[linux-users: 108466] Re: 2セッション接続について教えてください。

早間義博 yossi @ yedo.src.co.jp
2010年 6月 24日 (木) 10:50:14 JST


$BAa4V$G$9!#(B
route $B$NJQ99$O(B route $B$+(B iptables $B$G=PMh$k$h$&$K;W$$$^$9!#(B
> 
> -----------------------------------------------------------------------|
> $B-!%m!<%+%k%M%C%H%o!<%/$+$i$O(Bppp1$B$G%$%s%?!<%M%C%H$K@\B3$7$?$$!#!!!!!!!!(B |
>   (ppp0$B$H(Bppp1$B$r(Biptable$B$G @ Z$jBX$($i$l$k$N$,M}A[$G$9!K(B            $B!!!!(B   |
> -----------------------------------------------------------------------|
> $B-"%m!<%+%k%M%C%H%o!<%/$+$i%5!<%P!<$K%m!<%+%k%"%I%l%9$G!"%"%/%;%9$7$?(B $B!!(B|
>   $B$$!#(B                                                                 |
> -----------------------------------------------------------------------|
> $B-#%k!<%?!<7s(Bweb$B%5!<%P!<$NDL?.$O(Bppp0$B$r;HMQ$7$?$$!#(B                      |
> -----------------------------------------------------------------------|
> 

ppp0 $B$OH=$j$^$;$s$,(B ppp1 $B$O(B Masquerade $B$r$4MxMQ$K$J$k$b$N$H;W$$$^(B
$B$9!#$b$7!"(BLocal network $B$+$i$N@\B3$O(B ppp1 $B$r;HMQ$9$k$N$G$"$l$P(B

(1) ppp1 $B@\B3;~$K(B default Gateway $B$r(B ppp1 $B$N%W%m%P%$%@B&(B IP $B$K$9$k!#(B
    ppp $B@\B3;~$K<B9T$G$-$k%3%^%s%I$NCf$G=PMh$k$H;W$$$^$9!#(B
    fedora12 $B$NMxMQ7P83$OL5$$$N$G$9$,(B ppp1 $B @ ZCG$N;~$K(B default gw
    $B$r(B ppp0 $BB&$K;}$C$F9T$1$l$P!"(Bppp0 ppp1 $B$N$$$:$l$+$,@\B3$7$F$$$k(B
    $B$H$-$K$O(B Local network $B$O30$K$D$J$,$j$^$9!#(B
    $B$3$N$H$-!"(Bppp0 $B$G$b(B masquerade $B$,(B $BI,MW$K$J$j$^$9!#(B

    $B:G6a!";HMQ$7$F$$$J$$$N$G!"Dj$+$G$O$J$$$N$G$9$,!"(B pppup pppdown 
    $B$N$h$&$J%3%^%s%I$,(B ppp $B@\B3$ND>8e$H @ ZCG$ND>8e$KMxMQ$G$-$?$O$:(B
    (ppp $B$N(B config $B$GDj5A(B) $B$G$9!#(B
    pppup $B$G$O(Bppp $B$GAw$i$l$F$/$k(B DNS$B$b4D6-JQ?t$G<hF@$G$-$^$9!#(B

    ntt flets $B$N(BIP $BEEOC$N;HMQ$G$-$k%k!<%?$r;H$C$F$$$k$N$G$9$,!"(B
    $B @ bL@$,$[$H$s$IL5$$$N$GIT0B$N8G$^$j$G$9!#(Bether card $B$OM>$C$F$$(B
    $B$k$N$G$9$,B.EY$K<+?.$,L5$$$N$G(B ntt $B%k!<%?$K4E$s$8$F$$$^$9!#(B
 (2) iptables $B$G(B FORWARD $B$NDj5A$r$7(B 192.168.1.0/24 $B$r(B ACCEPT $B$9$l$P(B
    Local network $B$+$i$N@\B3$O$I$A$i$N%W%m%P%$%@8~$-$K$bDL2a=PMh$^(B
	$B$9!#(B
   $B$^$?!"(B/proc $B$N(B forward $B$K(B($BI,;`$K$J$C$F(B??) 1 $B$rF~$l$F$$$^$9!#(B
      /proc/sys/net/ipv4/ip_forward
	  /proc/sys/net/ipv4/conf/all/rp_filter
	  /proc/sys/net/ipv4/conf/default/rp_filter
	  /proc/sys/net/ipv4/conf/eth0/rp_filter
	  /proc/sys/net/ipv4/conf/eth1/rp_filter
	  /proc/sys/net/ipv4/conf/eth2/rp_filter

(3)ppp0 $B$r;HMQ$9$k$N$,(B Web $B%5!<%P$N$_$H$9$k$J$i$P(B
   iptables -p tcp --source-port 80 -o ppp0
   $B$NMM$K;XDj$9$l$P2DG=$+$H9M$($i$l$^$9!#(B
   (default gw $B$O(B ppp1)
   $B$?$@!"F1%5!<%P$K(BLocal network $B$+$i$N@\B3$,(B ppp1 $B7PM3$K$J$k$+$b(B
   $BCN$l$^$;$s!#(B
   iptables -p tcp --destination 192.168.1.0/24 [--source-port 80] -o eth1
   iptables -p tcp [--destination ! 192.168.1.0/24] --source-port 80 -o ppp0
   $B$G(B Local Network $B$K$OD>@\Aw$i$l$k$H;W$$$^$9(B([]$BFb$OITMW$G$7$g$&$+(B)$B!#(B
(4) ppp $BB&$,(B eth0($B$@$1(B?) $B$H$"$k$N$G$9$,!"$3$l$O(B $B#2$D$N(B ppp $B%;%C%7%g%s$r(B
    $B0l$D$N(B ether card $B$G<B9T$9$k$H8@$&$3$H$G$7$g$&$+!#<B9T$7$?$3$H(B
	$B$OL5$$$N$G$9$,!"(Bntt flets $B$N(B PPPoE $B%V%j%C%8$G;HMQ$9$k$H$-$O(B
    $B2DG=$J$N$+$bCN$l$^$;$s!#=PMh$^$7$?$i>pJs$r2<$5$$!#(B
(5) $B$=$NB>!"(Bppp0 $B$GD>@\30It(B IP $B$r$4MxMQ$K$J$k$N$+(B NAT $B$r$4MxMQ$K$J(B
   $B$k$N$+$OH=$j$^$;$s$,0lHL$K(B NAT $B$r$4MxMQ$K$J$C$?J}$,!"(Biptables
   $B$N<j4V$,>/$J$$$h$&$K;W$$$^$9!#(B

-- $BAa4V(B


linux-users メーリングリストの案内