ops... moq greshka, taka e, w iptables ne mojesh da polzwash -i pri POSTROUTING-a :(. Spored documentatziqta moje da stane kato predi towa si gi markirash. Do kolkoto stignah az kato ideq... slednoto trqa da raboti:
1: markirash si na forward kakvoto shte trqa da maskirash root# iptables -t mangle -A FORWARD -i ppp+ -j MARK --set-mark 1 2. w postrouting-a maskirash markiranite paketi ;) root# iptables -t nat -A POSTROUTING -m mark --mark 1 -j MASQUERADE ako nqkoi zabeleji greshka i/ili e rabotil po tazi ideq da me korigira ako gresha. slagam w FORWARD markiraneto zashtoto ako sa direktno za router-a mislq nqa ideq da se markirat/maskirat ;) nali? Ne sym go probwal no 1 byrzo google po wyprosa razprawq che trqa da raboti... probwai i pishi ;) kysmet mojesh da mark-wash (eksperimentalno) s chislo koeto e dwoina duma: s drugi dumi do 4 294 967 295 razlichni markirowki (0xFFFFFFFF)... koeto mislq shte ti stigne... po skoro shte ti swyrshi RAM-a/CPU-to ;]]] - markiraite na volq (btw: sled kratka sprawka tuk... stignahme do izwoda che chowek moje da si markira wsqka mashina ot IPv4 prostranstwoto s sobstwen marker)... ok de, ok, spiram se! za irc-to wij help-a na linux-a w /usr/src/linux/Documentation - tam si pishe kak da zadadesh portowete za irc. ICQ-to nqma modul za connection tracking (oshte) poradi koeto mu dai http proxy kakto kazah, novite versii rabotqt bez problem s SQUID ako se dade keep-alive optziq (10xz 2 silent). | On Wednesday 05 March 2003 18:24, you wrote: | Linux gate 2.4.19 #1 Wed Oct 16 16:56:12 EEST 2002 i686 unknown | ppp-2.4.1-3mppe | pptpd-1.1.3-2 | cpp-2.96-112.7.2 | tcp_wrappers-7.6-19 | pptp-linux-1.1.0-1 | | [EMAIL PROTECTED] ~]# /sbin/iptables -t nat -A POSTROUTING -s 192.168.101.0/24 | -i ppp+ -j MASQUERADE | iptables v1.2.5: Can't use -i with POSTROUTING | | sled towa slagam | /sbin/iptables -t nat -A POSTROUTING -s 192.168.101.0/24 -o ppp+ -j | MASQUERADE | oba4e ICQ I IRC ne wyrwqt | | | | -----Original Message----- | From: Doncho N. Gunchev [mailto:[EMAIL PROTECTED] | Sent: Wednesday, March 05, 2003 11:20 AM | To: [EMAIL PROTECTED] | Cc: rusan | Subject: Re: lug-bg: iptables | | A imash li ip_conntrack_ftp i ip_conntrack_irc? ICQ-to raboti prez | http | proxy(squid). ip_contrack_irc ima optzii za portowete... | Dai malko danni na tema kakwo qdro polzwash, kakyw pppd, poptp | versiq | ili, distro, versii... i taka natatyk. ============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================
