Linux Network Administratoramp;#039;s Guide (3rd Edition) [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Linux Network Administratoramp;#039;s Guide (3rd Edition) [Electronic resources] - نسخه متنی

Tony Bautts, Terry Dawson, Gregor N. Purdy

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Section 9.5. More About Network Address Translation

Chapter 10. Important Network Features

Section 10.1. The inetd Super Server

Section 10.2. The tcpd Access Control Facility

Section 10.3. The xinetd Alternative

Section 10.4. The Services and Protocols Files

Section 10.5. Remote Procedure Call

Section 10.6. Configuring Remote Login and Execution

Chapter 11. Administration Issues with Electronic Mail

Section 11.1. What Is a Mail Message?

Section 11.2. How Is Mail Delivered?

Section 11.3. Email Addresses

Section 11.4. How Does Mail Routing Work?

Section 11.5. Mail Routing on the Internet

Chapter 12. sendmail

Section 12.1. Installing the sendmail Distribution

Section 12.2. sendmail Configuration Files

Section 12.3. sendmail.cf Configuration Language

Section 12.4. Creating a sendmail Configuration

Section 12.5. sendmail Databases

Section 12.6. Testing Your Configuration

Section 12.7. Running sendmail

Section 12.8. Tips and Tricks

Section 12.9. More Information

Chapter 13. Configuring IPv6 Networks

Section 13.1. The IPv4 Problem and Patchwork Solutions

Section 13.2. IPv6 as a Solution

Chapter 14. Configuring the Apache Web Server

Section 14.1. Apache HTTPD ServerAn Introduction

Section 14.2. Configuring and Building Apache

Section 14.3. Configuration File Options

Section 14.4. VirtualHost Configuration Options

Section 14.5. Apache and OpenSSL

Section 14.6. Troubleshooting

Chapter 15. IMAP

Section 15.1. IMAPAn Introduction

Section 15.2. Cyrus IMAP

Chapter 16. Samba

Section 16.1. SambaAn Introduction

Chapter 17. OpenLDAP

Section 17.1. Understanding LDAP

Section 17.2. Obtaining OpenLDAP

Chapter 18. Wireless Networking

Section 18.1. History

Section 18.2. The Standards

Section 18.3. 802.11b Security Concerns

Appendix A. Example Network: The Virtual Brewery

Section A.1. Connecting the Virtual Subsidiary Network

Colophon

Index

SYMBOL

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z
توضیحات
افزودن یادداشت جدید







9.3. Configuring IP Masquerade


If
you've already read the firewall and accounting
chapters, it probably comes as no surprise that the
iptables command is used to configure the IP
masquerade rules as well.


Masquerading is a special type
of packet mangling (the technical term for
modifying packets). You can masquerade only packets that are received
on one interface that will be routed to another interface. To
configure a masquerade rule, construct a rule very similar to a
firewall forwarding rule, but with special options that tell the
kernel to masquerade the packet. The iptables
command uses -j
MASQUERADE to indicate that packets matching the
rule specification should be masqueraded (this is for a dynamic IP
address; if you have a static IP address, use -j
SNAT instead).

Let's look at an example.
A computing science student at Groucho Marx University has a number
of computers at home on a small Ethernet-based LAN. She has chosen to
use one of the reserved private Internet network addresses for her
network. She shares her accommodation with other students, all of
whom have an interest in using the Internet. Because the
students' finances are very tight, they cannot
afford to use a permanent Internet connection, so instead they use a
single Internet connection. They would all like to be able to share
the connection to chat on IRC, surf the Web, and retrieve files by
FTP directly to each of their computersIP masquerade is the
answer.

The student first configures a Linux host to support the Internet
link and to act as a router for the LAN. The IP address she is
assigned when she dials up isn't important. She
configures the Linux router with IP masquerade and uses one of the
private network addresses for her LAN: 192.168.1.0. She ensures that each of the
hosts on the LAN has a default route pointing at the Linux router.

The following
iptables commands are all that are required to
make masquerading work in her configuration:

# iptables -t nat -P POSTROUTING DROP
# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

Now whenever any of the LAN hosts try to connect to a service on a
remote host, their packets will be automatically masqueraded by the
Linux masquerade router. The first rule in each example prevents the
Linux host from routing any other packets and also adds some
security.

To
list the masquerade rules you have created, use the
-L argument to the iptables
command, as we described earlier while discussing firewalls:

# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
Chain POSTROUTING (policy DROP)
target     prot opt source               destination         
MASQUERADE  all  --  anywhere             anywhere           MASQUERADE 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Masquerade rules appear with a
target of MASQUERADE.


/ 121