=============================================== Dear all mohon bantuan nih dalam membuat router-statik di RH9. perintah utk iptables sudah dibuat. Hanya saja clientnya masih gak bisa browsing & chat internet. :( Kira2 dimana yach kekurangannya :) sebelumnya saya ucapkan terima kasih =============================================== A. skema jaringan : internet --> win2000 -->router-I -->router-II =============================================== win2000 internet server- dialup eth0 192.168.0.1/255.255.255.0 ke router-I
RH9.0 router-I (juga sbg dhcp, gateway, dns) eth0 192.168.0.2/255.255.255.0 ke win2000 eth1 192.168.1.62/255.255.255.192 gateway ke 30 client eth2 192.168.2.1/255.255.255.252 ke router-II RH9.0 router-II eth0 192.168.2.2/255.255.255.252 ke Router-I eth1 192.168.3.62/255.255.255.192 gateway ke 30 client eth2 192.168.4.62/255.255.255.192 gateway ke 30 client =============================================== B.Rules yang telah di entry ke /etc/sysconf/iptables iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ 192.168.1.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ 192.168.2.0/255.255.255.252 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ 192.168.3.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ 192.168.4.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ 192.168.1.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ 192.168.2.0/255.255.255.252 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ 192.168.3.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ 192.168.4.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ 192.168.1.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ 192.168.2.0/255.255.255.252 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ 192.168.3.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ 192.168.4.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ 192.168.1.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ 192.168.2.0/255.255.255.252 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ 192.168.3.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ 192.168.4.0/255.255.255.192 -j ACCEPT iptables -t nat -A POSTROUTING -j SNAT --to 192.168.0.2 /etc/init.d/iptables save =============================================== c.Settingan lainnya. =============================================== # pada /etc/sysctl.conf --> ipv4=1 =============================================== # pada /etc/sysconfig/statik-routes ditambahi any net 192.168.3.0 netmask 255.255.255.192 gw 192.168.2.2 any net 192.168.4.0 netmask 255.255.255.192 gw 192.168.2.2 =============================================== #lalu echo "1" > /proc/sys/net/ipv4/ip_forward =============================================== # untuk buka port chatting /sbin/modprobe ip_nat_irc \ 6660,6662,6663,6664,6665,6666,6667,6668,6669,7000,7001,7002,7003,7007,8000 /sbin/modprobe ip_conntrack_irc \ 6660,6662,6663,6664,6665,6666,6667,6668,6669,7000,7001,7002,7003,7007,8000 /sbin/modprobe iptable_nat \ 6660,6662,6663,6664,6665,6666,6667,6668,6669,7000,7001,7002,7003,7007,8000 =============================================== -- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php
