edit /etc/rc.d/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don’t
# want to do the full Sys V style init stuff.
# touch /var/lock/subsys/local
modprobe ipt_LOG
modprobe ipt_REJECT
modprobe ipt_MASQUERADE
/sbin/depmod -a
echo “1″ > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -X
LAN_IF=”eth0″
EXT_IF=”eth1″
#######
# warnet client
iptables -t nat -A POSTROUTING -s 192.168.2.42 -o $EXT_IF -p tcp -j SNAT –to-source 202.75.101.126
iptables -t nat -A POSTROUTING -s 192.168.2.42 -o $EXT_IF -p udp -j SNAT –to-source 202.75.101.126
iptables -t nat -A POSTROUTING -s 192.168.2.42 -o $EXT_IF -d 0/0 -j MASQUERADE
# buka port
iptables -A INPUT -j ACCEPT -p tcp –dport 80
iptables -A INPUT -j ACCEPT -p tcp –dport 21
iptables -A INPUT -j ACCEPT -p tcp –dport 110
iptables -A INPUT -j ACCEPT -p tcp –dport 25
iptables -A INPUT -j ACCEPT -p tcp –dport 22
#####
# bandwidth limiter
/etc/rc.d/cbq.init-v0.7
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar