Re: lug-bg: do vesselin
- Subject: Re: lug-bg: do vesselin
- From: kleo@xxxxxxxxxxx (Kliment Ognianov)
- Date: Thu, 27 Sep 2001 15:15:45 +0300
Vesselin Kolev wrote:
>Ami ne znam dali shte se natovari. Zavisi ot mnogo neshta.
>No ako si pusnal DNS, ipchains (vkl. masquarade) i edin
>sendmail mozhe i da se spravi. Pone opita mi pokazva tova.
>Az sam puskal RedHat 6.2 Zoot, koeto si e zheliazna distribucia,
>na 486 DX 4 i si raboteshe dobre. pri tova beshe router na
>mrezha ot 30 computera. Viarno, ne beshe neshto super, no
>raboteshe zadovolitelno... a ako ti si s 56 Kbps modemna vryzka
>edva li ti e nuzhno neshto poveche.
>
Red Hat 6.0 vs. FreeBSD 4.3 íà 33,600 K/s ñ òðàôèê ìàëêî íàä 8 GB íà ìåñåö
íå ïîêàçâàò ïî÷òè íèêàêâî íàòîâàðâàíå...ïðè òîâà òðàôèêà å ÃËÀÂÍÎ îò
åëåêòðîííà ïîùà è ÷àò-ïàò web-çàÿâêè. BSD-òî ñå ñïðàâÿ ïî-ëåêî ðàçáèðà ñå,
íî íå å êîé çíàå êàêúâ äÿâîë :)
Âåñî, çíàåø ñèòóàöèÿòà â ñòàðèÿ ìè îôèñ...çà òîâà ãîâîðÿ.
Àêî å ïîðÿäú÷íî êîíôèãóðèðàí ñúðâúðúò ðàáîòè ïåðôåêòíî è âúîáùå íå ñå
âëèÿå îò ðàçëèêàòà ì/ó 33,6 K/s è 56,0 K/s!
>Razbira se, predpolagam, che
>ti ne obsluzhvash server za dostavka na elektronna poshta i
>shte imash poveche resursi taka...
> Ipchains triabvda da varvi bezproblemno pri teb... e, pochti bezproblemno.
>Ako ti niamash pusnati nikakvi services, koito shte obsluzhvat vhodni zaiavki
>smelo napishi eto tova:
>
>ipchains -A input -i ppp0 -p 1 -s 0/0 0:0 -j ACCEPT
>ipchains -A input -i ppp0 -p 1 -s 0/0 3:3 -j ACCEPT
>ipchains -A input -i ppp0 -p 1 -s 0/0 11:11 -j ACCEPT
>ipchains -A input -i ppp0 -p 1 -s 0/0 -j DENY
>ipchains -A input -i ppp0 -p 6 -y -s 0/0 -j DENY
>
>i v osbti linii si gotov. Ako iskash da maskirash triabva da
>dobavish red za maskirane. Ako na PC-tata v mrezhata si
>zadal VPN-ski IP-ta
>
Ïðè VPN-à íå ñà ëè ñ ðåàëíè àäðåñè, àêî íå ìå ëúæå ïàìåòòà?
Èíà÷å êàêúâ VPN ùå å?
>napr. izbral si mrezha 192.168.1.0 s
>netmaska 255.255.255.0, to pri teb na eth0 ima adresa 192.168.1.1
>za da maskirash dobavi redovete
>
>ipchains -A input -i eth0 -s 192.168.1.0/24 -d 192.168.1.1 -j ACCEPT
>ipchains -A forward -i ppp0 -s 192.168.1.0/24 -d 0/0 -j MASQ
>
ipchains -A forward -s 192.168.1.0/24 -d ! 192.168.1.0/24 -j MASQ
Èíà÷å ùå òè ìàñêèðà è ïàêåòèòå âúâ intranet-à, à íå òè òðÿáâà.
Îñâåí òîâà ùå ñè ñïåñòèø ðàçíè íåïðèÿòíîñòè...
--
.............................................
: Kliment Ognianov :
: Junior System Administrator & Developer :
: ISP Networks Department :
: BulInfo Ltd. :
:...........................................:
: ICQ #16864572, #64866894 :
:...........................................:
: http://www.bulinfo.net/ :
.............................................
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|