Re: Шлюз Интернет
Dmitry Mityugov
dmitry.mityugov на gmail.com
Сб Мар 31 17:04:04 BST 2007
On 3/31/07, Коржевин Дмитрий Константинович <knc на voliacable.com> wrote:
> Помогите пожалуйста разобраться в вопросе распределения Интернет на
> второй домашний компьютер
...
Вдогонку к предыдущему ответу - вот что я делал для того-же самого с
помощью shorewall (в моём случае, 192.168.0.x был "внешним", а
10.x.x.x - внутренним интерфейсом, самба-сервер виден и изнутри и
"снаружи"):
Configured shorewall as per www.shorewall.net/shorewall_quickstart_guide.htm:
* changed IP_FORWARDING to On in /etc/shorewall/shorewall.conf
* made sure DISABLE_IPV6 set to Yes in /etc/shorewall/shorewall.conf
* copied /usr/share/doc/shorewall/examples/two-interfaces/zones to
/etc/shorewall
* copied /usr/share/doc/shorewall/examples/two-interfaces/policy
to /etc/shorewall
* enabled "$FW net ACCEPT" rule in /etc/shorewall/policy
* copied /usr/share/doc/shorewall/examples/two-interfaces/interfaces
to /etc/shorewall
* removed the 'norfc1918' option from the external interface's
entry in /etc/shorewall/interfaces
* copied /usr/share/doc/shorewall/examples/two-interfaces/masq to
/etc/shorewall
* copied /usr/share/doc/shorewall/examples/two-interfaces/rules to
/etc/shorewall
* added "ACCEPT loc $FW" rule to /etc/shorewall/rules
* changed startup from 0 to 1 in /etc/default/shorewall
* issued sudo shorewall start command
* added "ACCEPT $FW loc" rule to /etc/shorewall/rules (to let
Samba send broadcast packets for example)
* added "SMB/ACCEPT $FW net" and "SMB/ACCEPT net $FW" rules to
/etc/shorewall/rules
--
Dmitry Mityugov, St. Petersburg, Russia
I ignore all messages with confidentiality statements
"We live less by imagination than despite it" - Rockwell Kent, "N by E"
Подробная информация о списке рассылки ubuntu-ru