[EMAIL PROTECTED] wrote: >Am urmatorul script prin care dau acces la internet doar anumitor statii >din reteaua locala. >#!/bin/bash > >iptables -F >iptables -t nat -F > >#Inchid unele porturi pentru a proteja windowsul de unii virusi >iptables -I FORWARD -p tcp --dport 137:139 -j DROP >iptables -I FORWARD -p udp --dport 137:139 -j DROP >iptables -I FORWARD -p tcp --dport 415 -j DROP > >#SNAT > >iptables -t nat -I POSTROUTING -s 172.27.37.2 -d 172.27.37.1 -j SNAT --to 82.77.126.77 >iptables -t nat -I POSTROUTING -s 172.27.37.3 -d 172.27.37.1 -j SNAT --to 82.77.126.77 >iptables -t nat -I POSTROUTING -s 172.27.37.4 -d 172.27.37.1 -j SNAT --to 82.77.126.77 >iptables -t nat -I POSTROUTING -s 172.27.37.5 -d 172.27.37.1 -j SNAT --to 82.77.126.77 > >Doresc ca tot traficul sa fie realizat prin squid. Am configurat squid-ul, >am introdus in script urm linie: >iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 > regula asta nu se executa daca adaugi (-A) dupa regulile de SNAT. foloseste tot -I
-- The sooner you fall behind, the more time you'll have to catch up. --- Detalii despre listele noastre de mail: http://www.lug.ro/
