Posted on 2004/03/03 13:32
Filed Under 리눅스기술문서/서버관련 조회수:

#
# pppo/eth1을 각각 EXTIF/INTIF 변수로 선언
#
EXTIF="eth0"
INTIF="eth1"
echo "---> External Ethernet Interface : $EXTIF"
echo "---> Internal Ethernet Interface : $INTIF"

#
# iptables + ftp 사용을 위한 모듈 등록
#
echo "---> iptables module up <---"
/sbin/depmod -a
/sbin/insmod ip_tables
/sbin/insmod ip_conntrack
/sbin/insmod ip_conntrack_ftp
/sbin/insmod ip_nat_ftp
/sbin/insmod iptable_nat

#
# ip_forward 를 위한 커널매개변수 수정
#
echo "1" > /proc/sys/net/ipv4/ip_forward

#
# Dynamic IP 사용을 위한 커널매개변수 수정
#
echo "1" > /proc/sys/net/ipv4/ip_dynaddr

#
# IP forwarding / Masquerading 설정
#
echo "---> Setting up IP forwarding/masquerading <---"

#
# 1. 기존 rule을 지우고, 새로운 rule을 적용하기위한 정책설정
#
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F
echo "---> step 1 complete"

#
# 2. iptables rule 설정
#
iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state \\
ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
iptables -A FORWARD -j LOG
echo "---> step 2 complete"

#
# 3. ip masquerade 설정
#
iptables -t nat -A POSTROUTING -o $EXTIF -s 192.168.10.0/24 \\
-j MASQUERADE
echo "---> step 3 complete"

Writer profile
author image
-아랑 -

트랙백 주소 : 이 글에는 트랙백을 보낼 수 없습니다

About

by 서진우

Counter

· Total
: 4586201
· Today
: 157
· Yesterday
: 485