From: Umut (php@kakalak.org)
Date: Thu 29 Apr 2004 - 19:55:24 EEST
Huseyin> Ben redhat 9'u basarili bir sekilde kurdum. Ancak kablo interneti nasil
Huseyin> paylastirabilecegim konusunda cok fikrim yok. Grafik arayuzu
Huseyin> kullaniyorum. Cift Ethernet karti takacagim. Sonrasinda biri otomatik ip
Huseyin> alacak ancak geri kalan ayrintilari bilmiyorum. Su anda tek Ethernet
Huseyin> karti var ve inactive diyor. Ayrica webmin bulamadim nasil bulur ve
Huseyin> yuklerim. Tesekkurler
1. Eger kalabalik bir gruba internet dagitacaksaniz bu isi yapan ucuz, NAT kabiliyetli cihazlar var.
2. www.webmin.com
3. Benim kullandigim script asagidadir. Kernelde degisiklik yapmaniz gerekebilir.
Belki dagitiminiz icinde otomatik internet paylasimi gibi bi seyler vardir.
Mandrakede tek tikla yapiyor bu isi. Slackware'de ise asagidaki script.
Son kismini istediginiz portlara gore modifiye edebilirsiniz.
#!/bin/sh
IPTABLES=/usr/sbin/iptables
DEPMOD=/sbin/depmod
MODPROBE=/sbin/modprobe
EXTIF="eth1"
INTIF="eth0"
echo "External Interface: $EXTIF"
echo "Internal Interface: $INTIF"
echo -en "Loading modules: "
echo "- Verifying that all kernel modules are ok"
$DEPMOD -a
echo -en "ip_tables, "
$MODPROBE ip_tables
echo -en "ip_conntrack, "
$MODPROBE ip_conntrack
echo -en "ip_conntrack_ftp, "
$MODPROBE ip_conntrack_ftp
echo -en "ip_conntrack_irc, "
$MODPROBE ip_conntrack_irc
echo -en "iptable_nat, "
$MODPROBE iptable_nat
echo -en "ip_nat_ftp, "
$MODPROBE ip_nat_ftp
echo -e " Done.\n"
echo " Enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward
echo " Enabling DynamicAddr.."
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo " Clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F
echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
echo " Enabling HTTP, POP3, SMTP, HTTPS, RSYNC, FTPx2"
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 80 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 110 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 25 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 443 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 873 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 21 -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF --protocol tcp --destination-port 20 -j ACCEPT
$IPTABLES -A FORWARD -j LOG
echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
-- This message has been scanned for viruses and dangerous content, and is believed to be clean.--- linux-baslangic listesinden cikmak ve tum listeci islemleri icin http://liste.linux.org.tr/ adresini kullanabilirisniz. Bu listeden cikmak icin <a href="mailto:linux-baslangic-request@liste.linux.org.tr?Subject=unsubscribe"> tiklayiniz</a>