Padekite pakurti Linux Router (isspresta)

Dead_Kennedy · Rugpjūtis 10, 2004, 12:00ryte

Dead_Kennedy · Rugpjūtis 10, 2004, 12:00ryte

Labai reikia pasharinti neta per Linux su windows Xp kompu. Pasikuriau DHCP serveri, viskas veikia, IP ishduoda. Bet niekaip negaliu padaryti kad routintu neta. Pas mane linuxe toks config: eth0 - tiesiog network korta per kuria prisijungiu prie neto per pppoe. ppp0 - mano internet connection eth1 - lan’as. IP: 10.0.0.1, Netmask 255.255.255.0, Gateway 10.0.0.1. Mano /etc/sysconfig/iptables

admin:

Generated by iptables-save v1.2.9 on Sat Jul 17 11:45:30 2004 *nat REROUTING ACCEPT [100:4942] OSTROUTING ACCEPT [101:6552] UTPUT ACCEPT [191:11928] -A POSTROUTING -o ppp0 -p tcp -m tcp -j MASQUERADE -A POSTROUTING -o ppp0 -j MASQUERADE COMMIT # Completed on Sat Jul 17 11:45:30 2004 # Generated by iptables-save v1.2.9 on Sat Jul 17 11:45:30 2004 *filter :INPUT ACCEPT [0:0] ORWARD ACCEPT [0:0] UTPUT ACCEPT [2016:207181] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -s 209.132.176.4 -p udp -m udp --sport 123 --dport 123 -j ACCEPT -A RH-Firewall-1-INPUT -s 209.132.176.4 -p udp -m udp --sport 123 --dport 123 -j ACCEPT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i eth1 -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type 255 -j ACCEPT -A RH-Firewall-1-INPUT -p esp -j ACCEPT -A RH-Firewall-1-INPUT -p ah -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 4661 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 4662 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 6881 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Sat Jul 17 11:45:30 2004

/proc/sys/net/ipv4/ip_forward viskas teisingai, parashyta 1. Su networkingu dar esu visishkai zhalias. Reikia pagalbos.

Dead_Kennedy · Rugpjūtis 10, 2004, 12:00ryte

bl banga ishkraipe configa, nu tikiuosi suprasite

_dev_null · Rugpjūtis 10, 2004, 12:00ryte

echo “1” > /proc/sys/net/ipv4/ip_forward IPTABLES=/sbin/iptables EXTIF=" eth0" INTIF="eth1¨ $IPTABLES -P INPUT ACCEPT $IPTABLES -F INPUT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -F OUTPUT $IPTABLES -P FORWARD DROP $IPTABLES -F FORWARD $IPTABLES -t nat -F $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE Cia jei pastovaus isorinio IP neturi. O ta *bliamba*svta kur virsuje tai istrink. baisu ziureti.

Dead_Kennedy · Rugpjūtis 10, 2004, 12:00ryte

padariau kaip tu sakiai /dev/null, tada mano /etc/sysconfig/iptables atrodo taip:

tachiau vistiek winXP neto nera… kas gali buti netaip?

Socrates · Rugpjūtis 10, 2004, 12:00ryte

Pradziai tai, kad jokiai tinklushkei nereik nurodyt gateway. Uzdek INPUT ir OUTPUT i ACCEPT , o pac routinimas vyxta su POSTROUTING ish ppp0 i eth1 … tixliai cmd neacimenu.

Dead_Kennedy · Rugpjūtis 11, 2004, 12:00ryte

bandziau ir eth0 pakeisti i ppp0, vistiek tas pats… gal reikia kur nors add route padaryti?

Dead_Kennedy · Rugpjūtis 11, 2004, 12:00ryte

tai ka daugiau ideju nera?

Socrates · Rugpjūtis 11, 2004, 12:00ryte

nu pradziai sakau: INPUT, OUTPUT, FORWARD i ACCEPT sustatyk, o paskui kazkas tokio: iptables -t nat -A POSTROUTING -i ppp0 -o eth1 -j MASQUERADE … nu kazkas tokio tau duota pavyzdziu, be to turi manuala - imk ir bandyk.

_dev_null · Rugpjūtis 12, 2004, 12:00ryte

gal atsirastu jei padarytum ifconfig route iptables -L Ir windowsuose XP ipconfig /all ping 10.0.0.1 ping delfi.lt

_kostian · Rugpjūtis 12, 2004, 12:00ryte

o kaip turi atrodyt jeigu kompas turi isorini IP’a? (eth0: pc - inet; eth1: pc - pc) aciu.

_dev_null · Rugpjūtis 12, 2004, 12:00ryte

$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE keiciasi i $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to-source ISORINIS_IP

Dead_Kennedy · Rugpjūtis 12, 2004, 12:00ryte

ifconfig eth0 Link encap thernet HWaddr 52:54:00 4:08:82 inet6 addr: fe80::5054:ff:fee4:882/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1903 errors:0 dropped:0 overruns:0 frame:0 TX packets:1912 errors:0 dropped:0 overruns:0 carrier:0 collisions:1 txqueuelen:1000 RX bytes:1361507 (1.2 Mb) TX bytes:255264 (249.2 Kb) Interrupt:11 Base address:0xc000 eth1 Link encap thernet HWaddr 00:0B:6A 3:84:23 inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::20b:6aff:fef3:8423/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:87 errors:0 dropped:0 overruns:0 frame:0 TX packets:19 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:11923 (11.6 Kb) TX bytes:2213 (2.1 Kb) Interrupt:5 Base address:0x4000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope ost UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:88 errors:0 dropped:0 overruns:0 frame:0 TX packets:88 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:5472 (5.3 Kb) TX bytes:5472 (5.3 Kb) ppp0 Link encap oint-to-Point Protocol inet addr:151.202.104.144 P-t-P:10.32.107.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:1839 errors:0 dropped:0 overruns:0 frame:0 TX packets:1842 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:1317139 (1.2 Mb) TX bytes:210402 (205.4 Kb) route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.32.107.1 * 255.255.255.255 UH 0 0 0 ppp0 10.0.0.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 default 10.32.107.1 0.0.0.0 UG 0 0 0 ppp0 iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all – anywhere anywhere state RELATED,ESTABLISHED ACCEPT all – anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination tuoj windowsus papostinsiu…

Dead_Kennedy · Rugpjūtis 12, 2004, 12:00ryte

ipconfig /all Host Name . . . . . . . . . . . . : parents Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Mixed IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : domain.org Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : domain.org Description . . . . . . . . . . . : HP EN1207D-TX PCI 10/100 Fast Ethernet A apter Physical Address. . . . . . . . . : 00-10-B5-7D-62-37 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.0.0.254 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.0.0.1 DHCP Server . . . . . . . . . . . : 10.0.0.1 DNS Servers . . . . . . . . . . . : 10.0.0.1 Lease Obtained. . . . . . . . . . : Thursday, August 12, 2004 11:51:23 AM Lease Expires . . . . . . . . . . : Thursday, August 12, 2004 5:51:23 PM C:\Documents and Settings\Administrator> ping 10.0.0.1 Pinging 10.0.0.1 with 32 bytes of data: Reply from 10.0.0.1: bytes=32 time<1ms TTL=64 Reply from 10.0.0.1: bytes=32 time<1ms TTL=64 Reply from 10.0.0.1: bytes=32 time<1ms TTL=64 Reply from 10.0.0.1: bytes=32 time<1ms TTL=64 Ping statistics for 10.0.0.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\Documents and Settings\Administrator> **ping delfi.lt**C:\Documents and Settings\Administrator>ping delfi.lt Ping request could not find host delfi.lt . Please check the name and try again.

_dev_null · Rugpjūtis 12, 2004, 12:00ryte

? pala pala ka, ant Linux DNS serveris pakurtas pabandyk ping 82.135.156.21

_dev_null · Rugpjūtis 12, 2004, 12:00ryte

Vienzo susitvarkyk savo DHCP, kad duotu normalius DNS

Dead_Kennedy · Rugpjūtis 12, 2004, 12:00ryte

Mano /etc/dhcpd.conf parashyta: option nis-domain “domain.org”; option domain-name “domain.org”; option domain-name-servers 10.0.0.1; Tipo ash su tais DNS visai zhalias dar, gal galite padeti sutvarkyti man ta DNS? Va kiek zhinau ish mano isp saito: DSL settings * Primary DNS: 4.2.2.1 * Secondary DNS: 4.2.2.2 * Domain: dsl.verizon.net * Network protocol used: TCP/IP Beje dar turiu shitame kompe Windoes 2003 server instalines ir jis viska normaliai routina. Gal ish ten kokiu settings paimti?

_dev_null · Rugpjūtis 12, 2004, 12:00ryte

option nis-domain “dsl.verizon.net”; option domain-name “dsl.verizon.net”; option domain-name-servers 4.2.2.1;

Dead_Kennedy · Rugpjūtis 12, 2004, 12:00ryte

viskas veikia. Labai aciu /dev/null! Statau virtualaus