De pe un server pe altul merge OK. in cele 2 retele nu merge... ====================
Pe serverul cu 2 placi de retea: # traceroute 192.168.2.1 traceroute to 192.168.2.1 (192.168.2.1), 30 hops max, 38 byte packets 1 192.168.2.1 (192.168.2.1) 0.891 ms 0.513 ms 0.428 ms # traceroute 193.231.113.125 traceroute to 193.231.113.125 (193.231.113.125), 30 hops max, 38 byte packets 1 perlea (193.231.113.125) 4.528 ms 4.800 ms 0.564 ms # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.1 192.168.2.2 255.255.255.255 UGH 0 0 0 eth2 193.231.113.125 192.168.2.2 255.255.255.255 UGH 0 0 0 eth2 81.180.46.32 0.0.0.0 255.255.255.224 U 0 0 0 eth0 192.168.2.0 192.168.2.2 255.255.255.0 UG 0 0 0 eth2 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 81.180.46.33 0.0.0.0 UG 0 0 0 eth0 --- modprobe ipt_MASQUERADE iptables -F; iptables -t nat -F; iptables -t mangle -F #iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 81.180.46.46 iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/255.255.255.0 -d ! 192.168.2.0/255.255.255.0 -j SNAT --to 81.180.46.46 iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.150/255.255.255.255 -j SNAT --to 81.180.46.46 #iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.1/255.255.255.255 -j SNAT --to 81.180.46.46 #iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.2.1 -j SNAT --to 192.168.2.1 #iptables -t nat -A PREROUTING -d 192.168.2.0/24 -s 192.168.0.0/24 -j DNAT --to 192.168.0.1 #iptables -t nat -A PREROUTING -d 193.231.113.0/24 -s 192.168.0.0/24 -j DNAT --to 192.168.0.1 echo 1 > /proc/sys/net/ipv4/ip_forward modprobe ip_conntrack_ftp modprobe ip_nat_ftp ============= Pe server-ul 2 # traceroute 81.180.46.46 traceroute to 81.180.46.46 (81.180.46.46), 30 hops max, 38 byte packets 1 Ialomita.Ro (81.180.46.46) 0.689 ms 0.667 ms 0.607 ms route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 255.255.255.255 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 81.180.46.46 192.168.2.2 255.255.255.255 UGH 0 0 0 eth1 193.231.113.124 0.0.0.0 255.255.255.252 U 0 0 0 eth0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 193.231.113.126 0.0.0.0 UG 0 0 0 eth0 --- modprobe ipt_MASQUERADE iptables -F; iptables -t nat -F; iptables -t mangle -F #iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 193.231.113.125 iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/255.255.255.0 -j SNAT --to 193.231.113.125 echo 1 > /proc/sys/net/ipv4/ip_forward modprobe ip_conntrack_ftp modprobe ip_nat_ftp ----- Original Message ----- From: "Andrei Pelinescu-Onciul" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, October 17, 2003 8:30 AM Subject: [rlug] Re: Ce nu este bine? > On Oct 17, 2003 at 04:21, Laurentiu STEFAN <[EMAIL PROTECTED]> wrote: > > Am mai pus intrebarea asta... insa nu am reusit sa o rezolv... > > Server cu 3 placi de retea. > > eth0 legatura cu net-ul (IP real) > > eth1 intra intr-un hub si are IP-ul 192.168.0.1 > > eth2 intra intro retea de alte hub-uri si are IP-ul 192.168.2.2 (in aceasta retea 192.168.2.1 este serverul pe eth1 si pe eth0 are IP real) > > Vreau ca din 192.168.0.X sa vad 192.168.2.1 (serviciile oferite de respectivul server) > > > > S-a incercat mai multe variante: > > > > iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.2.1 -j SNAT --to 192.168.2.1 > > In afara de ce a zis Alex (probabil nu it trebuie nat, doar sa setezi > rutele corect si ip_forward pe on), vezi ca oricum tu incercai sa faci > nat aiurea. Iti trebuia SNAT cu --to-source 192.168.2.2 (asta e adresa > care o sa apara ca adresa sursa). > > > Andrei > > --- > Detalii despre listele noastre de mail: http://www.lug.ro/ > > --- Detalii despre listele noastre de mail: http://www.lug.ro/
