iptables ꔭ

RX_K

h-yamamo@db3.so-net.ne.jp

v0.1, 24 April 2002



pPbgtB^OƂ NAT Ƃ̕FX邯ǁAȂ̖ʓ|
ēǂł邩!! Ƃ*Ȃ*Ɂwiptables ꔭx肵
܂Bł͂A

# }XJ[h

iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE 

# tB^O

iptables -A INPUT -i ppp0 -m state --state NEW,INVALID -j DROP         
iptables -A FORWARD -i ppp0 -m state --state NEW,INVALID -j DROP       

# pX MTU  (*1)

iptables -A FORWARD -o ppp0 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

 ADSL ڑ Linux 2.4 ̃t@CAEH[E[^̕K{ݒf`
X!?

Ƃ͂Ȃ̃ZXŃAŴVB

fBXgr[VɂĐݒ@(ݒt@C)͐FXł傤
ǁAv ppp0  UP OɁÃ[ݒ肳Ă邱ƂłB

AڂƂm肽Ȃ JF ̃hLgǂł :)

ELinux 2.4 NAT HOWTO (ڍאӏ )              
ELinux 2.4 Packet Filtering HOWTO (ڍאӏ ) 
Enetfilter/iptables FAQ                           
ELinux IP Masquerade HOWTO                        
Elbg[NS                               

(*1)                                                                   
E@ITЂ̋L                                                          
ENetfilter Extensions HOWTO (ڍאӏ ) # ܂{󂪂܂
B*Ȃ*|󂵂Ă݂܂!!                                       

