doc-linux-ja-html 2006.05.25-1.1 / usr / share / doc / HOWTO / ja-html / NAT-HOWTO-4.html

This file is indexed.

/usr/share/doc/HOWTO/ja-html/NAT-HOWTO-4.html is in doc-linux-ja-html 2006.05.25-1.1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
 <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
 <TITLE>Linux 2.4 NAT HOWTO: 2.0$B!"(B2.2$B7O%+!<%M%k$+$i$N<j$C<h$jAa$$0\9T(B</TITLE>
 <LINK HREF="NAT-HOWTO-5.html" REL=next>
 <LINK HREF="NAT-HOWTO-3.html" REL=previous>
 <LINK HREF="NAT-HOWTO.html#toc4" REL=contents>
</HEAD>
<BODY>
<A HREF="NAT-HOWTO-5.html">$B<!$N%Z!<%8(B</A>
<A HREF="NAT-HOWTO-3.html">$BA0$N%Z!<%8(B</A>
<A HREF="NAT-HOWTO.html#toc4">$BL\<!$X(B</A>
<HR>
<H2><A NAME="s4">4. 2.0$B!"(B2.2$B7O%+!<%M%k$+$i$N<j$C<h$jAa$$0\9T(B</A></H2>

<P>2.0 $B7O!J(Bipfwadm$B!K$+$i(B 2.2 $B7O!J(Bipchains$B!K$X$N0\9T$N8e0d>I$rL$$@Jz$($F$$$kJ}(B
$B$K$O?=$7Lu$"$j$^$;$s$,!"NI$$%K%e!<%9$H0-$$%K%e!<%9$,$"$j$^$9!#(B
<P>
<P>$B$^$:Bh0l$K!"$3$l$^$GDL$j(B ipchains $B$H(B ipfwadm $B$r$=$N$^$^;H$($^$9!#(B
$B$=$&$9$k$K$O!":G?7$N(B netfilter $B%G%#%9%H%j%S%e!<%7%g%s$NCf$N!"(Bipchains.o
$B$b$7$/$O(B ipfwadm.o $B%+!<%M%k%b%8%e!<%k$rAH$_9~$`I,MW$,$"$j$^$9!#(B
$B$3$l$iFs$D$N%b%8%e!<%k$O!JCN$C$F$NDL$j!K8_$$$KGSB>E*$J$N$G!"(B
$BB>$N$$$+$J$k(B netfilter $B%b%8%e!<%k$H$b0l=o$K;H$&$Y$-$G$O$"$j$^$;$s!#(B
<P>
<P>$B0lC6%b%8%e!<%k$,AH$_9~$^$l$l$P!"$3$l$^$GDL$j(B ipchains $B$d(B ipfwadm $B$rMxMQ(B
$B$G$-$^$9$,!"0J2<$NAj0cE@$,$"$j$^$9!'(B
<P>
<UL>
<LI>ipchains -M -S $B$d(B ipfwadm -M -s $B$G%^%9%+%l!<%I$N%?%$%`%"%&%H$r@_Dj$7$F$b0UL#(B
$B$,$"$j$^$;$s!#$H$$$&$N$b!"$3$l$i$N%?%$%`%"%&%H;~4V$O?7$7$$(B NAT $B$NFbIt$GMQ$$(B
$B$i$l$F$$$k%?%$%`%"%&%H$h$jD9$$$N$G!"$3$l$i$N%?%$%`%"%&%H;~4V$OE,MQ$5$l$k$3$H(B
$B$,$"$j$^$;$s!#(B
</LI>
<LI>$B>iD9$J%^%9%+%l!<%I%j%9%H$K$*$1$k!"(Binit_seq, delta, $B$=$7$F(B previous_delta
$B%U%#!<%k%I$,>o$K(B 0$B!#(B
</LI>
<LI>`-Z -L' $B$G!"%+%&%s%?$N%<%m2=$H%j%9%HI=<($rF1;~$K9T$&$3$H$O$G$-$^$;$s(B
$B!!!]%+%&%s%?$,(B 0 $B$K$J$i$J$$$+$i$G$9!#(B
</LI>
<LI>$B2<0L8_49@-%l%$%d$O!"B??t$N%3%M%/%7%g%s$K$"$^$j$&$^$/DI=>$G$-$^$;$s!#(B
$B$"$J$?$N2q<R$N%2!<%H%&%'%$$K$O!"$=$l$rMxMQ$7$J$$$G$/$@$5$$!*(B</LI>
</UL>
<P>$B%O%C%+!<$N?MC#$O0J2<$N$3$H$K$bCm0U$7$F$/$@$5$$!'(B
<P>
<UL>
<LI>$B8=:_$O!"(BIP $B%^%9%+%l!<%I$r$7$F$$$F$b!"(B61000-65095 $BHV%]!<%H$r(B bind $B2DG=$G$9!#(B
$B0JA0$N(B IP $B%^%9%+%l!<%I$O!"$3$NHO0O$N%]!<%H$r@jM-$9$k$3$H$O@5Ev$H9M$($F:n$i$l(B
$B$F$$$?$N$G!"B>$N%W%m%0%i%`$,;H$&$3$H$O$G$-$^$;$s$G$7$?!#(B
</LI>
<LI>$B!J%I%-%e%a%s%H2=$5$l$F$J$+$C$?!K(B`getsockname' $B$r%O%C%/$7$FF)2a%W%m%/%7$KMQ$$!"(B
$B%3%M%/%7%g%s$NK\Ev$N08@h$,$I$3$G$"$k$+CN$k$H$$$&$3$H$O$b$&$G$-$J$/$J$j$^$7$?!#(B
</LI>
<LI>$B!J%I%-%e%a%s%H2=$5$l$F$J$+$C$?!KL$CN$N%"%I%l%9$X$N(B bind $B$N%O%C%-%s%0$b$G$-$^(B
$B$;$s!#$3$N<jK!$OF)2a%W%m%/%7$N:x3P$r40`z$K$9$k$N$KMQ$$$i$l$^$7$?!#(B</LI>
</UL>
<P>
<H2><A NAME="ss4.1">4.1 $BKM$O(B IP $B%^%9%+%l!<%I$r;H$$$?$$$@$1$J$s$G$9!*!!=u$1$F!*(B</A>
</H2>

<P>$B$3$l$3$=BgItJ,$N?M$,5a$a$k$b$N$G$7$g$&!#$b$7(B PPP $B%@%$%d%k%"%C%W$GF0E*$K(B
IP $B%"%I%l%9$r3d$jEv$F$i$l$F$$$k$N$G$7$?$i!JJ,$+$i$J$$$H$7$F$b!"(B
$B$"$J$?$N$O$=$&$J$C$F$$$^$9!K!"FbIt%M%C%H%o!<%/$+$i$NA4$F$N%Q%1%C%H$,!"(B
PPP $B%@%$%d%k%"%C%W%\%C%/%9$+$i$N%Q%1%C%H$G$"$k$+$N$h$&$K$7$?$$$N$G$9!#(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
# Load the NAT module (this pulls in all the others).
modprobe iptable_nat

# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to
# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
</PRE>
</CODE></BLOCKQUOTE>
<P>$B$3$3$G$OA4$/%Q%1%C%H$r%U%#%k%?%j%s%0$7$F$J$$$3$H$KCm0U$7$F$/$@$5$$!#(B
$B%Q%1%C%H%U%#%k%?%j%s%0$K4X$7$F$O!"(BPacket Filtering HOWTO $B$NCf$N!"(B
$B!V(BMixing NAT and Packet Filtering$B!J(BNAT
$B$H%Q%1%C%H%U%#%k%?%j%s%0$N:.9g!K!W$r;2>H$7$F$/$@$5$$!#(B
<P>
<H2><A NAME="ss4.2">4.2 ipmasqadm $B$O$I$&$7$?$N!)(B</A>
</H2>

<P>$B$3$l$O$:$C$HHO0O$N69$$%f!<%6%Y!<%9$N$?$a$N$b$N$J$N$G!"(B
$BB>$N5!G=$HF1$8$[$I$K$O2<0L8_49@-$r5$$K$+$1$F$$$^$;$s$G$7$?!#(B
$B%]!<%H%U%)%o!<%G%#%s%0$r$d$k$J$i!"(B`iptables -t nat' $B$G$@$C$F$G$-$^$9!#(B
$B$G$9$+$iNc$($P(B Linux $B%+!<%M%k(B 2.2 $B7O$G$d$C$F$-$?!'(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
# Linux 2.2
# Forward TCP packets going to port 8080 on 1.2.3.4 to 192.168.1.1's port 80
ipmasqadm portfw -a -P tcp -L 1.2.3.4 8080 -R 192.168.1.1 80
</PRE>
</CODE></BLOCKQUOTE>
<P>$B$NBe$o$j$K:#$J$i!'(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
# Linux 2.4
# Append a rule before routing (-A PREROUTING) to the NAT table (-t nat) that
# TCP packets (-p tcp) going to 1.2.3.4 (-d 1.2.3.4) port 8080 (--dport 8080)
# have their destination mapped (-j DNAT) to 192.168.1.1, port 80
# (--to 192.168.1.1:80).
iptables -A PREROUTING -t nat -p tcp -d 1.2.3.4 --dport 8080 \
        -j DNAT --to 192.168.1.1:80
</PRE>
</CODE></BLOCKQUOTE>
<P>
<HR>
<A HREF="NAT-HOWTO-5.html">$B<!$N%Z!<%8(B</A>
<A HREF="NAT-HOWTO-3.html">$BA0$N%Z!<%8(B</A>
<A HREF="NAT-HOWTO.html#toc4">$BL\<!$X(B</A>
</BODY>
</HTML>

APT Browse - Built by Thomas Orozco.