Posiadam:
-komputer A z 2 sieciówkami i zainstalowanym Ubuntu server
-komputer B
schemat połączenia sieci jest następujący:
- komputer A interfejsem eth0 jest podłączony do routera który idzie na świat interfejs eth1 powienien mi robić za brame dla innych komputerów w sieci
- komputer B jest podłączony bezpośrednio do komputera A
pliki konfiguacyjne:
/etc/network/interfaces
Kod: Zaznacz cały
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.138.5
gateway 192.168.138.1
netmask 255.255.255.0
network 192.168.138.0
broadcast 192.168.138.255
name INTERNET
auto eth1
iface eth1 inet static
address 10.0.0.1
netmask 255.0.0.0
network 10.0.0.0
broadcast 10.255.255.255
name LAN
Kod: Zaznacz cały
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.138.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth1
0.0.0.0 192.168.138.1 0.0.0.0 UG 100 0 0 eth0
Kod: Zaznacz cały
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# the following stops low-level messages on console
kernel.printk = 4 4 1 7
# enable /proc/$pid/maps privacy so that memory relocations are not
# visible to other users. (Added in kernel 2.6.22.)
kernel.maps_protect = 1
# Increase inotify availability
fs.inotify.max_user_watches = 524288
# protect bottom 64k of memory from mmap to prevent NULL-dereference
# attacks against potential future kernel security vulnerabilities.
# (Added in kernel 2.6.23.)
vm.mmap_min_addr = 65536
##############################################################3
# Functions previously found in netbase
#
# Comment the next two lines to disable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# This disables TCP Window Scaling (http://lkml.org/lkml/2008/2/5/167)
net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
#net.ipv6.ip_forward=1
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Ignore ICMP broadcasts
#net/ipv4/icmp_echo_ignore_broadcasts = 1
#
# Ignore bogus ICMP errors
#net/ipv4/icmp_ignore_bogus_error_responses = 1
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net/ipv4/conf/all/accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net/ipv4/conf/all/secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net/ipv4/conf/all/send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net/ipv4/conf/all/accept_source_route = 0
#
# Log Martian Packets
#net/ipv4/conf/all/log_martians = 1
#
# Always defragment packets
#net/ipv4/ip_always_defrag = 1W czym tkwi problem?
Z ServeraUbuntu (komp A) wszystko śmiga pingi, www itp a kompa b moge wypingować interfejs eth0 i eth1 ale już routera do sieci (192.168.138.1) już nie. z komputera który jest wpięty do sieci 192.168.138.0 nie jestem w stanie wypingować komputera B.
Pomóżcie......
