|
Zdraveite !
Ot 1 mesec imam edin stranen problem.
Znachi kym edin server Slackware 8.1 imam
route-nati 32 ip-ta.
Do predi 1 mesec sichko si beshe ok no neshto stana
i tezi klienti
deto sa sled servera ne mogat da dostignat ftp
servera mi.
Mashinata ima 2 adresa edin na ednata karta, i edin
na drugata.
Znachi pyrvia adres e 213.145.125.185 a vtoria
koito e kym klientite
e 213.145.125.193.
09:54:31.174852 213.145.125.195.1068 >
213.145.125.4.21: S 2408660119:2408660119(0) win 64240 <mss
1460,nop,nop,nop,nop> (DF)
Tova go gledam s tcpdump kogato klienta s adres
213.145.125.195 se
opitva da se connect kym 213.145.125.4 kydeto e
ftp-servera.
Interesnoto e che ako NAT-na negovoto IP kym
213.145.125.193 taka:
iptables -t nat -A POSTROUTING -s 213.145.125.195
-d 213.145.125.4 -j SNAT --to-source 213.145.125.193
ili taka
iptables -t nat -A POSTROUTING -s 213.145.125.195
-d 213.145.125.4 -j SNAT --to-source 213.145.125.185
vsichko zapochva da raboti.
No tova ne me ustroiva.
Pregledal sym vsichki firewall-i no nishto. Drugoto
interesno e che ako sloja niakoi klientski address
na eth1 kato alias i si nat-na kym nego si bachka.
Vlizam si v ftp-to ot klientskia address
no kogato tozi adres e sled mashinata deto e server
ne bachka.
Niakvi idei ?
|