[linux-baslangic] Re: internet paylasimi

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Umut (php@kakalak.org)
Date: Thu 29 Apr 2004 - 19:55:24 EEST

Next message: orkun unalan: "[linux-baslangic] Re: virus"
Previous message: Huseyin Mercan: "[linux-baslangic] internet paylasimi"
In reply to: Huseyin Mercan: "[linux-baslangic] internet paylasimi"
Next in thread: Orhan Berent: "[linux-baslangic] mdk 10 java ve flash"

Huseyin> Ben redhat 9'u basarili bir sekilde kurdum. Ancak kablo interneti nasil
Huseyin> paylastirabilecegim konusunda cok fikrim yok. Grafik arayuzu
Huseyin> kullaniyorum. Cift Ethernet karti takacagim. Sonrasinda biri otomatik ip
Huseyin> alacak ancak geri kalan ayrintilari bilmiyorum. Su anda tek Ethernet
Huseyin> karti var ve inactive diyor. Ayrica webmin bulamadim nasil bulur ve
Huseyin> yuklerim. Tesekkurler

1. Eger kalabalik bir gruba internet dagitacaksaniz bu isi yapan ucuz, NAT kabiliyetli cihazlar var.

2. www.webmin.com

3. Benim kullandigim script asagidadir. Kernelde degisiklik yapmaniz gerekebilir.
Belki dagitiminiz icinde otomatik internet paylasimi gibi bi seyler vardir.
Mandrakede tek tikla yapiyor bu isi. Slackware'de ise asagidaki script.
Son kismini istediginiz portlara gore modifiye edebilirsiniz.

#!/bin/sh

IPTABLES=/usr/sbin/iptables
DEPMOD=/sbin/depmod
MODPROBE=/sbin/modprobe

EXTIF="eth1"
INTIF="eth0"
echo "External Interface: $EXTIF"
echo "Internal Interface: $INTIF"

echo -en "Loading modules: "

echo "- Verifying that all kernel modules are ok"
$DEPMOD -a

echo -en "ip_tables, "
$MODPROBE ip_tables

echo -en "ip_conntrack, "
$MODPROBE ip_conntrack

echo -en "ip_conntrack_ftp, "
$MODPROBE ip_conntrack_ftp

echo -en "ip_conntrack_irc, "
$MODPROBE ip_conntrack_irc

echo -en "iptable_nat, "
$MODPROBE iptable_nat

echo -en "ip_nat_ftp, "
$MODPROBE ip_nat_ftp

echo -e " Done.\n"

echo " Enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward

echo " Enabling DynamicAddr.."
echo "1" > /proc/sys/net/ipv4/ip_dynaddr

echo " Clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F

echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT

echo " Enabling HTTP, POP3, SMTP, HTTPS, RSYNC, FTPx2"
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 80 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 110 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 25 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 443 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 873 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 21 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 20 -j ACCEPT
$IPTABLES -A FORWARD -j LOG

echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

-- This message has been scanned for viruses and dangerous content, and is believed to be clean.

--- linux-baslangic listesinden cikmak ve tum listeci islemleri icin http://liste.linux.org.tr/ adresini kullanabilirisniz. Bu listeden cikmak icin <a href="mailto:linux-baslangic-request@liste.linux.org.tr?Subject=unsubscribe"> tiklayiniz</a>

Next message: orkun unalan: "[linux-baslangic] Re: virus"
Previous message: Huseyin Mercan: "[linux-baslangic] internet paylasimi"
In reply to: Huseyin Mercan: "[linux-baslangic] internet paylasimi"
Next in thread: Orhan Berent: "[linux-baslangic] mdk 10 java ve flash"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view	Attachment view

Bu arsiv hypermail 2.1.2 tarafindan uretilmistir.