| 1 |
Tuesday, April 28, 2009, 6:28:28 PM, Konstantin wrote: |
| 2 |
|
| 3 |
> Hello Sergey, |
| 4 |
|
| 5 |
> Tuesday, April 28, 2009, 18:21:45, you wrote: |
| 6 |
>> Tuesday, April 28, 2009, 6:08:01 PM, Konstantin wrote: |
| 7 |
|
| 8 |
>>> Hello Sergey, |
| 9 |
|
| 10 |
>>> Tuesday, April 28, 2009, 17:59:28, you wrote: |
| 11 |
>>>>> $IPTABLES -t nat -A PREROUTING -p TCP -s 0/0 -d $INET_IP --dport 7722 |
| 12 |
>>>>> -j DNAT --to-destination $INET_IP:22 |
| 13 |
>>>>> ÇÄÅ INET_IP ÅÓÔØ ×ÎÅÛÎÉÊ ÁÄÒÅÓ ÓÅÒ×ÅÒÁ |
| 14 |
|
| 15 |
>>>> ôÏÇÄÁ ÎÕÖÎÏ ÏÔËÒÙ×ÁÔØ 22 ÐÏÒÔ ÄÌÑ ×ÓÅÈ - ÓÍÙÓÌ × ÔÁËÏÍ ÐÒÁ×ÉÌÅ? |
| 16 |
|
| 17 |
>>> ÷ PREROUTING ÒÁÎØÛÅ ÐÒÁ×ÉÌÁ áÎÄÒÅÑ, ÍÏÖÎÏ ÚÁÐÒÅÔÉÔØ ÐÁËÅÔÙ ÎÁ 22 ÐÏÒÔ. |
| 18 |
>>> iptables -t mangle -I PREROUTING -d $INET_IP -p tcp --dport 22 -j DROP |
| 19 |
|
| 20 |
>>> ÷ ÒÅÚÕÌØÔÁÔÅ ÐÒÏÊÄÕÔ ÔÏÌØËÏ ÐÁËÅÔÙ ÉÄÕÝÉÅ ÎÁ ÐÏÒÔ 7722. |
| 21 |
|
| 22 |
>> á ÎÅ ÐÏÐÁÄÕÔ ÌÉ ÐÏÄ DROP ÐÒÁ×ÉÌÁ ÐÏÓÌÅ DNAT, ÉÄÕÝÉÅ ÎÁ <public_ip>:22? |
| 23 |
>> éÌÉ ÜÔÏ ÕÖÅ POSTROUTING? |
| 24 |
|
| 25 |
> ÷ PREROUTING ÎÁÓËÏÌØËÏ ÐÏÍÎÀ ÓÎÁÞÁÌÁ ÉÄ£Ô mangle ÚÁÔÅÍ nat. þÔÏ ÅÓÔØ |
| 26 |
> "<public_ip>:22"? |
| 27 |
|
| 28 |
äÁ, ÔÁË ÐÏÌÕÞÉÌÏÓØ - ÓÐÁÓÉÂÏ :) |
| 29 |
|
| 30 |
<public_ip>:22 - ÜÔÏ ×ÎÅÛÎÉÊ ÉÎÔÅÒÆÅÊÓ, 22 ÐÏÒÔ. |
| 31 |
|
| 32 |
|
| 33 |
-- |
| 34 |
Sergey |
Archives