|
|
lug-bg: iptables "match mark" problem
- Subject: lug-bg: iptables "match mark" problem
- From: gf@email.domain.hidden (Georgi Chorbadzhiyski)
- Date: Fri, 07 Mar 2003 10:09:50 +0200
Çäðàâåéòå,
èäåÿòà å ñëåäíàòà ìàðêèðàì ñè áúëãàðñêèòå ìðåæè ñ 16. Âñè÷êè îñòàíàëè
ñ 8. Èñêàì äà èçïîëçâàì òîâà ìàðêèðàíå çà äà ìîãà çàÿâêèòå çà áúëãàðñêè
ìðåæè äà ãè ìàñêèðàì çàä îïðåäåëåíî IP.
iptables -A PREROUTING -t nat -s 10.0.0.0/8 --match mark --mark 16 -j SNAT --to 193.110.159.3
Òîâà ñïîðåä âñÿêà äîêóìåíòàöèÿ êîÿòî óñïÿõ äà èçðîâÿ òðÿáâà äà ðàáîòè,
îáà÷å âìåñòî òîâà ïîëó÷àâàì ãðåøêà
iptables: Invalid argument
Íÿêàêâè èäåè?
P.S. Ïðåäè äà êàæåòå ÷å mark ìîäóëà íå ðàáîòè èçîáùî, íå å òîâà :) Ñëåäíèÿò ðåä
ñè ðàáîòè ïåðôåêòíî
# Tuka kvo treve da se vidi samo ot BG
iptables -A FORWARD -s ! 193.110.159.0/24 -d 193.110.159.37 --match mark --mark 8 -j REJECT
P.P.S. Ìðåæèòå ñà ìàðêèðàíè ïî ñëåäíèÿò íà÷èí:
iptables -F -t mangle
iptables -A PREROUTING -t mangle -j MARK --set-mark 8
ort -n bg_nets bg_nets_unlisted | \
while read NET
do
iptables -A PREROUTING -t mangle -s $NET -j MARK --set-mark 16
iptables -A PREROUTING -t mangle -d $NET -j MARK --set-mark 16
done
<p>
--
Georgi Chorbadzhiyski
http://georgi.unixsol.org/
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|
|
|