[linux-network] Re: internet paylasimi

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Aykut YILDIZGÖRÜR (aykuty@tepemobilya.com.tr)
Date: Fri 27 Aug 2004 - 11:32:42 EEST

Previous message: ibrahim Demirel: "[linux-network] Ynt: Re: fax server"
In reply to: Alper Oguz: "[linux-network] Re: internet paylasimi"
Next in thread: mesut guler: "[linux-network] Re: internet paylasimi"
Next in thread: Serdar KOYLU: "[linux-network] Re: internet paylasimi"

merhaba,

aşagıdaki gibi bir script oluşturdu ama işe yaramıyor

#!/bin/sh

# iptables script generator: V0.1-2002
# Comes with no warranty!
# e-mail: michael@1go.dk

# Diable forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward

LAN_IP_NET='172.16.0.0/24'
LAN_NIC='eth1'
WAN_IP='213.139.xxx.x'
WAN_NIC='eth0'
FORWARD_IP='0.0.0.0'

# load some modules (if needed)

# Flush
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# enable Masquerade and forwarding
iptables -t nat -A POSTROUTING -s $LAN_IP_NET -j MASQUERADE
iptables -A FORWARD -j ACCEPT -i $LAN_NIC -s $LAN_IP_NET
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

# Open ports on router for server/services
iptables -A INPUT -j ACCEPT -p tcp --dport 443
iptables -A INPUT -j ACCEPT -p tcp --dport 110
iptables -A INPUT -j ACCEPT -p tcp --dport 25

# STATE RELATED for router
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Open ports to server on LAN

# Enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

#bolgelerin iç networkteki makinalar ulaşmaları için
iptables -t filter -A FORWARD -s 172.16.0.0/255.255.224.0 -d 172.16.1.2 -j
ACCEPT
iptables -t filter -A FORWARD -s 172.16.0.0/255.255.224.0 -d 172.16.1.1 -j
ACCEPT

-----Original Message-----
From: linux-network-bounce@liste.linux.org.tr
[mailto:linux-network-bounce@liste.linux.org.tr]On Behalf Of Alper Oguz
Sent: Friday, August 27, 2004 9:56 AM
To: linux-network@liste.linux.org.tr
Subject: [linux-network] Re: internet paylasimi

> makinalarin bizim makina uzerinden internete cikmalari ile ilgili.
> içteki makinalar nat ile internete sorunsuz cikiyorlar. fakat
> bolgeldeki makinalar internete cikamiyorlar. mail alip
gonderebiliyorlar,içteki

Demek ki bolgedeki makinalarin IP bloguna SNAT ve Masquerade ile
internet
cikisi vermemissiniz. Firewall kurallariniza ona uygun bir nat kurali
eklemeniz gerek.

kolay gelsin

Alper OGUZ
Bimar Bilgi Islem Hiz. A.S.
Musteri Destek Hizmetleri Saha Destek Uzmani
Tel : (0 324) 237 39 30 -4528
Faks : (0 324) 233 79 92
E-posta : alper.oguz@mer.bimar.com.tr
http://www.bimar.com.tr/
Bimar Bilgi Islem Hiz. A.S. bir Arkas Holding kurulusudur.

Previous message: ibrahim Demirel: "[linux-network] Ynt: Re: fax server"
In reply to: Alper Oguz: "[linux-network] Re: internet paylasimi"
Next in thread: mesut guler: "[linux-network] Re: internet paylasimi"
Next in thread: Serdar KOYLU: "[linux-network] Re: internet paylasimi"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view	Attachment view

Bu arsiv hypermail 2.1.2 tarafindan uretilmistir.