Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 201 fiber
- ip route add 20.20.20.20 dev eth2 src 20.20.20.22 table fiber
- ip route add default via 20.20.20.21 table fiber
- ip route add 20.20.20.20 dev eth2 src 20.20.20.22
- ip rule add fwmark 2 table fiber
- iptables -F
- iptables -t nat -F
- iptables -t mangle -F
- iptables -X
- iptables -A INPUT -i lo -j ACCEPT
- iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
- iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
- iptables -A INPUT -m state --state NEW -i ! eth2 -j ACCEPT
- iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
- iptables -A FORWARD -i eth2 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
- iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
- iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT
- iptables -t mangle -N fiber
- iptables -t mangle -A fiber -j MARK --set-mark 2
- iptables -t mangle -A fiber -j ACCEPT
- # ONLY ROUTE TRAFFIC GOING TO 1.2.3.x OVER THE FIBER LINK
- iptables -t mangle -A PREROUTING -i eth1 -p tcp -d 1.2.3.4 --dport 80 -j fiber
- iptables -t mangle -A PREROUTING -i eth1 -p tcp -d 1.2.3.5 --dport 80 -j fiber
- iptables -t mangle -A PREROUTING -i eth1 -p tcp -d 1.2.3.4 --dport 443 -j fiber
- iptables -t mangle -A PREROUTING -i eth1 -p tcp -d 1.2.3.5 --dport 443 -j fiber
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
- iptables -A FORWARD -i eth1 -j ACCEPT
- iptables -A FORWARD -i eth0 -o eth0 -j REJECT
- iptables -A FORWARD -i eth2 -o eth2 -j REJECT
- echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
- iptables -A INPUT -m state --state NEW -i ! eth2 -j ACCEPT
- iptables -A INPUT -m state --state NEW -i eth1 -j ACCEPT
- auto eth0
- iface eth0 inet static
- address 192.168.1.2
- netmask 255.255.255.0
- network 192.168.1.0
- broadcast 192.168.1.255
- gateway 192.168.1.1
- up ip route add table fiber scope link proto kernel dev eth0 192.168.1.0/24
- auto eth1
- iface eth1 inet static
- address 10.254.239.1
- netmask 255.255.255.0
- network 10.254.239.0
- broadcast 10.254.239.255
- up ip route add table fiber scope link proto kernel dev eth1 10.254.239.0/24
- auto eth2
- iface eth2 inet static
- address 20.20.20.22
- netmask 255.255.255.252
- network 20.20.20.20
- broadcast 20.20.20.23
- up ip route add table fiber scope link proto kernel dev eth2 20.20.20.20/30
- up ip route add default via 20.20.20.21 table fiber
- up ip rule add fwmark 2 table fiber
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement