Merhaba
DHCP sunucumla ip ve dns bilgisi dağıttığım sunucumun 2. ethernet kartına
adsl modemimi bağladım ne gibi bir iptables ayarı gerektiği konusuunda
yardımcı olabilecek olan var mı? Kendim webmin kullanarak bişeyler yapmaya
çalıştım ama beceremedim sunucuda internet var clientlarda yok. Gerekli
bilgiler:
[r...@server ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
dsl.static.85-1 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default * 0.0.0.0 U 0 0 0 ppp0
-------------
[r...@server ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:24:81:C7:40:6F
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::224:81ff:fec7:406f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3207 errors:0 dropped:0 overruns:0 frame:0
TX packets:567 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:363808 (355.2 KiB) TX bytes:67355 (65.7 KiB)
eth1 Link encap:Ethernet HWaddr 00:08:A1:8F:2E:C9
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::208:a1ff:fe8f:2ec9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7483 errors:0 dropped:0 overruns:0 frame:0
TX packets:5847 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4208866 (4.0 MiB) TX bytes:1016700 (992.8 KiB)
Interrupt:18 Base address:0x1100
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:18657 errors:0 dropped:0 overruns:0 frame:0
TX packets:18657 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10021622 (9.5 MiB) TX bytes:10021622 (9.5 MiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:10253 errors:0 dropped:0 overruns:0 frame:0
TX packets:2604 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:993887 (970.5 KiB) TX bytes:286129 (279.4 KiB)
Memory:f0180000-f01a0000
ppp0 Link encap:Point-to-Point Protocol
inet addr:85.105.241.XXX P-t-P:85.105.240.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:2152 errors:0 dropped:0 overruns:0 frame:0
TX packets:2250 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1622078 (1.5 MiB) TX bytes:382728 (373.7 KiB)
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:2517 errors:0 dropped:0 overruns:0 frame:0
TX packets:8707 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:272333 (265.9 KiB) TX bytes:900140 (879.0 KiB)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:4473 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:528773 (516.3 KiB) TX bytes:0 (0.0 b)
[r...@server ~]#
------------
[r...@server ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp
dpt:ssh
ACCEPT udp -- anywhere anywhere state NEW udp
dpt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp
dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp
dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp
dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp
dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp
dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:ndmp
state NEW
REJECT all -- anywhere anywhere reject-with
icmp-host-prohibited
[r...@server ~]#
--
Teşekkürler...
_______________________________________________
Linux-sunucu E-Posta Listesi
[email protected]
Liste kurallarını http://liste.linux.org.tr/kurallar.php bağlantısından
okuyabilirsiniz;
Bu Listede neden bulunduğunuzu bilmiyorsanız veya artık bu listeden gelen
e-postaları almak istemiyorsanız aşağıdaki bağlantı adresini kullanarak 1
dakika içinde üyeliğinizi sonlandırabilirsiniz.
http://liste.linux.org.tr/mailman/listinfo/linux-sunucu
