RE: lug-bg: problem otnosno rutiraneto
- Subject: RE: lug-bg: problem otnosno rutiraneto
- From: bkrosnov@xxxxxxxx (Boyan Krosnov)
- Date: Tue, 7 May 2002 11:04:51 +0300
<inside_intf> e imeto na wytreshniq ti interface eth0, eth1 ....
WINS server se prawi sys samba. www.samba.org, tyrsi man page-a na
smb.conf.
lek den
Boyan
> -----Original Message-----
> From: linuxman [mailto:linuxman@xxxxxxx]
> Sent: Saturday, May 04, 2002 6:35 PM
> To: lug-bg@xxxxxxxxxxxxxxxxxx
> Subject: RE: lug-bg: problem otnosno rutiraneto
>
>
>
> aaaaaaaa OK.samo 2 vyprosa.kvo ozna4ava tova inside_intf.kvo 6e re4e.
> vtoriqt mi vypros e ot kyde moga da vida kak sepravi WINS server.
> ina4e si4ko drugo mi e qsno.mersi mnogo.pozdravi.
>
> > Kratkiq otgowor:
> > iptables -t nat -I POSTROUTING -i <inside_intf> -o <outside_intf> -s
> > <internalnet/mask> -d !<outsidenet/mask> -j SNAT --to <outside ip>
> > :)
> > Dylgiq otgowor:
> > Kato prawish SNAT kernela pazi systoqnieto na konekciite
> (state) koito
> > sa maskirani i pri poluchawane na paket po nqkoq ot tezi
> konekcii sys
> > destination ip <outside ip> go razmaskira. Syshto se sprawq i s
> > generiraneto prepredawaneto na kontrolni ICMP syobshteniq
> otnasqshti se
> > do tezi konekcii. Syshto mojesh da si instalirash protokolni
> > pomoshtnici
> > kato conntrack_ftp i conntrack_irc (+ syotwetnite im ipt
> moduli) koito
> > da syzdawat dopylnitelno prawila w tablicata za translaciite. Sys
> > spomenatoto po-gore iptables prawilo tablicata sys translaciite se
> > modificira samo za nowi konekcii koito otgowarqt na wsichkite tezi
> > uslowiq:
> > 1. idwat ot wytreshniq ti interface
> > 2. izlizat prez wynshniq interface
> > 3. sa sys source adres popadasht w mrejata <internalnet/mask>
> > 4. sa sys destination adres _NE_ popadasht w mrejata
> <outsidenet/mask>
> >
> > Ne e nujno da swyrzwash dwata etherneta za da imash ip
> swyrzanost m/u
> > maskiranata ti mreja i wynshnata ti mreja. Nito e nujno da
> go prawish
> > za
> > da ti se wijdat mashinite prez windowskiq network neighbourhood.
> >
> > W kakyv smisyl da gi 'wijdash' ? Da mogat da si browsewash share-ite
> > ili
> > da ima ip swyrzanost m/u tqh?
> > Ako imash w predwid da mogat da se browsewast pc-tata w
> windowskata ti
> > mreja w/u TCP/IP togawa ti trqbwa WINS server ili nqkakwo
> application
> > level CIFS proxy kato smbweb (maj taka se kazwashe, probwaj i smbwww
> > ako
> > ne mojesh da namerish smbweb). I posledno, shte ti e polezno da
> > hwyrlish
> > edin pogled na
> > http://www.samba.org/samba/ftp/docs/htmldocs/using_samba/.
> >
> > BR,
> > Boyan
> >
> > > -----Original Message-----
> > > From: linuxman [mailto:linuxman@xxxxxxx]
> > > Sent: Wednesday, May 01, 2002 1:07 PM
> > > To: lug-bg@xxxxxxxxxxxxxxxxxx
> > > Subject: RE: lug-bg: problem otnosno rutiraneto
> > >
> > >
> > >
> > > ne be ne.na4i maskiraneto si mi raboti na 6.vyprosa e 4e
> > > otvynka trqbva
> > > da vijdam pc-tata vyv vytre6nata mreja(i obratnoto - ot
> vutr. pc da
> > > vijdam vyn6nite).a za aliasa - trqbva vytre6nata mreja da
> mi ostane
> > > makirana.ako naprava alias 6e mahna ednata lan-karta i
> sled tova da i
> >
> > > sloja 2 IP-ta.tova li ima6 v predvid ???po vyn6nata mreja mi idva
> > > interneta i ot dostav4ika nqma li da mi vijdat vytr.pc-ta.to
> > > v toq slu4ai
> > > otpada maskiraneto.nomera e mrejata da si ostane maskirana za
> > > dostav4ika
> > > i tezi paketi deto sa za internet da se maskirat.a
> drugite deto sa za
> >
> > > vyn6nata mreja da se predavat bez maskirane.no ne znam dali
> > > moje da stane
> > > tova i za tova pitam vas(predpolagam 4e ste dosta pred men za
> > > tea raboti).
> > > tova e.aide 4ao
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > öèòèðàì Boyan Krosnov <bkrosnov@xxxxxxxx>:
> > >
> > > > Do kolkoto shwanah iskash opredelena usluga namirashta se
> > > na wytreshna
> > > > mashina da e dostypna ot 'otwyn'
> > > > towa stawa taka:
> > > > s iptables
> > > > iptables -t nat -I PREROUTING -p tcp -d <outside ip>
> > > --dport 80 -j DNAT
> > > > --to <inside ip>:80
> > > > towa forwardwa konekcii za 80-ti port na wynshniq ti adres
> > > do wytreshna
> > > > mashina na adres <inside ip> na port 80.
> > > >
> > > > Ako li pyk trqbwa da izkarash edin opredelen ip adres da e
> > > widim otwyn
> > > > mojesh s alias na wynshnata karta prez NAT (podoben na
> > > gorniq) ili da
> > > > slojish wynshen adres na wyprosnoto pc i da obqsnish na
> > > routera ti da
> > > > ne
> > > > maskira.
> > > >
> > > > Ako li pyk te razbera po drugiq wyzmojen nachin- che ne
> ti raboti
> > > > maskiraneto izobshto to togawa
> > > > iptables -t nat -I POSTROUTING -s <internalnet/mask> -j
> SNAT --to
> > > > <outside ip>
> > > >
> > > > Utochni se molq te, ako ne sym nacelil posokata na mislite ti :)
> > > >
> > > > BR,
> > > > Boyan
> > > >
> > > > > -----Original Message-----
> > > > > From: linuxman [mailto:linuxman@xxxxxxx]
> > > > > Sent: Tuesday, April 30, 2002 6:24 PM
> > > > > To: lug-bg@xxxxxxxxxxxxxxxxxx
> > > > > Subject: lug-bg: problem otnosno rutiraneto
> > > > >
> > > > >
> > > > >
> > > > > imam 1 problem.golqm problem.
> > > > > zna4i stava duma za malka ethernet mreja (5 pc).imam
> > > router koito mi
> > > > > trqbva za maskirane rutirane i syrver za ke6irane.ima
> 2 lan-karti
> > > > > pyrvata e vyn6nata po koqto mi idva interneta i
> vtorata vytre6na.
> > > > > rutera si maskira si4ko to4no.ot vynka ne me vijdat.oba4e
> > > na men mi
> > > > > trqbva da vijdam otvynka.ako nqkoi moje da mi pomogne
> > > neka go napravi
> > > >
> > > > > predvaritelno mu blagodarq.samo iskam da kaja 4e izklu4vame
> > > > > vyzmojnosta za
> > > > > ne znam no si govorihme s 1 priqtel i toi mi kaza 4e moje da
> > > > > stane s alias
> > > > > no ako naprava alias ednata karta nqma da e nujna.nqma li da
> > > > > se razmaskira
> > > > > mrejata ako ostana s 1 karta.nadqvam se 4e se nqkoi 6e otdel
> > > > > ot vremeto si
> > > > > da mi pomogne.mersi
> > > > > __________________________________
> > > > > 12MB-POP3-WAP-SMS---TOBA-E-mail.bG
> > > > > ----------------------------------
> > > > >
> > > > > " Ako uckame u Bue agpec B mail.bg
> > > > > ugeme myk: http://www.mail.bg/new/ "
> > > > >
> > > > > ==============================================================
> > > > > ==============
> > > > > A mail-list of Linux Users Group - Bulgaria
> (bulgarian linuxers).
> > > > > http://www.linux-bulgaria.org - Hosted by Internet Group Ltd.
> > > > > - Stara Zagora
> > > > > To unsubscribe:
> > > http://www.linux-> bulgaria.org/public/mail_list.html
> > > > >
> > >
> > > ==============================================================
> > > > > ==============
> > > > >
> > > >
> > > ==============================================================
> > > ============
> > > ==
> > > > A mail-list of Linux Users Group - Bulgaria (bulgarian
> linuxers).
> > > > http://www.linux-bulgaria.org - Hosted by Internet Group
> > > Ltd. - Stara
> > > > Zagora
> > > > To unsubscribe:
> http://www.linux-bulgaria.org/public/mail_list.html
> > > >
> > > ==============================================================
> > > ============
> > > ==
> > > >
> > >
> > > __________________________________
> > > 12MB-POP3-WAP-SMS---TOBA-E-mail.bG
> > > ----------------------------------
> > >
> > > " Ako uckame u Bue agpec B mail.bg
> > > ugeme myk: http://www.mail.bg/new/ "
> > >
> > > ==============================================================
> > > ==============
> > > A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> > > http://www.linux-bulgaria.org - Hosted by Internet Group Ltd.
> > > - Stara Zagora
> > > To unsubscribe:
> http://www.linux-> bulgaria.org/public/mail_list.html
> > >
>
> ==============================================================
> > > ==============
> > >
> >
> ==============================================================
> ============
> ==
> > A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> > http://www.linux-bulgaria.org - Hosted by Internet Group
> Ltd. - Stara
> > Zagora
> > To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> >
> ==============================================================
> ============
> ==
> >
>
> __________________________________
> 12MB-POP3-WAP-SMS---TOBA-E-mail.bG
> ----------------------------------
>
> " Ako uckame u Bue agpec B mail.bg
> ugeme myk: http://www.mail.bg/new/ "
>
> ==============================================================
> ==============
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd.
> - Stara Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> ==============================================================
> ==============
>
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|