[Comm] Iptables ÞÕÄÅÓÁ
Pavel Shurubura
=?iso-8859-1?q?pvs_=CE=C1_vdnet=2Eru?=
÷Ô ïËÔ 26 17:05:28 MSD 2004
On Tue, 26 Oct 2004 11:19:10 +0500
Mike Lykov <combr ÎÁ vesna.ru> wrote:
> ÷ ÓÏÏÂÝÅÎÉÉ ÏÔ ÷ÔÏÒÎÉË 26 ïËÔÑÂÒØ 2004 11:09 Polovnikov Denis
> ÎÁÐÉÓÁÌ:
>
> > >> âÌÉÎ ÞÕÄÅÓÁ Ô×ÏÒÑÔÓÑ ÐÒÏÓÔÏ ÖÕÔØ ÚÁËÒÙ×ÁÀ ip × ÔÅÊÂÌÅ
> > >×ÓÅÍ ËÒÏÍÅ ÍÅÎÑ> -A FORWARD ! -s 192.168.12.200 -d
> > >209.8.101.130 -j DROP
>
> > îÁÒÏÄ ÈÏÄÉÔ × ÉÎÅÔ ÞÅÒÅÚ îáô Ñ ÈÏÞÕ ÚÁËÒÙÔØ ÄÌÑ ÄÏÓÔÕÐÁ ÜÔÏÔ
> > ip.
>
> ÞÉÔÁÊÔÅ ÄÏËÕÍÅÎÔÁÃÉÀ! NAT É -A FORWARD ÎÉËÁË ÎÅ Ó×ÑÚÁÎÙ.
>
ëÁË ÜÔÏ ?
ÐÅÒ×ÙÊ ÐÁËÅÔ ÉÄ£Ô ÞÅÒÅÚ ÔÁÂÌÉÃÕ nat, ÏÓÔÁÌØÎÙÅ ÞÅÒÅÚ FORWARD.
ðÒÏÓÔÏ ÎÁÄÏ ÐÉÓÁÔØ ÔÁË:
-A FORWARD -s ! 192.168.12.200 -d 209.8.101.130 -j DROP
(ÒÁÚÎÉÃÁ × ÒÁÓÐÏÌÏÖÅÎÉÉ ×ÏÓËÌÉÃÁÔÅÌØÎÏÇÏ ÚÎÁËÁ ).
ðÏÄÒÏÂÎÁÑ ÉÎÆÏÒÍÁÃÉÑ Ï ÓÐÉÓËÅ ÒÁÓÓÙÌËÉ community