[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:37666] Re: iptable 特定のPCだけインターネットサーフィン 他はイントラのwebサーバーが見れるだけ
- From: Tatsuki Sugiura <sugi@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Subject: [debian-users:37666] Re: iptable 特定のPCだけインターネットサーフィン 他はイントラのwebサーバーが見れるだけ
- Date: Sat, 12 Jul 2003 16:46:47 +0900
- List-help: <mailto:debian-users-ctl@debian.or.jp?body=help>
- List-id: debian-users.debian.or.jp
- List-owner: <mailto:debian-users-admin@debian.or.jp>
- List-post: <mailto:debian-users@debian.or.jp>
- List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
- List-unsubscribe: <mailto:debian-users-ctl@debian.or.jp?body=unsubscribe>
- X-face: %#SbsX5Ajq`)JKPGXyq8Cn6"<`&M~n\?,}`vYU7[}gM!q_K=\v6[}y8&R:Dy3O0Ymmw$@>T $Ys$^Tw8ghB'uxX)I(n_x\5RQ|s'D0m$,"I^\S
- X-gpg-fingerprint: C4BC EDCC 50B2 2D7B 4A85 4A13 6CAD 85CE 4502 FDC2
- X-gpg-keyid: 4502FDC2
- X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-users-ctl@debian.or.jp; help=<mailto:debian-users-ctl@debian.or.jp?body=help>
- X-ml-name: debian-users
- X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
- X-moe: Vampire/lilith
- X-public-key: http://pgp.nic.ad.jp:11371/pks/lookup?op=get&search=0x4502FDC2
- X-spam-level: *
- X-spam-status: No, hits=1.8 required=10.0 tests=BASE64_ENC_TEXT,CARRIAGE_RETURNS,EIGHTBIT_BODY, ISO2022JP_BODY,QUOTED_EMAIL_TEXT,SPAM_PHRASE_00_01 version=2.44
- References: <20030712155315.52db14f8.okou@xxxxxxxxxxxxxxxxx>
- Message-id: <87fzlc1923.wl@xxxxxxxxxxxxxxxxx>
- X-mail-count: 37666
- User-agent: Wanderlust/2.11.3 (Wonderwall) SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.6 Emacs/21.3 (i386-pc-linux-gnu) MULE/5.0 (賢木)
YłB
>>> In Message "[debian-users:37664] Re: iptable PCC^[lbgT[tB ̓CgwebT[o[邾"
>>> <20030712155315.52db14f8.okou@xxxxxxxxxxxxxxxxx>,
>>> <okou@xxxxxxxxxxxxxxxxx> said;
> GR[fOԈĂ邩ȂƂł܂AMĒ܂B
mɊԈĂ܂B܂ɂCɂȂ̂łƓeĒ܂B
܂AGR[hႤ̂́AIPAhX̊eINebg̋ɁA
ṕuBvgĂ邽ߕϊɎŝƎv܂B
܊px\ꂽ̂łAoOɌ܂傤B
ɁÂ܂B
* ̂AړI͉
* ĉ{l܂,}̂
* ݂̏Ԃ͂ǂBʼn̂
炢ȂƁANԎo܂B
ŌɁAouԐMvƁuVKṽ[𐳂gĉB
uԐMv́A[̕ҏWʂɂ炩 To p͂邾ł͂ȂāA
uiIꂽ[ɑjԎłvƂtŃ[܂B
uԐMv{^͒P To ̓͂ȗ邽߂ɂ킯ł͂܂B
Ȃ̂ŁAVbȂKuVKvŏoĉB
tɕԐMȂA*ꏊ* ԐMĉB
bxB
-----------------------------------------------------------------------
> O̓eł win192.168.72.131 win192.168.72.PQO݂Ă܂܂B
> Ōq̃[ɑウ܂B
̖ړI͌Ȃ悤ɂ邱Ƃł傤H
> > fletz ISDN
> > |
> > router
> > NIC 192.168.1.50
> > |
> > NIC 192.168.1.250
> > sarge
> > NIC 192.168.72.250
> > |
> > HUB192.168.72.PQOA192.168.72.207
> > |
> > 192.168.72.131A192.168.72.131
> > Ƃ
>
> ƁA
> win192.168.72.1QO win192.168.72.131 ݂͓̂RƂĂ
> win192.168.72.131 win192.168.72.1QO Ȃ̂svcłB
> (192.168.72.250͌oRȂ͂Ȃ̂)
P 192.168.72.131 ɐݒ肳ĂTulbg}XNԈĂ肵܂H
<...Ɨ...>
> win192.168.72.131 win192.168.72.1QO݂͂Ȃ̂ɑ
> S̓ĐʂłA
>
> ʂwin192.168.72.131 win192.168.72.1QOɒŝł
> $IPTABLES -t nat -A PREROUTING -i eth1 -s 192.168.72.131/32 -p tcp -d 192.168.72.250/32 --destination-port 137:139 -j DROP
> $IPTABLES -t nat -A PREROUTING -i eth1 -s 192.168.72.131/32 -p udp -d 192.168.72.250/32 --destination-port 137:139 -j DROP
> 邽߂192.168.72.131 192.168.72.250 nat̂ߎ̂悤ɐ DROP[ƍl܂B
> łAƂ ƕ|Ƃ N肻ȋC܂B
Ȃ̂ňSł :-)
--
Tatsuki Sugiura mailto:sugi@xxxxxxxxxxxxxxxxxxxxxxxxxxx