Hallo Semua, Mau nanya NAT nih, saya pakai Suse 7.3 kernel 2.4(udah di compile) dan lagi eksperimen dengan NAT skript rc.firewallnya:
echo 1 > /proc/sys/net/ipv4/ip_forward modprobe ip_tables iptable_filter ip_conntrack ip_conntrack_ftp modprobe iptable_nat ip_nat_ftp ipt_LOG ipt_MASQUERADE iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 MASQUERADE iptables -P FORWARD DROP iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -A INPUT -m unclean -j DROP iptables -t nat -A PREROUTING -i eth0 -s 192.168.0.0/24 -j DROP iptables -t nat -A PREROUTING -i eth0 -s 10.2.10.0/200 -j DROP iptables -A FORWARD -i eth0 -s 192.168.0.0/24 -j DROP iptables -A FORWARD -i eth0 -s 10.2.10.0/200 -j DROP # DNS (10.2.11.1->nameserver) iptables -A FORWARD -i eth1 -p TCP -d 10.2.11.1 --dport 53 -j ACCEPT iptables -A FORWARD -i eth1 -p UDP -d 10.2.11.1 --dport 53 -j ACCEPT iptables -A FORWARD -i eth0 -p TCP -s 10.2.11.1 --dport 53 -j ACCEPT iptables -A FORWARD -i eth0 -p UDP -s 10.2.11.1 --dport 53 -j ACCEPT iptables -A FORWARD -i eth1 -p TCP --dport 80 -j ACCEPT iptables -A FORWARD -i eth0 -p TCP --dport 80 -j ACCEPT iptables -A FORWARD -i eth1 -p TCP --dport 21 -j ACCEPT iptables -A FORWARD -i eth0 -p TCP --dport 21 -j ACCEPT iptables -A FORWARD -p ICMP --icmp-type 0 -j ACCEPT iptables -A FORWARD -p ICMP --icmp-type 3 -j ACCEPT iptables -A FORWARD -p ICMP --icmp-type 5 -j ACCEPT iptables -A FORWARD -p ICMP --icmp-type 11 -j ACCEPT problemnya,.. 1. Linux menolak menjalankan skriptnya, ( saya letakin di /etc/rc.d/boot.local ) error :Permission Denied 2. kalo saya paksa jalanin di r3.d (runlevel 3) tetap nggak bisa ngakses dari masqurade net (192.168.0.0/24) ke 10.2.11.0. kira kira rekan rekan bisa kasih tau salahnya dimana.... makasih sebelumnya Erwin -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3
