Presentation is loading. Please wait.

Presentation is loading. Please wait.

LİNUX-ROUTER-1 Gw1: 74.90.92.1 GW2: 95.111.62.129 ISP1 eth0 74.90.92.246 95.111.62.136 eth1 10.3.3.1/30 LİNUX-ROUTER-2 Gw1:192.168.198.2 Gw2:10.3.3.1 eth1.

Published byMarylou Hamilton Modified over 9 years ago

Similar presentations

Presentation on theme: "LİNUX-ROUTER-1 Gw1: 74.90.92.1 GW2: 95.111.62.129 ISP1 eth0 74.90.92.246 95.111.62.136 eth1 10.3.3.1/30 LİNUX-ROUTER-2 Gw1:192.168.198.2 Gw2:10.3.3.1 eth1."— Presentation transcript:

1 LİNUX-ROUTER-1 Gw1: 74.90.92.1 GW2: 95.111.62.129 ISP1 eth0 74.90.92.246 95.111.62.136 eth1 10.3.3.1/30 LİNUX-ROUTER-2 Gw1:192.168.198.2 Gw2:10.3.3.1 eth1 10.3.3.2/30 ISP2 eth0 192.168.198.130/24 XP Gw: 192.168.198.130 eth0 192.168.198.31/24 Soru : 192.168.198.31’e 95.111.62.136‘nın 3389 ve 80 nolu portlarını iptables ve iproute kullanarak nasıl NATLARIZ ? Not : 2 nolu routerda ana routing tabloda default gw 10.3.3.1 yapılırsa çalışıyor. Sorun 192.168.198.2 olduğunda çalışmaması.

2 LINUX-ROUTER-1 Route Table ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 ip r s t 10 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 İp r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 default via 95.111.62.129 dev eth0

3 Linux ROUTER-1 IPTABLES İptables –t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination İptables –t nat –L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 95-111-62-136 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 95-111-62-136 multiport dports ftp-data,ftp,ssh,www to:10.3.3.2 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 10.3.3.2 anywhere to:95.111.62.136 Chain OUTPUT (policy ACCEPT) target prot opt source destination

4 LINUX-ROUTER-2 Route Table ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 metric 2 ip r s t 10 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 İp r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 10.3.3.1 dev eth1

5 Linux ROUTER-2 IPTABLES İptables –t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination İptables –t nat –L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 10.3.3.2 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 10.3.3.2 multiport dports ftp-data,ftp,ssh,www to:192.168.98.31 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.198.31 anywhere to:10.3.3.2 Chain OUTPUT (policy ACCEPT) target prot opt source destination

Download ppt "LİNUX-ROUTER-1 Gw1: 74.90.92.1 GW2: 95.111.62.129 ISP1 eth0 74.90.92.246 95.111.62.136 eth1 10.3.3.1/30 LİNUX-ROUTER-2 Gw1:192.168.198.2 Gw2:10.3.3.1 eth1."

Similar presentations

Iptables Firewalls Blair Hicks

Iptables Firewalls Blair Hicks
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
Mateti/PacketFilters1 Packet Filtering Prabhaker Mateti Prabhaker Mateti.

Mateti/PacketFilters1 Packet Filtering Prabhaker Mateti Prabhaker Mateti.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
Packet Filtering CS-480b Dick Steflik. Stateless Packet Filters A border router configured to pass or reject packets based on information in the header.

Packet Filtering CS-480b Dick Steflik. Stateless Packet Filters A border router configured to pass or reject packets based on information in the header.
COMS/CSEE 4140 Networking Laboratory Lecture 08 Salman Abdul Baset Spring 2008.

COMS/CSEE 4140 Networking Laboratory Lecture 08 Salman Abdul Baset Spring 2008.
1 Firewall & IP Tables. 2 Firewall IP Tables 3 32-4 FIREWALLS All previous security measures cannot prevent Eve from sending a harmful message to a system.

1 Firewall & IP Tables. 2 Firewall IP Tables FIREWALLS All previous security measures cannot prevent Eve from sending a harmful message to a system.
Module 10 Linux Gateway (NAT) 10.1 – Introduction 10.2 – Official website and list 10.3 – Two types of NAT 10.4 – Controlling what to NAT 10.5 – How to.

Module 10 Linux Gateway (NAT) 10.1 – Introduction 10.2 – Official website and list 10.3 – Two types of NAT 10.4 – Controlling what to NAT 10.5 – How to.
What’s New in Fireware XTM v11.5.3. Changes in Fireware XTM v11.5.3  Routing table changes  Feature key global expiration for some XTMv keys  IP address.

What’s New in Fireware XTM v Changes in Fireware XTM v  Routing table changes  Feature key global expiration for some XTMv keys  IP address.
Cryptography and Network Security Chapter 20 Firewalls

Cryptography and Network Security Chapter 20 Firewalls
System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping  Send ARP instead  May also ping.

System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping  Send ARP instead  May also ping.
SYSTEM SECURITY NETWORK (Firewall) Install a firewall Determine the type of the type of network security Identify the control network is needed Design.

SYSTEM SECURITY NETWORK (Firewall) Install a firewall Determine the type of the type of network security Identify the control network is needed Design.
Cs490ns - cotter1 Firewalls What they do. How they work.

Cs490ns - cotter1 Firewalls What they do. How they work.
COMS W4995-1 COMS W4995-1 Lecture 8. NAT, DHCP & Firewalls.

COMS W COMS W Lecture 8. NAT, DHCP & Firewalls.
NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.

NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10.ppt L10/1/63 COM342 Networks and Data Communications Ian McCrumRoom 5B18 Tel: 90 366364 voice.

07/11/ L10/1/63 COM342 Networks and Data Communications Ian McCrumRoom 5B18 Tel: voice.
Packet Filtering and Firewall

Packet Filtering and Firewall
IPtables Objectives –to learn the basics of iptables Contents –Start and stop IPtables –Checking IPtables status –Input and Output chain –Pre and Post.

IPtables Objectives –to learn the basics of iptables Contents –Start and stop IPtables –Checking IPtables status –Input and Output chain –Pre and Post.

Similar presentations

Ads by Google