dns port forward
himbaATvolja.net
himba at volja.net
Mon Feb 17 19:54:00 CET 2003
helou,
a je potrebno se kaj dodati, na 2.2 kernelu, v ipchains se kaksen rule
poleg teh, da bi dobil forwardirana porta 53 (tcp in udp) na masini
znotraj lana. obstojeci ipchains ruli:
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward DENY > /dev/null
ipchains -A forward -i ${OUTSIDE_DEVICE} -j MASQ > /dev/null
ipchains -A input -p TCP -d ${OUTSIDE_IP} 53 -j ACCEPT
ipmasqadm portfw -a -P tcp -L ${OUTSIDE_IP} 53 -R 192.168.1.2 53
ipchains -A input -p UDP -d ${OUTSIDE_IP} 53 -j ACCEPT
ipmasqadm portfw -a -P udp -L ${OUTSIDE_IP} 53 -R 192.168.1.2 53
ipchains -A input -p TCP -y -d ${OUTSIDE_IP} -j DENY
lp, himba
More information about the lugos-list
mailing list