QQ登录

只需一步,快速开始

 找回密码
 注册

QQ登录

只需一步,快速开始

查看: 476|回复: 0

请帮我看看到底那错了

[复制链接]
发表于 2004-8-12 10:38:27 | 显示全部楼层 |阅读模式
EXT_IFACE=eth0
EXT_ADDR=x.x.x.x
INT_IFACE=eth1
INT_ADDR=192.168.1.0/24
Manager_Addr=



#.We like ues FTP server
echo "Starting iptables rules........."
/sbin/modprobe ip_tables
#/sbin/modprobe iptables_fitler
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe iptable_nat

#1........
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -X
iptables -Z
iptables -t nat -Z

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

##..ping of death..
echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all
##..........
#echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
##.......
#echo 0 >/proc/sys/net/ipv4/conf/all/accept_source_route
##.......icmp...
#echo 0 >/proc/sys/net/ipv4/conf/all/accept_redirects
##..IP..
for interface in /proc/sys/net/ipv4/conf/*/rp_filter; do
/bin/echo 1 > ${interface}
done
##..IP...........................
echo 0 >/proc/sys/net/ipv4/ip_forward


################## CS SERVER Start ################
iptables -A PREROUTING -t nat -p tcp -m tcp -d ${EXT_ADDR} --dport -j DNAT --to 192.168.1.3:27015
iptables -A POSTROUTING -t nat -p tcp -m tcp -d 192.168.1.3 --dport 27015 -j SNAT --to 192.168.1.1
iptables -A FORWARD -p tcp -d 192.168.1.3 -o ${INT_IFACE} --dport 27015 -j ACCEPT
iptables -A RORWARD -P tcp -s 192.168.1.3 -i ${INT_IFACE} --sport 27015 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A PREROUTING -t nat -p udp -m udp -d ${EXT_ADDR} --dport -j DNAT --to 192.168.1.3:27015
iptables -A POSTROUTING -t nat -p udp -m udp -d 192.168.1.3 --dport 27015 -j SNAT --to 192.168.1.1
iptables -A FORWARD -p udp -d 192.168.1.3 -o ${INT_IFACE} --dport 27015 -j ACCEPT
iptables -A RORWARD -P udp -s 192.168.1.3 -i ${INT_IFACE} --sport 27015 -m state --state ESTABLISHED,RELATED -j ACCEPT

以上还有个FTP,可以正常服务
请帮看看错那里,cs转发不成
您需要登录后才可以回帖 登录 | 注册

本版积分规则

GMT+8, 2024-11-7 22:50 , Processed in 0.054304 second(s), 16 queries .

© 2021 Powered by Discuz! X3.5.

快速回复 返回顶部 返回列表