Linux-Bulgaria.ORG

навигация

начало

пощенски списък

архив на групата

По Дата

Re: lug-bg: iptables "match mark" problem

Subject: Re: lug-bg: iptables "match mark" problem
From: danchev@email.domain.hidden (George Danchev)
Date: Fri, 7 Mar 2003 10:26:23 +0200


On 07 03 2003 10:09, Georgi Chorbadzhiyski wrote:
<em class="quotelev1">> Çäðàâåéòå,
<em class="quotelev1">> 
<em class="quotelev1">> èäåÿòà å ñëåäíàòà ìàðêèðàì ñè áúëãàðñêèòå ìðåæè ñ 16. Âñè÷êè îñòàíàëè
<em class="quotelev1">> ñ 8. Èñêàì äà èçïîëçâàì òîâà ìàðêèðàíå çà äà ìîãà çàÿâêèòå çà áúëãàðñêè
<em class="quotelev1">> ìðåæè äà ãè ìàñêèðàì çàä îïðåäåëåíî IP.
<em class="quotelev1">> 
<em class="quotelev1">> iptables -A PREROUTING -t nat -s 10.0.0.0/8 --match mark --mark 16 -j SNAT
<em class="quotelev1">> --to 193.110.159.3 
<em class="quotelev1">> Òîâà ñïîðåä âñÿêà äîêóìåíòàöèÿ êîÿòî óñïÿõ äà èçðîâÿ òðÿáâà äà ðàáîòè,
<em class="quotelev1">> îáà÷å âìåñòî òîâà ïîëó÷àâàì ãðåøêà
<em class="quotelev1">> 
<em class="quotelev1">> iptables: Invalid argument
<em class="quotelev1">> 
<em class="quotelev1">> Íÿêàêâè èäåè?
<em class="quotelev1">> 
<em class="quotelev1">> P.S. Ïðåäè äà êàæåòå ÷å mark ìîäóëà íå ðàáîòè èçîáùî, íå å òîâà :) Ñëåäíèÿò
<em class="quotelev1">> ðåä ñè ðàáîòè ïåðôåêòíî
<em class="quotelev1">> 
<em class="quotelev1">> # Tuka kvo treve da se vidi samo ot BG
<em class="quotelev1">> iptables -A FORWARD -s ! 193.110.159.0/24 -d 193.110.159.37 --match mark
<em class="quotelev1">> --mark 8 -j REJECT 
<em class="quotelev1">> P.P.S. Ìðåæèòå ñà ìàðêèðàíè ïî ñëåäíèÿò íà÷èí:
<em class="quotelev1">> 
<em class="quotelev1">> iptables -F -t mangle
<em class="quotelev1">> iptables -A PREROUTING -t mangle -j MARK --set-mark 8
<em class="quotelev1">> 
<em class="quotelev1">> sort -n bg_nets bg_nets_unlisted | \
<em class="quotelev1">> while read NET
<em class="quotelev1">> do
<em class="quotelev1">>         iptables -A PREROUTING -t mangle -s $NET -j MARK --set-mark 16
<em class="quotelev1">>         iptables -A PREROUTING -t mangle -d $NET -j MARK --set-mark 16
<em class="quotelev1">> done

e da raboti OK, no MARK (--set-mark ) e _ONLY_ za -t mangle... za filter i nat 
tables maj nqma kak da stane... (t.e. ti v mangle table, izkrivqvash ili 
izopa4avash paketite taka da se kazhe;-)


-- 
printk("Greets, fr33zb1\n");
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================

Относно:
- lug-bg: iptables "match mark" problem
  - Изпратено от: gf@email.domain.hidden (Georgi Chorbadzhiyski)

Предишно по дата: lug-bg: iptables "match mark" problem
Следващо по дата: Re: lug-bg: iptables "match mark" problem
Предишно по тема: lug-bg: iptables "match mark" problem
Следващо по тема: Re: lug-bg: iptables "match mark" problem
Индекс:
- По дата
- По тема

наши приятели

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

Linux-Bulgaria.ORG

Re: lug-bg: iptables &quot;match mark&quot; problem

Re: lug-bg: iptables "match mark" problem