[ Brrrrmko @ 23.01.2007. 15:07 ] @
Pozdrav Ljudi! Instalirao sam Debian woody 30r4 sa kernelom 2.2.20. Prema uputstvu http://www.aboutdebian.com/proxy2.htm odradio sam sve sto treba, ali ne radi ili nesto ne radim kako treba. U "masini" su dve ethernet kartice. Jedna za povezivanje na internet preko bezicnog providera, a druga za internu mrezu. Sve je lepo konfigurisano sto se tice mreznih karti. Pingovanje u internoj mrezi radi i internet na drugoj mreznoj kartici takodje radi, znaci da konfiguracija proxy-ja ne valja. Evo skripte proxy.sh,a posle toga i ono sto mi izbacuje kad je pokrenem sa "/etc/init.d/proxy.sh": #!/bin/sh # IPCHAINS PROXY script for the Linux 2.2 kernel. # This script is a derivitive of the script presented in # the IP Masquerade HOWTO page at: # www.tldp.org/HOWTO/IP-Masquera...tronger-firewall-examples.html # It was simplified to coincide with the configuration of # the sample system presented in the Guides section of # www.aboutdebian.com # # PLEASE SET THE USER VARIABLES # IN SECTIONS A AND B OR C echo -e "\n\nSETTING UP IPCHAINS PROXY..." # === SECTION A # ----------- FOR EVERYONE # SET THE _NETWORK_ ADDRESS OF YOUR INTERNAL NETWORK # The default value below is for a 192.168.0.0 network. # Note that the "/24" is a network mask of 255.255.255.0 # (meaning 24 bits - three octets - set to 1s). Similarly, # a network mask of 255.255.0.0 would be "/16". # Note that this is a NETWORK address - not the # IP address of a specific device on the network. # Enter the internal network's (or subnet's) network # address for the INTLAN variable: INTLAN="172.16.0.0/16" # SET THE INTERFACE DESIGNATION FOR THE NIC CONNECTED TO YOUR INTERNAL NETWORK # The default value below is for "eth0". This value # could also be "eth1" if you have TWO NICs in your system. # You can use the ifconfig command to list the interfaces # on your system. The internal interface will likely have # have an address that is in one of the private IP address # ranges. # Note that this is an interface DESIGNATION - not # the IP address of the interface. # Enter the internal interface's designation for the # INTIF variable: INTIF="eth0" # SET THE INTERFACE DESIGNATION FOR YOUR "EXTERNAL" (INTERNET) CONNECTION # The default value below is "ppp0" which is appropriate # for a MODEM connection. # If you have two NICs in your system change this value # to "eth0" or "eth1" (whichever is opposite of the value # set for INTIF above). # Note that this is an interface DESIGNATION - not # the IP address of the interface. # Enter the external interface's designation for the # EXTIF variable: EXTIF="eth1" # ! ! ! ! ! Use ONLY Section B *OR* Section C depending on # ! ! ! ! the type of Internet connection you have. # === SECTION B # ----------- FOR THOSE WITH STATIC PUBLIC IP ADDRESSES # SET YOUR EXTERNAL IP ADDRESS # If you specified a NIC (i.e. "eth0" or "eth1" for # the external interface (EXTIF) variable above, # AND if that external NIC is configured with a # static, public IP address (assigned by your ISP), # UNCOMMENT the following EXTIP line and enter the # IP address for the EXTIP variable: # EXTIP="your.static.IP.address" # === SECTION C # ---------- DIAL-UP MODEM, AND RESIDENTIAL CABLE-MODEM/DSL (Dynamic IP) USERS # SET YOUR EXTERNAL INTERFACE FOR DYNAMIC IP ADDRESSING # If you get your IP address dynamically from SLIP, PPP, # BOOTP, or DHCP, UNCOMMENT the FOUR commands below. # (No values have to be entered.) # Note that if you are uncommenting these lines then # the EXTIP line in Section B must be commented out. echo " Enabling Dynamic IP Addressing..." echo "1" > /proc/sys/net/ipv4/ip_dynaddr /sbin/ipchains -A input -j ACCEPT -i $EXTIF -s 0/0 67 -d 0/0 68 -p udp EXTIP="`/sbin/ifconfig ppp0 | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`" # -------- No more variable setting beyond this point -------- echo " Loading required IPMASQ kernel modules..." /sbin/depmod -a /sbin/modprobe ip_masq_ftp /sbin/modprobe ip_masq_raudio echo " Enabling IP forwarding..." echo "1" > /proc/sys/net/ipv4/ip_forward echo " Enabling IP Defragmentation..." echo "1" > /proc/sys/net/ipv4/ip_always_defrag # MASQ timeouts # # 2 hrs timeout for TCP session timeouts # 10 sec timeout for traffic after the TCP/IP "FIN" packet is received # 160 sec timeout for UDP traffic (Important for MASQ'ed ICQ users) echo " Setting default timers..." /sbin/ipchains -M -S 7200 10 160 echo " Internal interface: $INTIF" echo " Internal network IP address is: $INTLAN" echo " External interface: $EXTIF" echo " External interface IP address is: $EXTIP" echo " Clearing any existing rules and setting default policy..." /sbin/ipchains -P input ACCEPT /sbin/ipchains -P output ACCEPT /sbin/ipchains -P forward REJECT /sbin/ipchains -F input /sbin/ipchains -F output /sbin/ipchains -F forward echo " Enabling IPMASQ functionality on $EXTIF..." /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -i $EXTIF -s $INTLAN -j MASQ echo -e " Proxy server rule loading complete\n\n" Kad pokrenem /etc/init.d/proxy.sh, izbacuje ovo: SETING UP IPCHAINS PROXY... /etc/init.d/proxy.sh: address: command not found Enabling Dynamic IP Addressing... Loading required IPMASQ kernel modules... Enabling IP forwarding... Enabling IP Defragmentation... Setting default timers... Internal interface: eth0 Internal network IP address is: 172.16.0.0/16 External interface: eth1 External interface IP address is: moja.dinamicka.ip.adresa Clearing any existing rules and setting default policy... Enabling IPMASQ functionality on eth1... Proxy server rule loading complete To je to. Pomoc? |