ࡱ> &D  !"#$%EC)*+,-./0123456789:;<=>?@ABFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefgRoot EntrydO)6x'PowerPoint Document(SummaryInformation((P5DocumentSummaryInformation8X#( / 0LDArialܖ 0ܖ0tt 0@ . @n?" dd@  @@`` @)! 0AA@3ʚ;ʚ;g4dddd8' 0ppp@ <4dddd@w 0t` 80___PPT10 pp  LINUX-ROUTER-1 Route Table,ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 ip r s t 10 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 0p r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 default via 95.111.62.129 dev eth0 P Z%'#$  -    1  2  Linux ROUTER-1 IPTABLES 0ptables  t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination 0ptables  t nat  L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 95-111-62-136 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 95-111-62-136 multiport dports ftp-data,ftp,ssh,www to:10.3.3.2 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 10.3.3.2 anywhere to:95.111.62.136 Chain OUTPUT (policy ACCEPT) target prot opt source destination BP J    LINUX-ROUTER-2 Route Table ,ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 metric 2 ip r s t 10 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 0p r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 10.3.3.1 dev eth1 P %   1  4    1  *   Linux ROUTER-2 IPTABLES 0ptables  t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination 0ptables  t nat  L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 10.3.3.2 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 10.3.3.2 multiport dports ftp-data,ftp,ssh,www to:192.168.98.31 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.198.31 anywhere to:10.3.3.2 Chain OUTPUT (policy ACCEPT) target prot opt source destination BP J    B   0` 33` Sf3f` 33g` f` www3PP` ZXdbmo` \ғ3y`Ӣ` 3f3ff` 3f3FKf` hk]wwwfܹ` ff>>\`Y{ff` R>&- {p_/̴>?" dd@,|?" dd@   " @ ` n?" dd@   @@``PR    @ ` ` p>> ld(    6[  `}  r>As1l ba_l1k stili iin t1klat1n    0\^  `  As1l metin stillerini dzenlemek iin t1klat1n 0kinci dzey nc dzey Drdnc dzey Be_inci dzey/   f  0e ^ `  >*  0(k ^   @*  0hp ^ `  @*H  0޽h ? 3380___PPT10.s- $Varsay1lan Tasar1m 0   (    6  bL0NUX-ROUTER-1 Gw1: 74.90.92.1 GW2: 95.111.62.12922 LB @ c $Dr  <B,D 4ISP1  <\GW eth0   <J J74.90.92.246 95.111.62.136LB   c $D2   <OA  eth1   <R/z ; 10.3.3.1/30   6   0`zD > Soru : 192.168.198.31 e 95.111.62.136 n1n 3389 ve 80 nolu portlar1n1 iptables ve iproute kullanarak nas1l NATLARIZ ? Not : 2 nolu routerda ana routing tabloda default gw 10.3.3.1 yap1l1rsa al1_1yor. Sorun 192.168.198.2 olduunda al1_mamas1. &  & KH  0޽h ? 3380___PPT10.s<-$  0 0 $(   r  S  `}   r  S  `  H  0޽h ? 3380___PPT10.u|$  0 @$(  r  S   `   r  S  j `   H  0޽h ? 3380___PPT10.vЏb0  0 P0(  x  c $D  `}   x  c $0 `  H  0޽h ? 3380___PPT10.u|0  0 `0(  x  c $ `   x  c $j `  H  0޽h ? 3380___PPT10.vЏbr p%#o->K@wBDF1#( / 0LDArial 00TTܖ 0ܖ@ . ՜.+,0(    Ekran Gsterisia ArialVarsaylan TasarmSlayt 1LINUX-ROUTER-1 Route TableLinux ROUTER-1 IPTABLESLINUX-ROUTER-2 Route TableLinux ROUTER-2 IPTABLES KullanlaOh+'0 5 `hx  Slayt 1yvzyvz8Microsoft Office PowerPoint@0)@ !t@/xG,4g  4  y--$xx--'--$* *DD * ---- $* *DD --'@Arial-.  2 ,L."System9-@Arial-.  2 .I.-@Arial-.  2 /NUX.-@Arial-.  2 5-.-@Arial-. 2 6ROUTER.-@Arial-.  2 A-.-@Arial-.  2 A1.-@Arial-. 2 .Gw1: 74.90.92.1.-@Arial-. "2 +GW2: 95.111.62.129.---%*--'--4$     !  ----4$     !  --'@Arial-.  2  ISP1.-@Arial-.  2  eth0.-@Arial-. 2  74.90.92.246.-@Arial-. 2  95.111.62.136.---%553--'@Arial-.  2 !8eth1.-@Arial-. 2 !+ 10.3.3.1/30.---$)3)DDDD3)3---- $)3)DDDD3--'@Arial-.  2 9,L.-@Arial-.  2 9.I.-@Arial-.  2 9/NUX.-@Arial-.  2 95-.-@Arial-. 2 96ROUTER.-@Arial-.  2 9A-.-@Arial-.  2 9A2.-@Arial-. !2 =+Gw1:192.168.198.29.-@Arial-. 2 @/ Gw2:10.3.3.1.-@Arial-.  2 08eth1.-@Arial-. 2 1) 10.3.3.2/301.---%)==--'--4$ 8 494:<?CBFD K CIBGAA>;:781----4$ 8 494:<?CBFD K CIBGAA>;:781--'@Arial-.  2 ?ISP2.-@Arial-.  2 9eth0.-@Arial-. "2 <192.168.198.130/24.---%=V--'--$[L[^x^xL[L---- $[L[^x^xL--'@Arial-.  2 ThXP.-@Arial-. $2 W]Gw: 192.168.198.130.---%V[V--'@Arial-.  2 TOeth0.-@Arial-. !2 [J192.168.198.31/243.-@Arial-. '2 YSoru : 192.168.198.31.-@Arial-.  2 t.-@Arial-. 2 te 95.111.62.136.-@Arial-.  2 .-@Arial-.  2 n.-@Arial-.  2 i.-@Arial-.  2 n.-@Arial-. 2 Y 3389 ve 80 .-@Arial-.  2 gnolu.-@Arial-. 2 mportlar .-@Arial-.  2 ui.-@Arial-.  2 un.-@Arial-.  2 wi.-@Arial-. 2 xiptables.-@Arial-.  2 ve .-@Arial-. 2 iproutes.-@Arial-. 2 kullanarak .-@Arial-.  2 Ynas.-@Arial-.  2 ^i.-@Arial-. 2 _ l NATLARIZ ?.-@Arial-. 2 YNot : 2 .-@Arial-.  2 bnolu.-@Arial-. 2 hrouterda.-@Arial-.  2 rana .-@Arial-. 2 xroutinga.-@Arial-. 2 tabloda .-@Arial-. 2 default .-@Arial-.  2 gw.-@Arial-. 2 Y 10.3.3.1 yap.-@Arial-.  2 hi.-@Arial-.  2 il.-@Arial-.  2 ji.-@Arial-.  2 krsa .-@Arial-.  2 n.-@Arial-.  2 pal.-@Arial-.  2 risi.-@Arial-. 2 uyor. l.-@Arial-. +2 YSorun 192.168.198.2 oldu.-@Arial-.  2 xg.-@Arial-. 2 yunda l.-@Arial-.  2 .-@Arial-.  2 al.-@Arial-.  2 is.-@Arial-. 2 mamasl.-@Arial-.  2 i.-@Arial-.  2 ..-n Yaz TipleriTasarm ablonuSlayt Balklar_0yvzyvzCurrent User ) @n?" dd@  @@`` @)! 0AA@3ʚ;ʚ;g4dddd8' 0ppp@ <4dddd w 0T` 80___PPT10 pp  LINUX-ROUTER-1 Route Table,ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 ip r s t 10 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 0p r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 default via 95.111.62.129 dev eth0 P Z%'#$  -    1  2  Linux ROUTER-1 IPTABLES 0ptables  t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination 0ptables  t nat  L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 95-111-62-136 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 95-111-62-136 multiport dports ftp-data,ftp,ssh,www to:10.3.3.2 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 10.3.3.2 anywhere to:95.111.62.136 Chain OUTPUT (policy ACCEPT) target prot opt source destination BP J    LINUX-ROUTER-2 Route Table ,ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 metric 2 ip r s t 10 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 0p r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 10.3.3.1 dev eth1 P %   1  4    1  *   Linux ROUTER-2 IPTABLES 0ptables  t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination 0ptables  t nat  L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 10.3.3.2 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 10.3.3.2 multiport dports ftp-data,ftp,ssh,www to:192.168.98.31 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.198.31 anywhere to:10.3.3.2 Chain OUTPUT (policy ACCEPT) target prot opt source destination BP J    r3GGXj1#( / 0LDArial 00TTܖ 0ܖ@ . @n?" dd@  @@`` @)! 0AA@3ʚ;ʚ;g4dddd8' 0ppp@ <4dddd w 0T` 80___PPT10 pp  LINUX-ROUTER-1 Route Table,ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 ip r s t 10 78.90.92.0/24 dev eth0 scope link src 78.90.92.246 default via 78.90.92.1 dev eth0 0p r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.1 95.111.62.128/26 dev eth0 scope link src 95.111.62.136 default via 95.111.62.129 dev eth0 P Z%'#$  -    1  2  Linux ROUTER-1 IPTABLES 0ptables  t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination 0ptables  t nat  L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 95-111-62-136 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 95-111-62-136 multiport dports ftp-data,ftp,ssh,www to:10.3.3.2 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 10.3.3.2 anywhere to:95.111.62.136 Chain OUTPUT (policy ACCEPT) target prot opt source destination BP J    LINUX-ROUTER-2 Route Table ,ip r s 10.3.3.0/30 dev eth1 proto kernel scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 metric 2 ip r s t 10 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 192.168.198.2 dev eth0 0p r s t 20 10.3.3.0/30 dev eth1 scope link src 10.3.3.2 192.168.198.0/24 dev eth0 scope link src 192.168.198.130 default via 10.3.3.1 dev eth1 P %   1  4    1  *   Linux ROUTER-2 IPTABLES 0ptables  t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination TTL all -- anywhere anywhere TTL set to 100 MARK all -- 10.3.3.2 anywhere MARK xset 0x2/0xffffffff Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination 0ptables  t nat  L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere 10.3.3.2 tcp dpt:4390 to:10.3.3.2:3389 DNAT tcp -- anywhere 10.3.3.2 multiport dports ftp-data,ftp,ssh,www to:192.168.98.31 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.198.31 anywhere to:10.3.3.2 Chain OUTPUT (policy ACCEPT) target prot opt source destination BP J    rjhj1