½Ã½ºÅÛ°ü¸®ÀÚÀÇ ½°ÅÍ Ä¿ÇǴнº Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
 FAQFAQ   °Ë»ö°Ë»ö   ¸â¹ö¸®½ºÆ®¸â¹ö¸®½ºÆ®   »ç¿ëÀÚ ±×·ì»ç¿ëÀÚ ±×·ì   »ç¿ëÀÚ µî·ÏÇϱâ»ç¿ëÀÚ µî·ÏÇϱâ 
 °³ÀÎ Á¤º¸°³ÀÎ Á¤º¸   ºñ°ø°³ ¸Þ½ÃÁö¸¦ È®ÀÎÇÏ·Á¸é ·Î±×ÀÎÇϽʽÿÀºñ°ø°³ ¸Þ½ÃÁö¸¦ È®ÀÎÇÏ·Á¸é ·Î±×ÀÎÇϽʽÿÀ   ·Î±×Àηα×ÀΠ

°¡ÀÔ¾øÀÌ ´©±¸³ª ±ÛÀ» ¾µ ¼ö ÀÖ½À´Ï´Ù. °øÁö»çÇ׿¡ ´ëÇÑ ´ñ±Û±îÁöµµ..
IT ÀÏÁ¤ New!
ÀÚµ¿È­ ÇÁ·ÎÁ§Æ®




BBS >> ¼³Ä¡, ¿î¿µ Q&A | ³×Æ®¿÷, º¸¾È Q&A | ÀÏ¹Ý Q&A || Á¤º¸¸¶´ç | AWS || ÀÚÀ¯°Ô½ÃÆÇ | ±¸Àα¸Á÷ || °øÁö»çÇ× | ÀÇ°ßÁ¦½Ã
iptables - Æ÷Æ®Æ÷¿öµù + ¹æÈ­º®

 
±Û ¾²±â   ´äº¯ ´Þ±â    Ä¿ÇǴнº, ½Ã½ºÅÛ ¿£Áö´Ï¾îÀÇ ½°ÅÍ °Ô½ÃÆÇ À妽º -> ³×Æ®¿÷ °ü¸® / º¸¾È
ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â  
±Û¾´ÀÌ ¸Þ½ÃÁö
hyji
¼Õ´Ô
¿Ã¸®±â¿Ã·ÁÁü: 2005.11.16 ¼ö, 3:38 pm    ÁÖÁ¦: iptables - Æ÷Æ®Æ÷¿öµù + ¹æÈ­º® Àοë°ú ÇÔ²² ´äº¯
¸®´ª½º¿¡¼­ ÀÎÅÍ³Ý °øÀ¯±âó·³ ¾²°í ÀÖ½À´Ï´Ù. Æ÷Æ®Æ÷¿öµù°ú ¹æÈ­º®À» »ç¿ëÇÏ·Á°í ÇÕ´Ï´Ù.

¾Æ·¡ ±×¸²°ú °°ÀÌ ¼¼ÆÃÇß½À´Ï´Ù. 1.1.1.1ÀÌ ¸®´ª½º±¸¿ä, 2.2.2.2´Â Á¢±ÙÀ» ¸·À¸·Á´Â PCÀÇ IPÀÔ´Ï´Ù. 192.168.0.100Àº ¸®´ª½º ¹Ø¿¡ ºÙÀº ³»ºÎ ¾ÆÀÌÇǸ¦ °®´Â PCÀÔ´Ï´Ù. Æ÷Æ®Æ÷¿öµùÀÌ À̸®·Î µÇ¾î ÀÖÁÒ.

¾Æ·¡¿Í °°ÀÌ 4°¡Áö Æ÷Æ®Æ÷¿öµùÀ» ÇÏ°í ÀÖ±¸¿ä.. ¸ð.. ´õ µÉ¼öµµ ÀÖ½À´Ï´Ù.

¹®Á¦´Â ¹æÈ­º®À» °Å´Âµ¥¿ä... ¾Æ·¡¿Í °°ÀÌ 80, 21, 2121 Æ÷Æ®¸¦ ¸·¾Ò½À´Ï´Ù. Çؼ­ ¸®´ª½ºÀÇ 21 Æ÷Æ®ÀÎ FTP¿Í 80ÀÎ WEBÀº Àß ¸·È÷´õ±º¿ä... Çåµ¥ 2121Àº ¸·¾Æµµ Æ÷Æ®Æ÷¿öµùÀÌ °É¸° 192.168.0.100ÀÇ 21ÀÌ ¿­¸³´Ï´Ù.

ÀÌ°É ¾î¶»°Ô ¸·¾Æ¾ß ÇÒ±î¿ä... ¾Æ·¡¿Í °°ÀÌ firewall üÀÎÀ» FORWARD¿¡ ³Ö¾îÁ־ ¾ÈµÇ³×¿ä... Æ÷Æ®Æ÷¿öµùÀÌ Ã³À½ Á¢Çϴ üÀÎÀÌ ¹Ù·Î NATÀÇ PREROUTINGÀΰ¡¿ä? FORWARD¸¦ °ÅÃļ­ °¡´Â °Ô ¾Æ´Ñ°¡¿ä? ±× °æ·Îµµ ±Ã±ÝÇÕ´Ï´Ù...

Chain INPUT (policy ACCEPT 1121 packets, 119K bytes)
pkts bytes target prot opt in out source destination
8 329 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
1493 160K firewall all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 4 packets, 216 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- eth0 eth1 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
1493 160K firewall all -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 810 packets, 100K bytes)
pkts bytes target prot opt in out source destination

Chain firewall (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 2.2.2.2 1.1.1.1 tcp dpt:80
0 0 DROP tcp -- * * 2.2.2.2 1.1.1.1 tcp dpt:21
0 0 DROP tcp -- * * 2.2.2.2 1.1.1.1 tcp dpt:2121

===================================================================
Chain PREROUTING (policy ACCEPT 854 packets, 59705 bytes)
pkts bytes target prot opt in out source destination
1 48 DNAT tcp -- * * 0.0.0.0/0 1.1.1.1 tcp dpt:2121 to:192.168.0.100:21
1 48 DNAT tcp -- * * 0.0.0.0/0 1.1.1.1 tcp dpt:8080 to:192.168.0.100:80
1 48 DNAT tcp -- * * 0.0.0.0/0 1.1.1.1 tcp dpt:3000 to:192.168.0.100:3089
1 48 DNAT tcp -- * * 0.0.0.0/0 1.1.1.1 tcp dpt:4000 to:192.168.0.100:3090

Chain POSTROUTING (policy ACCEPT 1 packets, 48 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * eth0 192.168.0.0/24 0.0.0.0/0
4 240 SNAT all -- * eth0 0.0.0.0/0 0.0.0.0/0 to:1.1.1.1


Chain OUTPUT (policy ACCEPT 4 packets, 240 bytes)
pkts bytes target prot opt in out source destination
À§·Î
ÀÌÀü ±Û Ç¥½Ã:   
±Û ¾²±â   ´äº¯ ´Þ±â    Ä¿ÇǴнº, ½Ã½ºÅÛ ¿£Áö´Ï¾îÀÇ ½°ÅÍ °Ô½ÃÆÇ À妽º -> ³×Æ®¿÷ °ü¸® / º¸¾È ½Ã°£´ë: GMT + 9 ½Ã°£(Çѱ¹)
ÆäÀÌÁö 1 Áß 1

 
°Ç³Ê¶Ù±â:  
»õ·Î¿î ÁÖÁ¦¸¦ ¿Ã¸± ¼ö ¾ø½À´Ï´Ù
´ä±ÛÀ» ¿Ã¸± ¼ö ¾ø½À´Ï´Ù
ÁÖÁ¦¸¦ ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù
¿Ã¸° ±ÛÀ» »èÁ¦ÇÒ ¼ö ¾ø½À´Ï´Ù
ÅõÇ¥¸¦ ÇÒ ¼ö ¾ø½À´Ï´Ù


Powered by phpBB © 2001, 2005 phpBB Group