| 1 |
úÄÒÁ×ÓÔ×ÕÊÔÅ, Maxim.
|
| 2 |
|
| 3 |
÷Ù ÐÉÓÁÌÉ 21 ÎÏÑÂÒÑ 2005 Ç., 18:19:49:
|
| 4 |
|
| 5 |
MI> óÐÁÓÉÂÏ ÚÁ ÐÏÄÓËÁÚËÕ! ÷ ÉÔÏÇÅ ËÏÎÆÉÇ ÆÁÅÒ×ÏÌÁ ÐÒÅ×ÒÁÔÉÌÓÑ × ÓÌÅÄÕÀÝÅÅ:
|
| 6 |
MI> ====================/etc/ppp/ip-up.local==========================
|
| 7 |
MI> EXTIF=ppp+
|
| 8 |
|
| 9 |
MI> ANY=0.0.0.0/0
|
| 10 |
|
| 11 |
MI> iptables -F
|
| 12 |
MI> iptables -t nat -F
|
| 13 |
MI> iptables -t mangle -F
|
| 14 |
MI> iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
|
| 15 |
MI> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
| 16 |
MI> iptables -A INPUT -m state --state NEW -i ! $EXTIF -j ACCEPT
|
| 17 |
MI> iptables -A INPUT -m state --state NEW -i $EXTIF -j LOG
|
| 18 |
MI> iptables -A INPUT -p icmp -j ACCEPT
|
| 19 |
MI> iptables -A INPUT -i $EXTIF -d $ANY -p udp --dport 0:1023 -j LOG
|
| 20 |
MI> iptables -A INPUT -i $EXTIF -d $ANY -p tcp --dport 0:1023 -j LOG
|
| 21 |
MI> iptables -P INPUT DROP
|
| 22 |
MI> =========================================================
|
| 23 |
|
| 24 |
MI> îÏ ×ÏÚÎÉËÌÁ ÄÒÕÇÁÑ ÐÒÏÂÌÅÍÁ. ip-up.local ÎÅ ×ÙÐÏÌÎÑÅÔÓÑ ÐÒÉ ËÏÎÎÅËÔÅ! èÏÔÑ ×
|
| 25 |
MI> ËÏÎÃÅ /etc/ppp/ip-up ÅÓÔØ ÓÔÒÏËÁ:
|
| 26 |
MI> [ -f /etc/ppp/ip-up.local ] && . /etc/ppp/ip-up.local "$@"
|
| 27 |
|
| 28 |
MI> Ô.Å. ÏÎ ÖÅ ÄÏÌÖÅÎ ×ÙÐÏÌÎÑÔØÓÑ! åÓÌÉ ÐÏÌÓÅ ËÏÎÎÅËÔÁ ×ÒÕÞÎÕÀ ÚÁÐÕÓÔÉÔØ
|
| 29 |
MI> /etc/ppp/ip-up.local ÔÏ ÏÎ ×ÙÐÏÌÎÑÅÔÓÑ É ÆÁÅÒ×ÏÌØÎÙÅ ÐÒÁ×ÉÌÁ ÓÏÚÄÁÀÔÓÑ.
|
| 30 |
|
| 31 |
MI> --
|
| 32 |
MI> Maxim Ivanov <redbaron@××××.ru>
|
| 33 |
éÔÁË, ÐÏ-ÐÏÒÑÄËÕ:
|
| 34 |
|
| 35 |
#/etc/ppp/ip-up.local
|
| 36 |
#/etc/init.d/iptables save
|
| 37 |
#rc-update add iptables default
|
| 38 |
|
| 39 |
Á × ËÏÎÅà /etc/conf.d/local.start ÄÏÂÁ×Ø ÓÔÒÏËÕ:
|
| 40 |
echo 1 > /proc/sys/net/ipv4/ip_forward
|
| 41 |
|
| 42 |
ôÁË ÜÔÏ ×ÒÏÄÅ-ÂÙ ÄÅÌÁÅÔÓÑ, ÉÌÉ Ñ ÞÅÇÏ-ÔÏ ÎÅ ÐÏÎÉÍÁÀ;))
|
| 43 |
|
| 44 |
--
|
| 45 |
ó Õ×ÁÖÅÎÉÅÍ,
|
| 46 |
Tropyichev Andrey mailto:postmaster@××××××.net
|
| 47 |
|
| 48 |
--
|
| 49 |
gentoo-user-ru@g.o mailing list |
Archives