|
|
RE: lug-bg: ipac+ipchains+mrtg
- Subject: RE: lug-bg: ipac+ipchains+mrtg
- From: bkrosnov@xxxxxxxx (Boyan Krosnov)
- Date: Thu, 12 Apr 2001 02:39:33 +0300
mda, trqbwa da prosledish ot kyde tochno iz kernela ti minawat paketite
po obratniq pyt ot lokalnoto ti proxy do kompjutyra kojto se e zakachil
kym nego.
po estestwo towa sa si spoofnati paketi koito twoeto pc prashta na
syotwetniq klient.
basiram se che shte minawat samo prez output chain-a.
BR,
--
Boyan Krosnov (http://www.nat.bg/~bkrosnov)
Network Administrator
Lirex BG Ltd.
> -----Original Message-----
> From: Hristo Nazarov [mailto:hristo@xxxxxxxxxxxx]
> Sent: Wednesday, April 11, 2001 11:14 AM
> To: lug-bg@xxxxxxxxxxxxxxxxxx
> Subject: lug-bg: ipac+ipchains+mrtg
>
>
> Zdrawejte,
> naskoro si instalirah ipac. Mnogo sam dowolen kak se sprawia.
> Obache imam
> malak problem s nastrojkata na ipchains...
> tova e chast ot ipchains -L -v
>
> 975 219K ipac_bth all ------ 0xFF 0x00 any
> anywhere anywhere n/a
> 975 219K ipac_in all ------ 0xFF 0x00 any
> anywhere anywhere n/a
> 170 9428 REDIRECT tcp ------ 0xFF 0x00 any
> ppp04.domain.net anywhere any -> www => www
>
>
> Chain ipac_in (1 references):
> pkts bytes target prot opt tosa tosx ifname mark
> outsize
> source destination ports
> 856 240K - all ------ 0xFF 0x00 eth0
> anywhere anywhere n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> anywhere ppp01.domain.net n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> anywhere ppp02.domain.net n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> anywhere ppp03.domain.net n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> anywhere ppp04.domain.net n/a
>
> Chain ipac_out (1 references):
> pkts bytes target prot opt tosa tosx ifname mark
> outsize
> source destination ports
> 820 232K - all ------ 0xFF 0x00 eth0
> anywhere anywhere n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> ppp01.domain.net anywhere n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> ppp02.domain.net anywhere n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> ppp03.domain.net anywhere n/a
> 0 0 - all ------ 0xFF 0x00 eth0
> ppp04.domain.net anywhere n/a
>
>
> Problema e che kogato prawia REDIRECT na paketi -
> ppp04.domain.net (pusnal
> sam edno transperantno proxy (SQUID) na sashtata mashina)
> Ne se otchitat tezi paketi (trafika ot REDIRECTA). Naskoro go
> zabeliazah i
> izglezda logichno. Obache kato se zamislia Kak da
> configuriram ipchains taka
> che hem Da si imam REDIRECT hem da mi prawi tochen
> accounting. Ne se seshtam
> za nishto Umno. Niakoj da se sehta kak da stane hubawinata?
> Tova e ipac.conf
>
> cat /etc/ipac.conf
> # $Id: ipac.conf,v 1.1 2000/02/25 19:05:10 moritz Exp $
> # Example config file with accounting rules
> # Install as /etc/ipac.conf
> #
> # Format:
> # Name of rule|direction|interface|protocol|source|destination
> #
> # where
> # Name of rule Any string to identify this rule
> # direction in | out
> # interface ip number or interface name
> # protocol tcp | udp | icmp | all
> # source \
> # destination both as described in ipfwadm(8), or empty
> # incoming:
> incoming all |in|eth0|all||
> incoming ttyS4 |in|eth0|all|0/0|192.168.255.161|
> incoming ttyS5 |in|eth0|all|0/0|192.168.255.162|
> incoming ttyS6 |in|eth0|all|0/0|192.168.255.163|
> incoming ttyS7 |in|eth0|all|0/0|192.168.255.164|
>
>
> #
> # Outgoing:
> outgoing all |out|eth0|all||
> outgoing ttyS4 |out|eth0|all|192.168.255.161|0/0|
> outgoing ttyS5 |out|eth0|all|192.168.255.162|0/0|
> outgoing ttyS6 |out|eth0|all|192.168.255.163|0/0|
> outgoing ttyS7 |out|eth0|all|192.168.255.164|0/0|
>
>
>
>
> ==============================================================
> =============
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd.
> - Stara Zagora
>
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|
|
|