Compartilhar 2 duas adsl no mesmo servidor linux [RESOLVIDO]

1. Compartilhar 2 duas adsl no mesmo servidor linux [RESOLVIDO]

adyfeitosa
(usa Outra)

Enviado em 21/12/2012 - 10:23h

Caros,

Bom dia!

Sou iniciante no Linux Ubuntu e estou estudando a versão 12.04 hoje.

Se alguém pode me ajudar nesta configuração, eu seria muito grato, como compartilhar 02 duas adsl no mesmo servidor linux com 03 três placas de rede.
eth0 = GVT
eth1 = Rede interna
eth2 = Velox

Meu cenario é este no arquivo rc.local :



# Limpando o Cache

service squid3 stop

rm -rf /var/cache/squid3/* 

cd /var/cache/

chown proxy /var/cache/squid3 

chgrp proxy /var/cache/squid3 

squid3 -z

service squid3 start



##############################################

#   Compatilhando a Internet

##############################################



iptables -F

iptables -X

iptables -t nat -F

iptables -t nat -X

modprobe iptable_nat

iptables -A POSTROUTING -t nat -s 192.168.254.0/24 -o eth0 -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward



iptables -A INPUT -p icmp --icmp-type echo-request -j DROP

echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter

iptables -A INPUT -m state --state INVALID -j DROP

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -i eth1 -j ACCEPT

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

iptables -A INPUT -p tcp --syn -j DROP

echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all





iptables -A FORWARD -p tcp --dport 80 -j ACCEPT

iptables -A FORWARD -p tcp --dport 8080 -j ACCEPT

iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT



iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j REDIRECT --to-port 3128

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j REDIRECT --to-port 3128





################## Redirecionamento ########################





# Terminal Service

iptables -A FORWARD -i eth0 -d 192.168.254.10 -p tcp --dport 3389 -j ACCEPT

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT --to 192.168.254.10





#iptables -A FORWARD -i eth0 -p tcp --dport 3389 -j ACCEPT

#iptables  -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 192.168.254.10:3389

#iptables -A POSTROUTING -t nat -s 192.168.254.10 -o eth0 -j MASQUERADE

 





#echo nameserver 192.168.254.200 > /etc/resolv.conf

echo nameserver 8.8.8.8 > /etc/resolv.conf

echo nameserver 8.8.4.4 >> /etc/resolv.conf

echo nameserver 200.165.132.155 >> /etc/resolv.conf





exit 0

0 0

Quote

2. Re: Compartilhar 2 duas adsl no mesmo servidor linux [RESOLVIDO]

saitam
(usa Slackware)

Enviado em 21/12/2012 - 10:50h

adyfeitosa escreveu:

Caros,

Bom dia!

Sou iniciante no Linux Ubuntu e estou estudando a versão 12.04 hoje.

Se alguém pode me ajudar nesta configuração, eu seria muito grato, como compartilhar 02 duas adsl no mesmo servidor linux com 03 três placas de rede.
eth0 = GVT
eth1 = Rede interna
eth2 = Velox

Meu cenario é este no arquivo rc.local :



# Limpando o Cache

service squid3 stop

rm -rf /var/cache/squid3/* 

cd /var/cache/

chown proxy /var/cache/squid3 

chgrp proxy /var/cache/squid3 

squid3 -z

service squid3 start



##############################################

#   Compatilhando a Internet

##############################################



iptables -F

iptables -X

iptables -t nat -F

iptables -t nat -X

modprobe iptable_nat

iptables -A POSTROUTING -t nat -s 192.168.254.0/24 -o eth0 -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward



iptables -A INPUT -p icmp --icmp-type echo-request -j DROP

echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter

iptables -A INPUT -m state --state INVALID -j DROP

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -i eth1 -j ACCEPT

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

iptables -A INPUT -p tcp --syn -j DROP

echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all





iptables -A FORWARD -p tcp --dport 80 -j ACCEPT

iptables -A FORWARD -p tcp --dport 8080 -j ACCEPT

iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT



iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j REDIRECT --to-port 3128

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j REDIRECT --to-port 3128





################## Redirecionamento ########################





# Terminal Service

iptables -A FORWARD -i eth0 -d 192.168.254.10 -p tcp --dport 3389 -j ACCEPT

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT --to 192.168.254.10





#iptables -A FORWARD -i eth0 -p tcp --dport 3389 -j ACCEPT

#iptables  -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 192.168.254.10:3389

#iptables -A POSTROUTING -t nat -s 192.168.254.10 -o eth0 -j MASQUERADE

 





#echo nameserver 192.168.254.200 > /etc/resolv.conf

echo nameserver 8.8.8.8 > /etc/resolv.conf

echo nameserver 8.8.4.4 >> /etc/resolv.conf

echo nameserver 200.165.132.155 >> /etc/resolv.conf





exit 0



#roteamento de pacotes 

echo 1 > /proc/sys/net/ipv4/ip_forward 

#compartilhamento de conexão 

iptables -t nat -A POSTROUTING -s <lan/mask> -o eth0 -j MASQUERADE 

iptables -t nat -A POSTROUTING -s <lan/mask> -o eth2 -j MASQUERADE

o gw nesse caso é o ip da eth1

Para ter 2 links ADSL na rede, é bom usar um controle de banda (CBQ) ou o Squid criando ACLs para cada link.

0 0

Quote