Увидели сообщение с непонятной ссылкой, спам, непристойность или оскорбление?Воспользуйтесь ссылкой «Сообщить модератору» рядом с сообщением!
0 Пользователей и 1 Гость просматривают эту тему.
_________________________/PC2-ZL \| ___________________ || /LXC \ || | PC3-v1 10.0.3.222 | || | PC4-v2 10.0.3.75 | || \__________________/ || | _____________________| lxcbr0 10.0.3.1 | /PC1-L Я сижу \| wlan0 192.168.100.66| | || wlan0:1 192.168.100.3 | |----------- || wlan0:2 192.168.100.4 | | DNS || wlan0:3 192.168.100.5 | | /etc/resolv.conf || --------------------- | |добавить 192.168.100.5|| wlan0:1 на 10.0.3.75 | |---------- || wlan0:2 на 10.0.3.222 | (( o | ppp0 internet || wlan0:3 на 10.0.3.1 | | | eth0 192.168.100.2 || | _______________ / | | \__________________wlan0_/<------------->|192.168.100.1|<-LAN---->\eth0__________________/1. PC2-ZL # wlan0:1 192.168.100.3 на 10.0.3.75 ifconfig wlan0:1 192.168.100.3 up iptables -t nat -A PREROUTING -d 192.168.100.3 -j DNAT --to 10.0.3.75 # wlan0:2 192.168.100.4 на 10.0.3.222 ifconfig wlan0:2 192.168.100.4 up iptables -t nat -A PREROUTING -d 192.168.100.4 -j DNAT --to 10.0.3.222 # wlan0:3 192.168.100.5 на 10.0.3.1 для DNS ifconfig wlan0:1 192.168.100.5 up iptables -t nat -A PREROUTING -d 192.168.100.5 -j DNAT --to 10.0.3.1 ---------------------------------------------------------------------2 PC1-L клиент команды тестирования.------------L~$ L~$ ssh root@192.168.100.3root@192.168.100.3's password: Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-29-generic i686) * Documentation: https://help.ubuntu.com/Last login: Tue Jul 8 09:02:24 2014 from 192.168.100.2root@v2:~# root@v2:~# ifconfig eth0 | head -2eth0 Link encap:Ethernet HWaddr 00:16:3e:ba:b3:7f inet addr:10.0.3.75 Bcast:10.0.3.255 Mask:255.255.255.0root@v2:~# root@v2:~# exitlogoutConnection to 192.168.100.3 closed.L~$ L~$ ssh root@192.168.100.4root@192.168.100.4's password: Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-29-generic i686) * Documentation: https://help.ubuntu.com/Last login: Mon Jul 7 23:38:12 2014 from 192.168.100.2root@v1:~# root@v1:~# ifconfig eth0 | head -2eth0 Link encap:Ethernet HWaddr 00:16:3e:e6:67:50 inet addr:10.0.3.222 Bcast:10.0.3.255 Mask:255.255.255.0root@v1:~# root@v1:~# exitlogoutConnection to 192.168.100.4 closed.L~$ L~$ nslookup v1Server: 192.168.100.5Address: 192.168.100.5#53Name: v1Address: 10.0.3.222L~$ L~$ nslookup v2Server: 192.168.100.5Address: 192.168.100.5#53Name: v2Address: 10.0.3.75L~$ L~$ ------------:)END.L~$
ZL~# ifconfig -aeth0 Link encap:Ethernet HWaddr 00:01:2e:48:ac:55 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)lo Link encap:Локальная петля (Loopback) inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:109 errors:0 dropped:0 overruns:0 frame:0 TX packets:109 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:7350 (7.3 KB) TX bytes:7350 (7.3 KB)lxcbr0 Link encap:Ethernet HWaddr fe:58:b9:4c:95:f6 inet addr:10.0.3.1 Bcast:10.0.3.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:592 errors:0 dropped:0 overruns:0 frame:0 TX packets:355 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:48925 (48.9 KB) TX bytes:36218 (36.2 KB)vethRYD2SQ Link encap:Ethernet HWaddr fe:58:b9:4c:95:f6 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:310 errors:0 dropped:0 overruns:0 frame:0 TX packets:305 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:30695 (30.6 KB) TX bytes:31575 (31.5 KB)vethTG62WE Link encap:Ethernet HWaddr fe:91:7a:ea:31:59 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:285 errors:0 dropped:0 overruns:0 frame:0 TX packets:190 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:26768 (26.7 KB) TX bytes:22254 (22.2 KB)wlan0 Link encap:Ethernet HWaddr b8:03:05:dc:67:e8 inet addr:192.168.100.66 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:842 errors:0 dropped:0 overruns:0 frame:0 TX packets:816 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:78920 (78.9 KB) TX bytes:113260 (113.2 KB)wlan0:1 Link encap:Ethernet HWaddr b8:03:05:dc:67:e8 inet addr:192.168.100.3 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1wlan0:2 Link encap:Ethernet HWaddr b8:03:05:dc:67:e8 inet addr:192.168.100.4 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1wlan0:3 Link encap:Ethernet HWaddr b8:03:05:dc:67:e8 inet addr:192.168.100.5 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1ZL~# ZL~# iptables-save# Generated by iptables-save v1.4.21 on Wed Jul 23 16:46:30 2014*mangle:PREROUTING ACCEPT [1567:130007]:INPUT ACCEPT [988:85615]:FORWARD ACCEPT [695:58725]:OUTPUT ACCEPT [692:84974]:POSTROUTING ACCEPT [1443:151393]-A POSTROUTING -o lxcbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fillCOMMIT# Completed on Wed Jul 23 16:46:30 2014# Generated by iptables-save v1.4.21 on Wed Jul 23 16:46:30 2014*nat:PREROUTING ACCEPT [128:10257]:INPUT ACCEPT [48:3085]:OUTPUT ACCEPT [41:2868]:POSTROUTING ACCEPT [49:4623]-A PREROUTING -d 192.168.100.3/32 -j DNAT --to-destination 10.0.3.75-A PREROUTING -d 192.168.100.4/32 -j DNAT --to-destination 10.0.3.222-A PREROUTING -d 192.168.100.5/32 -j DNAT --to-destination 10.0.3.1-A POSTROUTING -s 10.0.3.0/24 ! -d 10.0.3.0/24 -j MASQUERADECOMMIT# Completed on Wed Jul 23 16:46:30 2014# Generated by iptables-save v1.4.21 on Wed Jul 23 16:46:30 2014*filter:INPUT ACCEPT [900:78827]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [694:85074]-A INPUT -i lxcbr0 -p tcp -m tcp --dport 53 -j ACCEPT-A INPUT -i lxcbr0 -p udp -m udp --dport 53 -j ACCEPT-A INPUT -i lxcbr0 -p tcp -m tcp --dport 67 -j ACCEPT-A INPUT -i lxcbr0 -p udp -m udp --dport 67 -j ACCEPT-A FORWARD -o lxcbr0 -j ACCEPT-A FORWARD -i lxcbr0 -j ACCEPTCOMMIT# Completed on Wed Jul 23 16:46:30 2014ZL~# ZL~# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 00:01:2e:48:ac:55 brd ff:ff:ff:ff:ff:ff3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether b8:03:05:dc:67:e8 brd ff:ff:ff:ff:ff:ff inet 192.168.100.66/24 brd 192.168.100.255 scope global wlan0 valid_lft forever preferred_lft forever inet 192.168.100.3/24 brd 192.168.100.255 scope global secondary wlan0:1 valid_lft forever preferred_lft forever inet 192.168.100.4/24 brd 192.168.100.255 scope global secondary wlan0:2 valid_lft forever preferred_lft forever inet 192.168.100.5/24 brd 192.168.100.255 scope global secondary wlan0:3 valid_lft forever preferred_lft forever4: lxcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether fe:58:b9:4c:95:f6 brd ff:ff:ff:ff:ff:ff inet 10.0.3.1/24 brd 10.0.3.255 scope global lxcbr0 valid_lft forever preferred_lft forever6: vethRYD2SQ: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lxcbr0 state UP group default qlen 1000 link/ether fe:58:b9:4c:95:f6 brd ff:ff:ff:ff:ff:ff8: vethTG62WE: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lxcbr0 state UP group default qlen 1000 link/ether fe:91:7a:ea:31:59 brd ff:ff:ff:ff:ff:ffZL~# ZL~# ZL~# route -nТаблица маршутизации ядра протокола IPDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 192.168.100.2 0.0.0.0 UG 0 0 0 wlan010.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 lxcbr0192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0ZL~# ZL~# cat /etc/resolv.confnameserver 10.0.3.1nameserver 8.8.8.8nameserver 8.8.4.4ZL~#
_/,.__ / \ \.,_ |o o )| _,./ / \ |< / / \ |( o_\ ___\._.)/__ /_o )| \ ._/ / \_/ \ |_./ \___|__ | \ / / __|_/___ / \___________\___\__/ / / .. \ / \____________|__E_|______/ / /\ .. \ \ | / \ \_ _/ / \ \ \/__E__\/ | Это Сети в Интернет
_/,.__ / \ \.,_ |o o )| _,./ / \ |< / / \ |( o_\ ___\._.)/__ /_o )| \ ._/ / \_/ \ |_./ \___|__ | / ___|_/___ / \__________|__________|_/ .. \ / \________________|_E_|_______/\ .. \ \ | / |))| |((| \ \ Это Сеть в Сеть.
_____________ / \ | ИНТЕРНЕТ | \____________/ / \ | | | | __________ ________|________ __________ / PC2 \ / PC1 \ / PC3 \ |192.168.2.2|--------->|<-eth0-192.168.2.1| |192.168.3.2| \__________/ |192.168.3.1-eth1->|<---------\_________/ |------------------| |<--eth0<->eth1--->| |eth0:A-192.168.2.3| |eth1:B-192.168.3.3| |------------------| \_________________/ ------------------------------ Сети и Интернет (PC2<->PC1<->PC3) всё работает, НО сеть и сеть (PC2<->PC3) НЕ работает, теперь внизу настройки ибудет работает.PC1 настройка и команды# eth0:A-192.168.2.3ifconfig eth0:A 192.168.2.3 upiptables -t nat -A PREROUTING -d 192.168.2.3 -j DNAT --to 192.168.3.2# eth1:B-192.168.3.3ifconfig eth1:B 192.168.3.3 upiptables -t nat -A PREROUTING -d 192.168.3.3 -j DNAT --to 192.168.2.2----------------------PC2-(клиент 192.168.2.3 твой ИП?)----->PC3-(сервер 192.168.3.2 - Нет, Мой ИП.).PC3-(клиент 192.168.3.3 твой ИП?)----->PC2-(сервер 192.168.2.2 - Нет, Мой ИП.).ОК?
Страница сгенерирована за 0.059 секунд. Запросов: 25.