Selam arkadaşlar,
Sistemimde (debian testing ) transparent proxy kurulu yani squid+ iptables +
dansguardian çalışıyor. ( iki interface var. eth0 = lan eth1=wan )
Sisteme dsniff kurdum. Fakat "msgsnarf -i eth1" veya eth10 şeklinde
çaliştirdiğim zaman kendi üzerindeki msn mesajlarını görebiliyorum ama proxy
den çikanları yakalayamıyor. iptables daki maskeleme mi engel oluyor. Çözüm
yolu önerebilecek arkadaşlara teşekkür ederim.
IPTABLES
---------------------------------------------
#!/bin/bash
iptables=/sbin/iptables
waninterface="eth0"
laninterface="eth1"
loop="lo"
dis_ag=192.168.1.0/24
ic_ag=192.168.2.0/24
squidsrvip="192.168.2.1:3128"
dansgsrvip="192.168.2.1:8080"
echo 1 > /proc/sys/net/ipv4/ip_forward
$iptables -F INPUT
$iptables -F OUTPUT
$iptables -F FORWARD
$iptables -P INPUT DROP
$iptables -P OUTPUT ACCEPT
$iptables -P FORWARD ACCEPT
#$iptables -A INPUT -j DROP -i $laninterface ! -s 192.168.2.0/255.255.255.0
#$iptables -A FORWARD -j DROP -i $laninterface ! -s 192.168.2.0/255.255.255.0
#$iptables -A INPUT -j DROP -i $loop ! -s 127.0.0.1/255.0.0.0
#$iptables -A FORWARD -j DROP -i $loop ! -s 127.0.0.1/255.0.0.0
#$iptables -t nat -A PREROUTING -p tcp -m mac --mac-source $i -d ! $dis_ag
--dport 80 -j DNAT --to $squidsrvip
$iptables -t nat -A PREROUTING -p tcp -s $ic_ag -d ! 192.168.2.1/32 --dport
80 -j DNAT --to $dansgsrvip
$iptables -t nat -A PREROUTING -p tcp -s $ic_ag -d 192.168.2.1/32 --dport 80
-j DNAT --to $squidsrvip
$iptables -t nat -A PREROUTING -p tcp -s $ic_ag -d ! $dis_ag --dport 80 -j
DNAT --to $dansgsrvip
$iptables -t nat -A PREROUTING -p tcp -s $ic_ag -d ! 192.168.2.1/32 --dport
3128 -j DNAT --to $dansgsrvip
$iptables -t nat -A PREROUTING -p tcp -s $ic_ag -d ! $dis_ag --dport 80 -j
DNAT --to $dansgsrvip
#$iptables -t nat -A PREROUTING -p tcp -s $ic_ag -d! $dis_ag --dport 22 -j DNAT
--to $dansgsrvip
$iptables -t nat -A POSTROUTING -p tcp -s 192.168.2.0/24 -d ! 192.168.1.0/24
--dport 3690 -j MASQUERADE
$iptables -t nat -A POSTROUTING -s $ic_ag -o $waninterface -j \
LOG --log-tcp-options --log-ip-options --log-prefix '[IPTABLES MASQUERADE] : '
$iptables -t nat -A POSTROUTING -o $waninterface -j MASQUERADE
$iptables -A INPUT -j ACCEPT -i $loop
$iptables -A INPUT -j ACCEPT -i $laninterface
$iptables -A INPUT -s 85.105.xxx.xxx -j ACCEPT
$iptables -A INPUT -s 88.249.xxx.xxx-j ACCEPT
$iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$iptables -A INPUT -m state --state RELATED,ESTABLISHED -j LOG --log-prefix
'Cikislar
_________________________________________________________________
Hotmail: Trusted email with powerful SPAM protection.
https://signup.live.com/signup.aspx?id=60969_______________________________________________
Linux-guvenlik mailing list
[email protected]
http://liste.linux.org.tr/mailman/listinfo/linux-guvenlik
Liste kurallari: http://liste.linux.org.tr/kurallar.php
