Router serving several inet ips

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi all,

i have a router with debian 3.0 kernel 2.4.20, working with htb quite well,
limiting bandwidth and doing port and ip priorizations.

Now i want to server more than 1 internet ip, later i will do priorizations
on each ip.. but.. i can´t manage yet the first thing.
The idea is that it works as a "dhcp server", assigning the ips.. but the
traffic must go through the linux box (so i can priorize and limit
bandwidth).
i have set up the second internet ip with ipalias in eth1:0, and it is
active, i get ping from internet.. no problem.. but it does not work fine
when i try to assign it to a private ip

The idea is assigning 192.168.0.3 to eth1:0 (no natting, .. just the entire
ip)

The iptables after '#' is what i tried.. but it did not work, it gave me
this message:
debian:/etc/init.d# sh nat.sh
Warning: weird character in interface `eth1:0' (No aliases, :, ! or *).
Warning: weird character in interface `eth1:0' (No aliases, :, ! or *).
iptables v1.2.7a: multiple -j flags not allowed

Thanks in advance,
Carlos

The script, below..

#!/bin/sh

echo "AthoS LaN Generando iptables..." > /dev/tty12

#limpiamos las tablas de iptables
iptables -F
iptables -t nat -F
iptables -t filter -F

#eth1 sera la interfaz de internet
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE

#eth0 la interfaz de la red local
iptables --append FORWARD --in-interface eth0 -j ACCEPT

#iptables -t nat -F PREROUTING
#iptables -t nat -P PREROUTING  ACCEPT
#iptables -t nat -F POSTROUTING
#iptables -t nat -P POSTROUTING ACCEPT
#iptables -t nat -A POSTROUTING -o eth1:0
#iptables -A FORWARD -i eth0 -j ACCEPT -m state --state
NEW,ESTABLISHED,RELATED
#iptables -A FORWARD -i eth1:0 -j ACCEPT -m state --state
ESTABLISHED,RELATED  -j MASQUERADE

#activamos el forward
echo 1 > /proc/sys/net/ipv4/ip_forward


#reglas para enrutado de paketes...

#1.- redirecciona las peticiones del puerto 21 a mi pc
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 21 -j DNAT --to 192.168
.0.2:21

_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux