci (linuxlist@tufanonline.net)
Date: Thu 30 Jan 2003 - 12:18:25 EET
Herkese selam,
FreeBSD 4.7 STABLE kurulu 2 eth. (1 LAN, 1 EXT) interface bsd box ipfilter &
ipnat ile firewall olarak kullaniliyor.
sorum su real ip / ip lerden birini local ag internet cikisi icin ext.
interface assign (atamak) etmeden yada alias olarak belirtmeden calisirmi ?
/etc/ipnat.rules dosyasi asagidaki gibi...
map dc0 192.168.0.0/24 -> 212.154.122.162/32 proxy port ftp ftp/tcp
map dc0 192.168.0.0/24 -> 212.154.122.162/32 portmap tcp/udp 1025:65000
map dc0 192.168.0.0/24 -> 212.154.122.162/32 proxy port 7070 raudio/tcp
map dc0 192.168.0.0/24 -> 212.154.122.162/32
bu ise anladiginiz uzere local w2k iis web icin web port nat`i.
rdr dc0 212.154.122.166/32 port 80 -> 192.168.0.2 port 80
bu nat / nat`lar
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::250:fcff:fe5d:2c19%rl0 prefixlen 64 scopeid 0x1
ether 00:50:fc:5d:2c:19
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 212.154.122.165 netmask 0xfffffff8 broadcast 212.154.122.167
inet6 fe80::280:adff:fe72:7b7a%dc0 prefixlen 64 scopeid 0x2
inet 212.154.122.166 netmask 0xffffffff broadcast 212.154.122.166
ether 00:80:ad:72:7b:7a
media: Ethernet autoselect (10baseT/UTP)
status: active
dc0 uzerinde assign edilmeden (atanmadan) su anda calisiyor.
merak ettigim konu, freebsd`de gercekten nat icin ip / ip`leri bir eth.
interface de tanimlanmasi gerekiyormu..
sanirim biraz daginik oldu ama anlatabildigimi saniyorum.
tesekkur ederim.
Tufan DEVECI
tufan@tufanonline.net
http://www.tufanonline.net