Re: lug-bg: IP Masquerade traffic monitoring ?
- Subject: Re: lug-bg: IP Masquerade traffic monitoring ?
- From: zezo@xxxxxxx (Cvetan Ivanov)
- Date: Fri, 05 Mar 1999 03:32:49 +0200
Hello,
Dnes mi dojde edna po-dobra ideq za broene na lokalen/remote traffic -
da se izpolzvat ne accounting a IN/OUT pravilata.
razlikata e che accountinga nqma jump-out, t.e. ako edin paket otgovarq
na 5 pravila, i 5-te shte go prebroqt. Vsicki drugi pravila se prilagat
samo po edno, i sushto imat broqchi za trafik.
kartinkata stava takava
# za celiq subnet <-> lokalno
ipfwadm -I -a accept -S 192.168.0.0/24 -D masq_host -W eth0
ipfwadm -O -a accept -D 192.168.0.0/24 -S masq_host -W eth0
# za vsqko IP
ipfwadm -I -a accept -S 192.168.0.2 -W eth0
ipfwadm -O -a accept -D 192.168.0.2 -W eth0
...
etc...
# i ako nqma policy deny/reject:
ipfwadm -I -a deny -W eth0
ipfwadm -O -a deny -W eth0
kato purvite pravila trqbva da se prilojat i za dvata adresa na
masq_host - istinskiq i v LAN-a
zezo
Pavel Milev wrote:
>
> Dobre, ama tochno po tioa nachin shte broish vsichko
> minavashto prez eth0, vkljuchitelno i telnet sesiite
> do gateway-a , ftp sesiite i t.n.
==================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
For more send to lug-bg-request@xxxxxxxxxxxx a single word 'info'
==================================================================
|