[ SlackList ] [ WkikiSlack ]



Re: iptables i 3 sieciowki

From: D.Wesolowski <wesoly_malpka_klu..pl>
Date: Thu Jul 08 2004 - 19:14:02 CEST

Krzysztof napisał(a):

> eth1 siec na 192.168.0...
> eth2 siec na 192.168.1...
>
> i teraz mam taki problem chce aby komutery z sieci eth1
> widzialy eth0 i eth2
> zas komputery z sieci eth2 widzialy tylko eth0

zamiast tego:

> iptables -t filter -A FORWARD -s 192.168.0.0/255.255.255.0 -d 0/0 -j ACCEPT
> iptables -t filter -A FORWARD -s 0/0 -d 192.168.0.0/255.255.255.0 -j ACCEPT
>
> iptables -t filter -A FORWARD -s 192.168.1.0/255.255.255.0 -d 0/0 -j ACCEPT
> iptables -t filter -A FORWARD -s 0/0 -d 192.168.1.0/255.255.255.0 -j ACCEPT

to:

iptables -t filter -A FORWARD -s 192.168.0.0/24 -d 192.168.1.0/24 -j
ACCEPT -m state --state NEW,ESTABLISHED,RELATED
iptables -t filter -A FORWARD -s 192.168.1.0/24 -d 192.168.0.0/24 -j
ACCEPT -m state --state ESTABLISHED,RELATED

iptables -t filter -A FORWARD -s 192.168.0.0/24 -d adres_sieci_DSL/maska
-j ACCEPCT
iptables -t filter -A FORWARD -s adres_sieci_DSL/maska -d 192.168.0.0/24
-j ACCEPCT
iptables -t filter -A FORWARD -s 192.168.1.0/24 -d adres_sieci_DSL/maska
-j ACCEPCT
iptables -t filter -A FORWARD -s adres_sieci_DSL/maska -d 192.168.1.0/24
-j ACCEPCT

--
pozdrawiam,
DW

mailto: wesoly[a.t]klu..pl
[przy odpisywaniu usun nadmiarowe kropki]
Received on Fri Jul 09 00:19:49 2004

This archive was generated by hypermail 2.1.8. Wyprawa Shackleton 2014