=============================================== begini, win2000 saya pergunakan di frontend karena modemnya internal merk connexant, saya sudah mencoba untuk mempergunakan di Router I RH9 dengan mengambil drivernya di linuxant,hanya saja modemnya tidak bisa dijalankan di RH9 tsb.
kemudian bagaimana caranya mencantumkan destination ke internet dgn network 0.0.0.0/0 ? mohon pencerahan lagi : =============================================== On Wednesday 17 December 2003 18:25, Jhonny Cage wrote: > Desain anda agak aneh, mengapa server win2k berada di frontend? > bukankah server RH 9.0 di router I dengan menjalankan wvdial sudah cukup? > > saya lihat di script iptables anda tidak mencantumkan di interface mana > NAT tersebut dilakukan, tentu saja ini bermasalah. > destination ke internet adalah network 0.0.0.0/0 belum termasuk dalam > script anda. > > > ----- Original Message ----- > From: "-<<- I.R. Harahap -- Medan ->>-" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, December 16, 2003 10:53 PM > Subject: [tanya-jawab] [ROUTER and FIREWALL di RH9.0] OpEn akses internet > -- HeLp :( > > > =============================================== > > Dear all > > mohon bantuan nih dalam membuat router-statik di RH9. > > perintah utk iptables sudah dibuat. > > Hanya saja clientnya masih gak bisa browsing & chat internet. :( > > Kira2 dimana yach kekurangannya :) > > sebelumnya saya ucapkan terima kasih > > =============================================== > > A. skema jaringan : > > internet --> win2000 -->router-I -->router-II > > =============================================== > > win2000 internet server- dialup > > eth0 192.168.0.1/255.255.255.0 ke router-I > > > > RH9.0 router-I (juga sbg dhcp, gateway, dns) > > eth0 192.168.0.2/255.255.255.0 ke win2000 > > eth1 192.168.1.62/255.255.255.192 gateway ke 30 client > > eth2 192.168.2.1/255.255.255.252 ke router-II > > > > RH9.0 router-II > > eth0 192.168.2.2/255.255.255.252 ke Router-I > > eth1 192.168.3.62/255.255.255.192 gateway ke 30 client > > eth2 192.168.4.62/255.255.255.192 gateway ke 30 client > > =============================================== > > B.Rules yang telah di entry ke /etc/sysconf/iptables > > > > iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ > > 192.168.1.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ > > 192.168.2.0/255.255.255.252 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ > > 192.168.3.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.192 -d\ > > 192.168.4.0/255.255.255.192 -j ACCEPT > > > > iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ > > 192.168.1.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ > > 192.168.2.0/255.255.255.252 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ > > 192.168.3.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.252 -d\ > > 192.168.4.0/255.255.255.192 -j ACCEPT > > > > iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ > > 192.168.1.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ > > 192.168.2.0/255.255.255.252 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ > > 192.168.3.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.3.0/255.255.255.192 -d\ > > 192.168.4.0/255.255.255.192 -j ACCEPT > > > > iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ > > 192.168.1.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ > > 192.168.2.0/255.255.255.252 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ > > 192.168.3.0/255.255.255.192 -j ACCEPT > > iptables -t nat -A POSTROUTING -s 192.168.4.0/255.255.255.192 -d\ > > 192.168.4.0/255.255.255.192 -j ACCEPT > > > > iptables -t nat -A POSTROUTING -j SNAT --to 192.168.0.2 > > > > /etc/init.d/iptables save > > =============================================== > > > > c.Settingan lainnya. > > =============================================== > > # pada /etc/sysctl.conf --> ipv4=1 > > =============================================== > > # pada /etc/sysconfig/statik-routes ditambahi > > any net 192.168.3.0 netmask 255.255.255.192 gw 192.168.2.2 > > any net 192.168.4.0 netmask 255.255.255.192 gw 192.168.2.2 > > tambahkan net 0.0.0.0/0 gw 192.168.2.2 > dan net 192.168.1.0/26 gw 192.168.2.2 > net 192.168.0.0/24 gw 192.168.2.2 > idem> =============================================== > > > #lalu > > echo "1" > /proc/sys/net/ipv4/ip_forward > > =============================================== > > # untuk buka port chatting > > /sbin/modprobe ip_nat_irc \ > > 6660,6662,6663,6664,6665,6666,6667,6668,6669,7000,7001,7002,7003,7007,800 > >0 /sbin/modprobe ip_conntrack_irc \ > > 6660,6662,6663,6664,6665,6666,6667,6668,6669,7000,7001,7002,7003,7007,800 > >0 /sbin/modprobe iptable_nat \ > > 6660,6662,6663,6664,6665,6666,6667,6668,6669,7000,7001,7002,7003,7007,800 > >0 =============================================== > > > > > > > > > > -- > > Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] > > Arsip dan info di http://linux.or.id/milis.php > > FAQ milis http://linux.or.id/faq.php -- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php
