Различия
Здесь показаны различия между двумя версиями данной страницы.
| Предыдущая версия справа и слева Предыдущая версия Следующая версия | Предыдущая версия | ||
|
abills:docs:other:ipfw_policy_routing:ru [2010/09/24 11:48] asmodeus |
abills:docs:other:ipfw_policy_routing:ru [2015/12/05 17:50] (текущий) |
||
|---|---|---|---|
| Строка 7: | Строка 7: | ||
| options IPFIREWALL_FORWARD | options IPFIREWALL_FORWARD | ||
| options IPFIREWALL_NAT | options IPFIREWALL_NAT | ||
| + | |||
| + | **/etc/sysctl.conf** | ||
| + | |||
| + | net.inet.ip.fw.one_pass=0 | ||
| + | |||
| Скрипт запуска: | Скрипт запуска: | ||
| Строка 15: | Строка 20: | ||
| ISP_IP="92.242.110.41" | ISP_IP="92.242.110.41" | ||
| FWD_NAT_ID=22 | FWD_NAT_ID=22 | ||
| - | TABLE_NUM=34 | + | USER_TABLE_NUM=34 |
| REDIRECT_IPS="10.0.0.0/24" | REDIRECT_IPS="10.0.0.0/24" | ||
| | | ||
| #Add NAT IP to table | #Add NAT IP to table | ||
| - | ${IPFW} table 33 add ${EXT_IP} | + | ${IPFW} table 33 add ${EXT_IP} ${FWD_NAT_ID} |
| | | ||
| ${IPFW} nat ${FWD_NAT_ID} config ip ${EXT_IP} log | ${IPFW} nat ${FWD_NAT_ID} config ip ${EXT_IP} log | ||
| for ip_mask in ${REDIRECT_IPS} ; do | for ip_mask in ${REDIRECT_IPS} ; do | ||
| - | ${IPFW} table ${TABLE_NUM} add ${ip_mask} ${FWD_NAT_ID} | + | ${IPFW} table ${USER_TABLE_NUM} add ${ip_mask} ${FWD_NAT_ID} |
| done; | done; | ||
| | | ||
| - | ${IPFW} 60015 add fwd ${ISP_IP} ip from ${EXT_IP} to any | ||
| ${IPFW} 60010 nat tablearg ip from table\(34\) to any | ${IPFW} 60010 nat tablearg ip from table\(34\) to any | ||
| + | ${IPFW} 60015 add fwd ${ISP_IP} ip from ${EXT_IP} to any | ||
| ${IPFW} 60020 nat tablearg ip from any to table\(33\) | ${IPFW} 60020 nat tablearg ip from any to table\(33\) | ||