Quellcode |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
eth0 Link encap:Ethernet Hardware Adresse 00:0b:db:d4:ce:97 inet6-Adresse: fe80::20b:dbff:fed4:ce97/64 Gültigkeitsbereich:Verbindung UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1 RX packets:6507181 errors:0 dropped:0 overruns:0 frame:0 TX packets:7837985 errors:0 dropped:0 overruns:0 carrier:0 Kollisionen:0 Sendewarteschlangenlänge:1000 RX bytes:1097946718 (1.0 GiB) TX bytes:2661078544 (2.4 GiB) Interrupt:28 eth1 Link encap:Ethernet Hardware Adresse 00:0b:db:d4:ce:98 inet Adresse:192.168.1.1 Bcast:192.168.1.255 Maske:255.255.255.0 inet6-Adresse: fe80::20b:dbff:fed4:ce98/64 Gültigkeitsbereich:Verbindung UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1 RX packets:3418962 errors:0 dropped:0 overruns:0 frame:0 TX packets:4261489 errors:0 dropped:0 overruns:0 carrier:0 Kollisionen:0 Sendewarteschlangenlänge:1000 RX bytes:1664258026 (1.5 GiB) TX bytes:946657387 (902.8 MiB) Interrupt:29 lo Link encap:Lokale Schleife inet Adresse:127.0.0.1 Maske:255.0.0.0 inet6-Adresse: ::1/128 Gültigkeitsbereich:Maschine UP LOOPBACK RUNNING MTU:16436 Metrik:1 RX packets:4581 errors:0 dropped:0 overruns:0 frame:0 TX packets:4581 errors:0 dropped:0 overruns:0 carrier:0 Kollisionen:0 Sendewarteschlangenlänge:0 RX bytes:2077556 (1.9 MiB) TX bytes:2077556 (1.9 MiB) ppp0 Link encap:Punkt-zu-Punkt-Verbindung inet Adresse:212.60.209.193 P-z-P:10.11.0.1 Maske:255.255.255.255 UP PUNKTZUPUNKT RUNNING NOARP MULTICAST MTU:1480 Metrik:1 RX packets:5217971 errors:0 dropped:0 overruns:0 frame:0 TX packets:6168204 errors:0 dropped:0 overruns:0 carrier:0 Kollisionen:0 Sendewarteschlangenlänge:3 RX bytes:782239602 (746.0 MiB) TX bytes:1587938247 (1.4 GiB) |
Quellcode |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
default-lease-time 86400; max-lease-time 604800; log-facility local7; subnet 192.168.1.0 netmask 255.255.255.0 { host hermes { hardware ethernet 00:0e:a6:24:40:e0; fixed-address 192.168.1.2; option routers 192.168.1.1; option domain-name "my.olymp"; option domain-name-servers 192.168.1.1; option broadcast-address 192.168.1.255; }} |
Quellcode |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
# The loopback network interface auto lo iface lo inet loopback auto dsl-provider iface dsl-provider inet ppp pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf provider dsl-provider auto eth1 allow-hotplug eth1 iface eth1 inet static address 192.168.1.1 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 |
Quellcode |
|
1 2 3 4 5 |
Kernel-IP-Routentabelle Ziel Router Genmask Flags Metric Ref Use Iface 10.11.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 0.0.0.0 |
Quellcode |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
#!/bin/sh IPT=/sbin/iptables EXTIF=ppp0 INTIF=eth1 case "$1" in start) echo "1" > /proc/sys/net/ipv4/ip_dynaddr echo "1" > /proc/sys/net/ipv4/ip_forward $IPT -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT $IPT -A FORWARD -j LOG $IPT -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE ;; stop) echo "0" > /proc/sys/net/ipv4/ip_forward $IPT -t nat -F ;; restart) $0 stop /usr/bin/sleep 1 $0 start ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 ;; esac |
Quellcode |
|
1 2 3 |
echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE |
Ja, kann man einstellen, siehe "man 5 sysctl.conf", "sysctl net.ipv4.ip_forward", "man 8 iptables-restore", "man 5 interfaces" Sektion "IFACE OPTIONS" Absatz "post-up" und evtl. auch noch "less /etc/rc.local".Zitat
Original von Wolfi2001
meine frage ist nun ich mus immer wen der server neustartet das eingeben
Quellcode
1 2 3 echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
kan man das eingeben das er das von aleine macht
Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von »oziris« (09.04.2010, 17:49)
Quellcode |
|
1 |
man 5 sysctl.conf |
Quellcode |
|
1 |
sysctl net.ipv4.ip_forward |
Quellcode |
|
1 2 |
oz@invader:~$ /sbin/sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1 |
Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von »oziris« (09.04.2010, 22:51)
Quellcode |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additonal system variables # See sysctl.conf (5) for information. # #kernel.domainname = example.com # Uncomment the following to stop low-level messages on console #kernel.printk = 4 4 1 7 ##############################################################3 # Functions previously found in netbase # # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 # Uncomment the next line to enable TCP/IP SYN cookies # This disables TCP Window Scaling (http://lkml.org/lkml/2008/2/5/167), # and is not recommended. #net.ipv4.tcp_syncookies=1 # Uncomment the next line to enable packet forwarding for IPv4 #net.ipv4.ip_forward=1 # Uncomment the next line to enable packet forwarding for IPv6 #net.ipv6.conf.all.forwarding=1 ################################################################### # Additional settings - these settings can improve the network # security of the host and prevent against some network attacks # including spoofing attacks and man in the middle attacks through # redirection. Some network environments, however, require that these # settings are disabled so review and enable them as needed. # # Ignore ICMP broadcasts #net.ipv4.icmp_echo_ignore_broadcasts = 1 # # Ignore bogus ICMP errors #net.ipv4.icmp_ignore_bogus_error_responses = 1 # # Do not accept ICMP redirects (prevent MITM attacks) #net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 # _or_ # Accept ICMP redirects only for gateways listed in our default # gateway list (enabled by default) # net.ipv4.conf.all.secure_redirects = 1 # # Do not send ICMP redirects (we are not a router) #net.ipv4.conf.all.send_redirects = 0 # # Do not accept IP source route packets (we are not a router) #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_source_route = 0 # # Log Martian Packets #net.ipv4.conf.all.log_martians = 1 # # The contents of /proc/<pid>/maps and smaps files are only visible to # readers that are allowed to ptrace() the process # kernel.maps_protect = 1 |
Quellcode |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
SYSCTL.CONF(5) SYSCTL.CONF(5) NAME sysctl.conf - sysctl(8) preload/configuration file DESCRIPTION sysctl.conf is a simple file containing sysctl values to be read in and set by sysctl(8). The syntax is simply as follows: # comment ; comment token = value Note that blank lines are ignored, and whitespace before and after a token or value is ignored, although a value can contain whitespace within. Lines which begin with a # or ; are considered comments and ignored. EXAMPLE # sysctl.conf sample # |
Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von »Wolfi2001« (12.04.2010, 09:38)
Zitat
# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1