[root@localhost cbq]# iptables-save
# Generated by iptables-save v1.2.3 on Sat Nov 12 07:10:00 2005
*mangle
:PREROUTING ACCEPT [10114098:3764899788]
:OUTPUT ACCEPT [171716:34847887]
COMMIT
# Completed on Sat Nov 12 07:10:00 2005
# Generated by iptables-save v1.2.3 on Sat Nov 12 07:10:00 2005
*nat
:PREROUTING ACCEPT [472294:27304776]
:POSTROUTING ACCEPT [157:9079]
:OUTPUT ACCEPT [173:10177]
-A PREROUTING -s 192.168.2.22 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.2.113
-A PREROUTING -s 192.168.2.242 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.2.113
-A PREROUTING -s 192.168.2.201 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.2.113
-A PREROUTING -s 192.168.2.42 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.2.113
-A PREROUTING -s 192.168.2.111 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.2.113
-A PREROUTING -s 192.168.2.173 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.2.113
-A PREROUTING -s 192.168.2.40 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.2.113
-A PREROUTING -s 192.168.2.178 -p tcp -j DROP
-A POSTROUTING -s 192.168.2.0/255.255.255.0 -d 202.0.0.0/255.0.0.0 -j SNAT –to-source 202.152.55.210
-A POSTROUTING -s 192.168.2.0/255.255.255.0 -d 203.0.0.0/255.0.0.0 -j SNAT –to-source 202.152.55.210
-A POSTROUTING -s 192.168.2.0/255.255.255.0 -d 219.0.0.0/255.0.0.0 -j SNAT –to-source 202.152.55.210
-A POSTROUTING -s 192.168.2.0/255.255.255.0 -d 222.0.0.0/255.0.0.0 -j SNAT –to-source 202.152.55.210
-A POSTROUTING -s 192.168.2.0/255.255.255.0 -j SNAT –to-source 69.88.24.37
-A POSTROUTING -s 192.168.2.178 -j DROP
COMMIT
# Completed on Sat Nov 12 07:10:00 2005
# Generated by iptables-save v1.2.3 on Sat Nov 12 07:10:00 2005
*filter
:INPUT ACCEPT [434997:82489618]
:FORWARD ACCEPT [9678268:3682351211]
:OUTPUT ACCEPT [166295:33653931]
-A INPUT -p tcp -m tcp –dport 8080 -j ACCEPT
COMMIT
# Completed on Sat Nov 12 07:10:00 2005
[root@localhost cbq]#
[root@localhost cbq]# ip r
202.152.55.208/29 dev eth1 scope link
69.88.24.32/29 dev eth1 proto kernel scope link src 69.88.24.37
192.168.2.0/24 dev eth0 scope link
127.0.0.0/8 dev lo scope link
default via 202.152.55.209 dev eth1
[root@localhost cbq]
[root@localhost cbq]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
202.152.55.208 0.0.0.0 255.255.255.248 U 40 0 0 eth1
69.88.24.32 0.0.0.0 255.255.255.248 U 40 0 0 eth1
192.168.2.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo
0.0.0.0 202.152.55.209 0.0.0.0 UG 40 0 0 eth1
[root@localhost cbq]#
[root@localhost cbq]# cat /etc/resolv.conf
nameserver 202.152.0.2
nameserver 168.215.210.50
nameserver 207.170.210.16
#search localdomain
[root@localhost cbq]#
[root@localhost cbq]# cat /etc/rc.d/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don’t
# want to do the full Sys V style init stuff.
/sbin/cbq start
#touch /var/lock/subsys/local
[root@localhost cbq]#
[root@localhost root]# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.4 1416 508 ? S Nov08 0:04 init [3]
root 2 0.0 0.0 0 0 ? SW Nov08 0:00 [keventd]
root 3 0.0 0.0 0 0 ? SW Nov08 0:00 [kapm-idled]
root 4 0.0 0.0 0 0 ? RWN Nov08 0:00 [ksoftirqd_CPU0]
root 5 0.0 0.0 0 0 ? SW Nov08 0:00 [kswapd]
root 6 0.0 0.0 0 0 ? SW Nov08 0:00 [kreclaimd]
root 7 0.0 0.0 0 0 ? SW Nov08 0:00 [bdflush]
root 8 0.0 0.0 0 0 ? SW Nov08 0:00 [kupdated]
root 9 0.0 0.0 0 0 ? SW< Nov08 0:00 [mdrecoveryd]
root 13 0.0 0.0 0 0 ? SW Nov08 0:02 [kjournald]
root 89 0.0 0.0 0 0 ? SW Nov08 0:00 [khubd]
root 686 0.0 0.0 0 0 ? SW Nov08 0:00 [eth1]
root 787 0.0 0.5 1476 584 ? S Nov08 0:01 syslogd -m 0
root 792 0.0 1.0 2108 1192 ? S Nov08 0:00 klogd -2
rpc 812 0.0 0.5 1556 568 ? S Nov08 0:00 portmap
rpcuser 840 0.0 0.6 1608 760 ? S Nov08 0:00 rpc.statd
root 952 0.0 0.4 1400 516 ? S Nov08 0:00 /usr/sbin/apmd -p
ident 1008 0.0 0.8 26932 964 ? S Nov08 0:00 identd -e -o
ident 1014 0.0 0.8 26932 964 ? S Nov08 0:00 identd -e -o
ident 1015 0.0 0.8 26932 964 ? S Nov08 0:02 identd -e -o
ident 1019 0.0 0.8 26932 964 ? S Nov08 0:02 identd -e -o
ident 1026 0.0 0.8 26932 964 ? S Nov08 0:00 identd -e -o
root 1030 0.0 2.1 4064 2348 ? S Nov08 0:00 /usr/sbin/snmpd -
named 1047 0.0 3.1 11576 3436 ? S Nov08 0:00 named -u named
named 1065 0.0 3.1 11576 3436 ? S Nov08 0:00 named -u named
named 1066 0.0 3.1 11576 3436 ? S Nov08 0:00 named -u named
named 1067 0.0 3.1 11576 3436 ? S Nov08 0:00 named -u named
named 1068 0.0 3.1 11576 3436 ? S Nov08 0:00 named -u named
root 1072 0.0 1.1 2672 1272 ? S Nov08 0:16 /usr/sbin/sshd
root 1106 0.0 0.8 2272 928 ? S Nov08 0:00 xinetd -stayalive
lp 1125 0.0 0.8 2580 976 ? S Nov08 0:00 lpd Waiting
root 1234 0.0 0.5 1592 656 ? S Nov08 0:00 crond
daemon 1270 0.0 0.4 1448 552 ? S Nov08 0:00 /usr/sbin/atd
root 2161 0.0 0.3 1388 440 tty1 S Nov08 0:00 /sbin/mingetty tt
root 2162 0.0 0.3 1388 440 tty2 S Nov08 0:00 /sbin/mingetty tt
root 2163 0.0 0.3 1388 440 tty3 S Nov08 0:00 /sbin/mingetty tt
root 2164 0.0 0.3 1388 440 tty4 S Nov08 0:00 /sbin/mingetty tt
root 2165 0.0 0.3 1388 440 tty5 S Nov08 0:00 /sbin/mingetty tt
root 2166 0.0 0.3 1388 440 tty6 S Nov08 0:00 /sbin/mingetty tt
root 15152 0.1 1.8 3692 2032 ? S 05:11 0:11 /usr/sbin/sshd
root 15153 0.0 1.2 2552 1372 pts/0 S 05:11 0:00 -bash
root 15299 0.0 1.8 3648 2032 ? S 05:23 0:01 /usr/sbin/sshd
root 15300 0.0 1.2 2560 1396 pts/1 S 05:24 0:00 -bash
root 17576 0.0 1.4 2756 1588 pts/1 S 07:15 0:00 ssh -l root 192.1
root 17582 0.0 0.6 2648 716 pts/0 R 07:20 0:00 ps aux
[root@localhost root]#
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar