вторник, 6 марта 2012 г.

dir 620

switch reg w 90 10007f7f активация wan





insmod ipt_mark 
insmod xt_mark 
iptables -t mangle -A PREROUTING -i ! `get_wanface` -d `nvram get wan_ipaddr` -j MARK --set-mark 0xd001 
iptables -t nat -A POSTROUTING -m mark --mark 0xd001 -j MASQUERADE 


iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 8181 -j ACCEPT
iptables -I INPUT -p tcp --dport 901 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT


iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o br0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o ppp0 -j MASQUERADE


iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o br0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o ppp0 -j MASQUERADE


iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I FORWARD -i ppp0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o ppp0 -j ACCEPT


iptables -A FORWARD -i tun0 -j ACCEPT
iptables -I INPUT -i tun0 -j ACCEPT

iptables -I FORWARD 1 --source 10.8.0.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE
iptables -I POSTROUTING -t nat -o tun0 -j MASQUERADE
iptables -I INPUT -t filter -i tun0 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o br0 -j MASQUERADE

Автор: на 1 комментарий:
Подписаться на: Сообщения (Atom)