|
|
|
|
|||||||
| IP Networking Questions involving TCP/IP, Routers, Hubs, Network protocols, etc go here. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| trying to cope with awk difficulties | amatuer_lee_3 | Shell Programming and Scripting | 8 | 05-11-2008 01:46 PM |
| Sun 10 behind proxy | saveka | SUN Solaris | 2 | 08-19-2007 10:33 PM |
| proxy or NAT | AkinOkin | BSD | 0 | 09-14-2006 09:38 AM |
| Proxy | rado | UNIX for Advanced & Expert Users | 6 | 06-25-2002 08:48 PM |
| Simple Network Program Difficulties | Mistwolf | High Level Programming | 2 | 03-19-2002 02:34 AM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Display Modes |
10-24-2005
|
|||
|
|||
|
Proxy ARP Difficulties
edited ...
Last edited by TheMaskedMan; 03-27-2006 at 01:49 PM. 
|
| Forum Sponsor | ||
|
|
|
10-24-2005
|
||||
|
||||
|
Is proxy arp configured in your kernel?
BTW: Found these on the net: http://www.faqs.org/docs/Linux-mini/...RP-Subnet.html
|
|
10-24-2005
|
|||
|
|||
|
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp I am unaware of any kernel compile options.. Are there any?
|
|
10-24-2005
|
||||
|
||||
|
Quote:
|
|
10-24-2005
|
|||
|
|||
|
I have netfilter compiled in... Masq works, just I can't get proxy arp to go.
|
|
11-01-2005
|
|||
|
|||
|
my document
DEVICE=eth0
BOOTPROTO=none BROADCAST=192.168.1.255 IPADDR=192.168.1.254 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes USERCTL=no PEERDNS=no TYPE=Ethernet DEVICE=eth1 BOOTPROTO=none BROADCAST=192.168.1.255 IPADDR=192.168.1.254 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes USERCTL=no PEERDNS=no TYPE=Ethernet /etc/sysconfig/network-scripts/ifcfg-eth0 gateway=192.168.1.1 vi /etc/rc.d/rc.local #Ip forward /sbin/sysctl -w net.ipv4.conf.all.forwarding=1 #Enable proxy-arp /sbin/sysctl -w net.ipv4.conf.eth0.proxy_arp=1 /sbin/sysctl -w net.ipv4.conf.eth1.proxy_arp=1 #Define route /sbin/ip route del 192.168.1.0/24 dev eth0 /sbin/ip route add 192.168.1.1 dev eth0 /sbin/ip route add 192.168.1.0/24 dev eth1 vi /etc/rc.d/myfirewall.sh #!/bin/bash #Define string IPT=/sbin/iptables #Refresh rules $IPT -F FORWARD $IPT -F INPUT $IPT -F OUTPUT #Default policy $IPT -P INPUT DROP $IPT -P FORWARD DROP $IPT -P OUTPUT ACCEPT #Enable loopback $IPT -A INPUT -i lo -p all -j ACCEPT #Enable icmp $IPT -A INPUT -p icmp –j ACCEPT #Interface forward $IPT -A FORWARD -s 192.168.1.0/24 -j ACCEPT $IPT -A FORWARD -d 192.168.1.0/24 -j ACCEPT #Enable ssh $IPT -A INPUT -p tcp --dport 22 -j ACCEPT #Add other access rule //可根据实际情况添加或减少规则 $IPT -A INPUT -p tcp --dport 20 -j ACCEPT $IPT -A INPUT -p tcp --dport 21 -j ACCEPT $IPT -A INPUT -p tcp --dport 80 -j ACCEPT $IPT -A INPUT -p tcp --dport 53 -j ACCEPT $$IPT -A INPUT -p udp --dport 53 -j ACCEPT $IPT -A INPUT -p tcp --dport 23 -j ACCEPT $IPT -A INPUT -p tcp --dport 110 -j ACCEPT $IPT -A INPUT -p tcp --dport 25 -j ACCEPT $IPT -A INPUT -p tcp --dport 443 -j ACCEPT
|
|
11-02-2005
|
|||
|
|||
|
My problem was that I was dropping everything on the forward chain...
|
|||
| Google UNIX.COM |
|
| Tags |
| linux |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
