IP_nettverk


 * Network setup:**

eth0 = external eth1 = internal


 * Setup ipv4 forwarding:**

Edit /etc/sysctl.conf: code Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1 code code echo 1 > /proc/sys/net/ipv4/ip_forward code


 * Ruting til intern maskin med offentlig IP**

Server: code iptables -A PREROUTING -t nat -i eth0 -j DNAT --to 10.0.0.2 code Client: ifconfig eth0 10.0.0.2 netmask 255.255.255.0


 * NAT-ing**

Server: code iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE code


 * DHCP**

Server:

/etc/default/dhcp3-server code INTERFACES=”eth1″ code

/etc/dhcp3/dhcpd.conf code default-lease-time 600; max-lease-time 7200;

option subnet-mask 255.255.255.128; option broadcast-address 10.0.0.127; option routers 10.0.0.1; option domain-name-servers 8.8.8.8; option domain-name “gr2”;

subnet 10.0.0.0 netmask 255.255.255.128 { range 10.10.0.10 10.10.0.100; } code cat /var/lib/dhcp3/dhclient.leases

//lease { interface "eth0"; fixed-address 10.0.0.10; option subnet-mask 255.255.255.128; option dhcp-lease-time 600; option routers 10.0.0.1; option dhcp-message-type 5; option dhcp-server-identifier 10.0.0.1; option domain-name-servers 8.8.8.8; option broadcast-address 10.0.0.128; option domain-name "gr2"; renew 2 2010/03/02 12:06:03; rebind 2 2010/03/02 12:10:04; expire 2 2010/03/02 12:11:19; }//

/etc/network/interfaces code auto eth1 iface eth1 inet static address 10.0.0.1 netmask 255.255.255.128 network 10.0.0.0 broadcast 10.0.0.127
 * Subnetting**

auto eth1:1 iface eth1:1 inet static address 10.0.0.129 netmask 255.255.255.128 network 10.0.0.127 broadcast 10.0.0.255 code ifconfig eth0 10.0.0.2 netmask 255.255.255.128 ifconfig eth0 10.0.0.150 netmask 255.255.255.0
 * Client 1:**
 * Client 2:**

code iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 2500 -j DNAT --to 10.0.0.150:2500 iptables -A INPUT -p tcp -m state --state NEW --dport 2500 -i eth0 -j ACCEPT code Test: Setter opp en enkel TCP server på Clienten, og tester fra en PC utenfra. code telnet 158.38.56.74 2500 Trying 158.38.56.74... Connected to 158.38.56.74. Escape character is '^]'. Hallo gr2, det funker! Connection closed by foreign host. code
 * Portforwarding i NAT**