Âíóòðåííèé è âíåøíèé IP àäðåñà + DCHub

**usmailer™** · 07-02-2008, 11:36

Ïðèâåòñòâóþ!

Íåâåðþ!

×òî íèêòî íå ñòàëêèâàëñÿ ñ îïèñàííîé íèæå ïðîáëåìîé...

Åñòü:

1 - Ïðåìèóì ñ ïðîøèâêîé Îëåãà
2 - Ëîêàëêà - 10.õ.õ.õ
3 - Ìîé ëîêàëüíûé àäðåñ - 10.1.16.43
3.1 - Íàñòðîéêè è ïàðàìåòðû ëîêàëêè óñòàíàâëèâàþòñÿ íà ðîóòåð àâòîìàòîì, îò ïðîâà.(Auto)
4 - Ìîé âíåøíèé àäðåñ - 84.204.õ.õ
4.1 - Íàñòðàèâàþ ðóêàìè (StaticIP)
(Âàðèàíò 3 è 4 åñòåññíî ìîãóò ðàáîòàòü òîëüêî ïîðîçíü.)
Ïðèâÿçêà ïî ÌÀÑ àäðåñó.

Ñèòóàöèÿ:

Ñåé÷àñ, ðîóòåð íàñòðîåí ðóêàìè, è ÿ ìîãó ïîïàñòü íà âíóòðåííèé ñåðâåð(êîìï).
Âñå íàñòðîåíî è ÷óäíî ðàáîòàåò.
è Äàæå ëîêàëüíûå ðåñóðñû íîðìàëüíî äîñòóïíû.
Åñòü ïðîáëåìà ÒÎËÜÊÎ ñ êëèåíòîì DC++ äëÿ õàáà ëîêàëüíîé ñåòè.
Â ÷àñòíîñòè, ËÎÊÀËÜÍÛÉ òðàôôèê èäåò ñî ñêîðîñòüþ ìîåãî èíòåðíåò ïîäêëþ÷åíèÿ, ò.ê. ØËÞÇ åñòåññíî ñòîèò âíåøíèé.

Åñëè ïîñòàâèòü íàñòðîéêè "Àâòîìàò", ò.å. ñ ïîëó÷åíèåì âíóòðåííåãî IP
ËÎÊÀËÜÍÛÅ ðåñóðñû íà 100Ìá\ñ êàê è ïîëîæåíî.
Êëèåíò DC++ ëåòàåò!!
ÍÎ ÿ åñòåññíî íè÷åãî "ñíàðóæè" íå ìîãó...

Íàäî:
1 - Íàñòðîèòü ðîóòåð, ÷òîáû èìåòü âíåøíèé IP è èìåòü äîñòóï èçâíå.
2 - Çàñòàâèòü òðàôèê DC++ êëèåíòà õîäèòü â ëîêàëüíîé ñåòè íå ÷åðåç èíåò øëþç ïî ïîëíîé øèðèíå ëîêàëêè.

Àäìèíû ñåòè "íà êîðîòêîé íîãå" è ñî ìíîé è ñ ëèíóõîé (âñå ÿäðî ñåòè íà íåé), íî îíè íå çíàþò îáðåçàííîãî ëèíóõà íàøåé ïðîøèâêè...
Åñëè, ÷òî ìîæíî (íóæíî) ïîäïðàâèòü ãëîáàëüíî - îáñóæäàåìî, èçó÷àåìî è ïðèìåíÿåìî...

Íàäåþñü íà ïîìîùü...
Ñ óâàæåíèåì...

**angel_il** · 07-02-2008, 18:43

ïðî÷èòàë, â ÷åì ïðîáëåìà íå ïîíÿë.

**usmailer™** · 09-02-2008, 20:12

Íàäî íàçíà÷èòü WAN ïîðòó ÄÂÀ IP àäðåñà Îäèí âíóòðåííèé, âòîðîé âíåøíèé
Ïðè÷åì ðîóòåð äîëæåí âèäåòüñÿ èç èíåòà è îäíîâðåìåííî òðàôôèê ëîêàëüíîé
ñåòè íå øåë ÷åðåç âíåøíèé øëþç äëÿ èíåòà (íà êîòîðîì äàëåêî íå 100Ìá)

Òàê äîñòóïíåå? êàê ñîáñíî ïîäíÿòü âòîðîé IP àäðåñ íà WAN íàïèñàíî â FAQ è âñå ïîëó÷àåòñÿ..
Íî åñëè âòîðûì äåëàþ âíåøíèé àäðåñ, òî ÿ íå ìîãó ïîïàñòü èçâíå... çàòî ëîêàëêà ëåòàåò íà âñþ..
À åñëè âòîðûì ïîñòàâèòü âíóòðåííèé àäðåñ ëîêàëêè, òî òðàôô ïîïàäàåò íà âíåøíèé øëþç è ñêîðîñòè ëîêàëüíîé ñåòè ìíå íåâèäàòü...

Åñòü ïîäîçðåíèå íà ìàðøðóòû âíóòðè ñàìîãî ðîóòåðà, ìåæäó íàçíà÷åííûìè ìíîþ àäðåñàìè...
Ïîäñêàæèòå, êàê ïðàâèëüíî íàïèñàòü ìàðøðóòû äëÿ ëþáîãî âàðèàíòà..
È âîîáùå, â íèõ ëè äåëî? âîïðîñ âñå åùå àêòóàëåí

**antoxaa** · 09-02-2008, 22:00

ÿ ðåøèë ïðîáëåìó ñ ïîìîùüþ ïàêåòà noip2

**kodmis** · 09-02-2008, 22:24

Ó ìåíÿ òàêàÿ æå ñèòóàöèÿ.
Â ëèíóêñå íîâè÷îê, íî ñ ïîìîùüþ ôîðóìà èç ðàçíûõ êóñêîâ ñêîìïèëèë âîò òàêèå êîíôèãè:
post-firewall:

Code:

#!/bin/sh
PUB_DC="89.x.x.x"
PRIV_DC="172.x.x.x"

EXT_PUB_IP="89.x.x.x"
EXT_IFACE="vlan1"
EXT_PRIV_IP="10.x.x.x"
GW_PRIV_LAN="10.x.x.x"

ip addr add $EXT_PRIV_IP/22 dev $EXT_IFACE
route add -net 10.192.32.0 netmask 255.255.248.0 gw $GW_PRIV_LAN
route add -net 10.192.0.0 netmask 255.255.248.0 gw $GW_PRIV_LAN
route add -net 10.2.0.0 netmask 255.255.252.0 gw $GW_PRIV_LAN
route add -net 172.16.0.0 netmask 255.240.0.0 gw $GW_PRIV_LAN
route add -net $PUB_DC netmask 255.255.255.255 gw $GW_PRIV_LAN

# for DC++
#
iptables -t nat -A POSTROUTING -d 10.0.0.0/8 -j SNAT --to-source $EXT_PRIV_IP
iptables -t nat -A POSTROUTING -d 172.16.0.0/12 -j SNAT --to-source $EXT_PRIV_IP
iptables -t nat -A POSTROUTING -d $PUB_DC -j SNAT --to-source $EXT_PRIV_IP

DCPP_TCP_PORT=2660
DCPP_UDP_PORT=5070
DCPP_TLS_PORT=13111
DCPP_HOST="192.168.91.11"
iptables -t nat -I PREROUTING  -p tcp --dport $DCPP_TCP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_UDP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_TLS_PORT -j DNAT --to $DCPP_
iptables -I SECURITY -p udp --dport $DCPP_UDP_PORT -j RETURN

Ðîóòåð ÷åðåç Âåá-èíòåðôåéñ íàñòðîåí íà IP è øëþç ïî óìîë÷àíèþ â ïóáëè÷íîé ñåòè. Ëîêàëüíûé IP äîáàâëÿåòñÿ êîìàíäîé "ip addr add", ìàñêà - "/22" (íå çàáóäüòå ñìåíèòü åñëè ó âàñ äðóãàÿ). Ìàðøðóòû â äðóãèå ëîêàëüíûå IP ïîäñåòè ïðîâàéäåðà ïðîïèñûâàþòñÿ êîìàíäàìè "route add -net".
PUB_DC è PRIV_DC - ýòî 2 DC õàáà ïðîâàéäåðà
EXT_PUB_IP è EXT_PRIV_IP - ïóáëè÷íûé è ëîêàëüíûé IP ìîåãî ðîóòåðà ñîîòâåòñòâåííî. GW_PRIV_LAN - øëþç ïî óìîë÷àíèé â ìîåé ëîêàëüíîé ñåòè.
DCPP_HOST - àäðåñ êîìïà çà ðîóòåðîì, íà êîòîðîì çàïóùåí DC êëèåíò.
DCPP_TCP_PORT, DCPP_UDP_PORT, DCPP_TLS_PORT - ïîðòû ýòîãî êëèåíòà
Âîò. Âñå ðàáîòàåò. Ñíàðóæè çàëåçàþ ê ñåáå ÷åðåç âíåøíèé IP è îäíîâðåìåííî ðàáîòàþ ñ ðåñóðñàìè ëîêàëêè èçíóòðè ÷åðåç âíóòðåííèé IP...

ÇÛ. Åñëè êòî îáíàðóæèò êóñêè ñâîèõ êîíôèãîâ â ìîåì, ïðèìèòå ìîþ áëàãîäàðíîñòü çà ïîìîùü

**usmailer™** · 10-02-2008, 22:03

ñïàñèáî çà îòêëèê..
âîò ÷òî ÿ ñäåëàë:

mkdir -p /usr/local/sbin
cd /usr/local/sbin
echo

Code:

"#!/bin/sh
PUB_DC="84.204.õ.õ"
PRIV_DC="10.0.0.3"

EXT_PUB_IP="84.204.õ.õ"
EXT_IFACE="vlan1"
EXT_PRIV_IP="10.1.16.43"
GW_PRIV_LAN="10.0.0.1"

ip addr add $EXT_PRIV_IP/22 dev $EXT_IFACE
route add -net 10.0.0.0 netmask 255.0.0.0 gw $GW_PRIV_LAN
route add -net $PUB_DC netmask 255.255.255.192 gw $GW_PRIV_LAN

# for DC++
#
iptables -t nat -A POSTROUTING -d 10.0.0.0/8 -j SNAT --to-source $EXT_PRIV_IP
iptables -t nat -A POSTROUTING -d $PUB_DC -j SNAT --to-source $EXT_PRIV_IP

DCPP_TCP_PORT=2660
DCPP_UDP_PORT=5070
DCPP_TLS_PORT=13111
DCPP_HOST="10.0.0.3"
iptables -t nat -I PREROUTING  -p tcp --dport $DCPP_TCP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_UDP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_TLS_PORT -j DNAT --to $DCPP_
iptables -I SECURITY -p udp --dport $DCPP_UDP_PORT -j RETURN"

â post-firewall
chmod +x ./post-firewall
flashfs save && flashfs commit && flashfs enable
reboot

ãäå:
1 - Êàê ÿ ïîíÿë - PUB_DC="84.204.õ.õ" - âíåøíèé èï ìîåãî õàáà
2 - Ñìóùàåò âî çäåñü ip addr add $EXT_PRIV_IP/22 dev $EXT_IFACE - âûäåëåííîå 22 - ýòî êàêîé òî êðèòè÷íûé ìîìåíò èëè îáùåå çíà÷åíèå???
3 - route add -net $PUB_DC netmask 255.255.255.192 gw $GW_PRIV_LAN - ýòî ìàñêà äëÿ ìîåãî âíåøíåãî IP ?
è 4 - ÷òî òî íàäî îòäåëüíî äåëàòü ñ ïîðòàìè, óêàçàííûìè âûøå è ñ åùå ÷òî ëèáî ñ ñàìèì ðîóòåðîì?

Èòîã:
Äîñòóï åñòü èçâíå - ò.ê. ðóêàìè â âåá ìîðäå ÿ ïðîïèñàë ñâîè ÂÍÅØÍÈÅ äàííûå
Äî õàáà - ÄÀÆÅ ÍÅ ÄÎÑÒÓ×ÀÒÜÑß è â ïàññèâå...

**kodmis** · 10-02-2008, 22:58

Originally Posted by usmailer™

ãäå:
1 - Êàê ÿ ïîíÿë - PUB_DC="84.204.õ.õ" - âíåøíèé èï ìîåãî õàáà
2 - Ñìóùàåò âî çäåñü ip addr add $EXT_PRIV_IP/22 dev $EXT_IFACE - âûäåëåííîå 22 - ýòî êàêîé òî êðèòè÷íûé ìîìåíò èëè îáùåå çíà÷åíèå???
3 - route add -net $PUB_DC netmask 255.255.255.192 gw $GW_PRIV_LAN - ýòî ìàñêà äëÿ ìîåãî âíåøíåãî IP ?
è 4 - ÷òî òî íàäî îòäåëüíî äåëàòü ñ ïîðòàìè, óêàçàííûìè âûøå è ñ åùå ÷òî ëèáî ñ ñàìèì ðîóòåðîì?

1. Îñòàâüòå ñåáå òîëüêî PRIV_DC, âïèøèòå â íåãî àäðåñ DC õàáà ïðîâàéäåðà. Ïðîñòî â ìîåì ïðèìåðå àäðåñà 2õ DC õàáîâ ïðîâà. Âñå ñòðîêè ñ $PUB_DC óáåðèòå.
2. Êðèòè÷íûé ìîìåíò. Ýòî ìàñêà ëîêàëüíîé ñåòè ïðîâàéäåðà. Ó ìåíÿ 255.255.252.0 , ïîýòîìó ïèøó /22 (ñîêðàùåííàÿ çàïèñü îáîçíà÷àþùàÿ êîë-âî åäèíèö â äâîè÷íîé íîòàöèè ÷èñëà 255.255.252.0). Åñëè ó âàñ ìàñêà ëîêàëêè ïðîâà - 255.0.0.0, òî áóäåò /8
3. Óáåðèòå ýòó ñòðî÷êó. Ó âàñ DC õàá ïðîâàéäåðà îäèí è îí âî âíóòðåííåé ñåòè (åãî àäðåñ íà÷èíà÷åòñÿ ñ 10.). Ñì. òàêæå ï1
4. Äàâàéòå ñíà÷àëà ñ îñòàëüíûì ðàçáåðåìñÿ. ß âðîäå íè÷åãî áîëüøå íå äåëàë è ó ìåíÿ âñå ðàáîòàåò. Ïîðòû 2660, 5070, 13111 âû æå ïðîïèñàëè íà DC++ êëèåíòå?
Åùå, êñòàòè DCPP_HOST - ýòî àäðåñ êîìïüþòåðà, íà êîòîðîì êðóòèòñÿ DC êëèåíò. Âû åãî ïðàâèëüíî óêàçàëè? Õîðîøî áû óâèäåòü ðåçóëüòàò "ip addr" íà âàøåì ðîóòåðå. À òî ÷åãî-òî ó âàñ DCPP_HOST == PRIV_DC

...

usmailer™ Ó âàñ äîëæíî ïîëó÷èòñÿ ÷òî-òî âðîäå òàêîãî:

Code:

#!/bin/sh
EXT_IFACE="vlan1"
EXT_PRIV_IP="10.1.16.43"
GW_PRIV_LAN="10.0.0.1"

ip addr add $EXT_PRIV_IP/8 dev $EXT_IFACE

# for DC++
#
iptables -t nat -A POSTROUTING -d 10.0.0.0/8 -j SNAT --to-source $EXT_PRIV_IP

DCPP_TCP_PORT=2660
DCPP_UDP_PORT=5070
DCPP_TLS_PORT=13111
DCPP_HOST="10.0.0.3"
iptables -t nat -I PREROUTING  -p tcp --dport $DCPP_TCP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_UDP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_TLS_PORT -j DNAT --to $DCPP_
iptables -I SECURITY -p udp --dport $DCPP_UDP_PORT -j RETURN

òîëüêî DCPP_HOST íåïðàâèëüíûé...
È ýòîò âàðèàíò ïîäðàçóìåâàåò ÷òî íóæíûå âàì ëîêàëüíûå ðåñóðñû ïðîâàéäåðà (DC++ õàá íàïðèìåð) è âàø
"EXT_PRIV_IP="10.1.16.43"" íàõîäÿòñÿ â îäíîé IP ïîäñåòè (â ýòîì ñëó÷àå "route add -net" íå íóæíû)

**usmailer™** · 11-02-2008, 10:35

ñïàñèáî!

íè÷åãî óâû íå ïîëó÷àåòñÿ....

âèäèìî ìîÿ îøèáêà, êàþñü...
ÿ íå ñîîáùèë, ÷òî êëèåíò õàáà ñòîèò íà ìîåì ëîêàëüíîì ñåðâåðå ñ àäðåñîì 192.168.1.7

è â ýòîì ÿ âèæó âñþ çàãâîçäêó...

è åùå - êàêîé IP ñòàâèòü â êëèåíòå ??
âíåøíèé èëè âíóòðåííèé?

**kodmis** · 11-02-2008, 19:14

è êàêîé ó âàñ ïîëó÷èëñÿ post-firewall â ðåçóëüòàòå?
Â êëèåíòå DC++ ñòàâèòü IP 10.1.16.43 (IP âàøåãî ðîóòåðà ñìîòðÿùèé â ëîêàëüíóþ ñåòü ïðîâà)

**usmailer™** · 11-02-2008, 21:27

Code:

[usmailer@(none) root]$ ip addr
1: lo: <LOOPBACK,MULTICAST,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
    inet6 ::1/128 scope host
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
3: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
4: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
5: vlan0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc noqueue
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
6: vlan1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet 84.204.õ.õ/26 brd 84.204.õ.õ scope global vlan1
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
7: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br0
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
[usmailer@(none) root]$

à ïîëó÷èëîñü îò ÷òî:

Code:

#!/bin/sh
EXT_IFACE="vlan1"
EXT_PRIV_IP="10.1.16.43"
GW_PRIV_LAN="10.0.0.1"

ip addr add $EXT_PRIV_IP/8 dev $EXT_IFACE

# for DC++
#
iptables -t nat -A POSTROUTING -d 10.0.0.0/8 -j SNAT --to-source $EXT_PRIV_IP

DCPP_TCP_PORT=2660
DCPP_UDP_PORT=5070
DCPP_TLS_PORT=13111
DCPP_HOST="192.168.1.7"
iptables -t nat -I PREROUTING  -p tcp --dport $DCPP_TCP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_UDP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_TLS_PORT -j DNAT --to $DCPP_
iptables -I SECURITY -p udp --dport $DCPP_UDP_PORT -j RETURN

**kodmis** · 11-02-2008, 22:15

À, ïîñëå ïðèìåíåíèÿ âàøåãî post-firewall ÷òî âûäàåò êîìàíäà "tracert <IP àäðåñ DC++ õàáà ïðîâàéäåðà>" ? Êîìàíäó íóæíî âûïîëíèòü íà âàøåì êîìïå ïîä âèíäàìè

Âèíîâàò, íåïðàâèëüíî ñêàçàë ïðî "ip addr". ß õîòåë ïîñìîòðåòü íà ðåçóëüòàò ýòîé êîìàíäû, ÷òîá óçíàòü êàêèå ïàðàìåòðû (ìàñêà, øëþç) ëîêàëüíîé ñåòè âû ïîëó÷àåòå îò ïðîâà ("3.1 - Íàñòðîéêè è ïàðàìåòðû ëîêàëêè óñòàíàâëèâàþòñÿ íà ðîóòåð àâòîìàòîì, îò ïðîâà.(Auto)")
Ïðîñòî íè ðàçó íå âñòðå÷àë, ÷òîá äåëàëè ñåòü 10.0.0.0/255.0.0.0 Õîòÿ êîíå÷íî è òàêîå âîçìîæíî. Ïîýòîìó íàñòðîéòå, ïëç, ïîëó÷åíèå àâòîìàòîì ïàðàìåòðîâ ëîêàëêè íà ðîóòåðå è ïîêàæèòå ÷åãî âûäàë "ip addr".

**angel_il** · 11-02-2008, 22:27

âîò òîëüêî íå ïîéìóïî÷åìó
$DCPP_
ÿ æå ïèñàë â õàóòóøêå
$DCPP_HOST

**usmailer™** · 11-02-2008, 22:37

âîò ñ íàñòðîêàìè îò ïðîâà

Code:

[usmailer@(none) root]$ ip addr
1: lo: <LOOPBACK,MULTICAST,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
    inet6 ::1/128 scope host
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
3: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
4: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
5: vlan0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc noqueue
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
6: vlan1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet 10.1.16.43/8 brd 10.255.255.255 scope global vlan1
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link
7: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
    link/ether 00:18:f3:6b:38:bf brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br0
    inet6 fe80::218:f3ff:fe6b:38bf/10 scope link

**kodmis** · 12-02-2008, 05:30

Originally Posted by angel_il

âîò òîëüêî íå ïîéìóïî÷åìó
$DCPP_
ÿ æå ïèñàë â õàóòóøêå
$DCPP_HOST

Ôîðóì â òåãå CODE îáðåçàåò âèäèìî, à íå ïåðåíîñèò

À âîò åñëè âîò òàê ïîïðîáîâàòü çàïèñàòü...
"iptables -t nat -I PREROUTING -p tcp --dport $DCPP_TCP_PORT -j DNAT --to $DCPP_HOST"
"iptables -t nat -I PREROUTING -p udp --dport $DCPP_UDP_PORT -j DNAT --to $DCPP_HOST"
"iptables -t nat -I PREROUTING -p udp --dport $DCPP_TLS_PORT -j DNAT --to $DCPP_HOST"

Òàê íå îáðåçàåò...

Originally Posted by usmailer™

à ïîëó÷èëîñü îò ÷òî:

Code:

#!/bin/sh
EXT_IFACE="vlan1"
EXT_PRIV_IP="10.1.16.43"
GW_PRIV_LAN="10.0.0.1"

ip addr add $EXT_PRIV_IP/8 dev $EXT_IFACE

# for DC++
#
iptables -t nat -A POSTROUTING -d 10.0.0.0/8 -j SNAT --to-source $EXT_PRIV_IP

DCPP_TCP_PORT=2660
DCPP_UDP_PORT=5070
DCPP_TLS_PORT=13111
DCPP_HOST="192.168.1.7"
iptables -t nat -I PREROUTING  -p tcp --dport $DCPP_TCP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_UDP_PORT -j DNAT --to $DCPP_
iptables -t nat -I PREROUTING  -p udp --dport $DCPP_TLS_PORT -j DNAT --to $DCPP_
iptables -I SECURITY -p udp --dport $DCPP_UDP_PORT -j RETURN

Äà ó âàñ ëîêàëêà 10.0.0.0/8 (óæîñ

)
Òîãäà äà, âàø post-firewall äîëæåí ðàáîòàòü.
Îáðàòèòå âíèìàíèå íà çàìå÷àíèå angel_il. Íàñòðàèâàéòå ïóáëè÷íûé IP ÷åðåç web èíòåðôåéñ è ïðèìåíÿéòå ñâîé post-firewall.
Ïîñëå ýòîãî "tracert <IP àäðåñ DC++ õàáà ïðîâàéäåðà>" ñ êîìïà çà ðîóòåðîì äîëæåí ïîêàçàòü, ÷òî ïàêåòû íå ïðîõîäÿò ÷åðåç ïóáëè÷íóþ ñåòü, à èäóò ñðàçó â ëîêàëêó ïðîâà.
Íàñòðàèâàéòå íà êîìïå êëèåíòà DC++ (ïîðòû, IP) è â ïóòü...

**usmailer™** · 12-02-2008, 08:32

ÍÈÇÊÈÉ ÏÎÊËÎÍ È ÓÂÀÆÓÕÀ ÇÀ ÒÅÐÏÅÍÈÅ È ÐÅÇÓËÜÒÀÒ!!!

Ñ÷àñòüå åñòü...
Âñå ïîëó÷èëîñü!

Âîò ÷òî â post-firewall:

Code:

#!/bin/sh
EXT_IFACE="vlan1"
EXT_PRIV_IP="10.1.16.43"
GW_PRIV_LAN="10.0.0.1"

ip addr add $EXT_PRIV_IP/8 dev $EXT_IFACE

# for DC++
#
iptables -t nat -A POSTROUTING -d 10.0.0.0/8 -j SNAT --to-source $EXT_PRIV_IP

DCPP_TCP_PORT=5759
DCPP_UDP_PORT=6975
DCPP_TLS_PORT=13111
DCPP_HOST="192.168.1.7"
iptables -t nat -I PREROUTING -p tcp --dport $DCPP_TCP_PORT -j DNAT --to $DCPP_HOST
iptables -t nat -I PREROUTING -p udp --dport $DCPP_UDP_PORT -j DNAT --to $DCPP_HOST
iptables -t nat -I PREROUTING -p udp --dport $DCPP_TLS_PORT -j DNAT --to $DCPP_HOST
iptables -I SECURITY -p udp --dport $DCPP_UDP_PORT -j RETURN

íó ÷òî æå.. ÿ äîëæíèê...

Thread: Âíóòðåííèé è âíåøíèé IP àäðåñà + DCHub

Thread Tools

Rate This Thread

Display

Âíóòðåííèé è âíåøíèé IP àäðåñà + DCHub

Similar Threads

Ïîëó÷èë âíåøíèé IP... ïðîáëåì äîáàâèëîñü

Tags for this Thread

Posting Permissions