Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- auto lo
- iface lo inet loopback
- auto eth0
- iface eth0 inet manual
- auto eth1
- iface eth1 inet manual
- # Bridge interface
- auto br0
- iface br0 inet dhcp
- bridge_ports eth0 eth1
- bridge_hw aa:bb:cc:dd:ee:ff
- # pre-set interface IP for client requirements, if DHCP is not working
- auto br0:1
- iface br0:1 inet static
- address 172.16.21.150
- netmask 255.255.255.0
- network 172.16.21.0
- broadcast 172.16.21.255
- # Gateway
- post-up route add default gw 172.16.21.254
- pre-down route del default gw 172.16.21.254
- # Set default fallback interface IP address
- auto br0:100
- iface br0:100 inet static
- address 169.254.111.111
- netmask 255.255.255.0
- network 169.254.111.0
- broadcast 169.254.111.255
- # IP Forwarding im Kernel aktivieren
- echo 1 > /proc/sys/net/ipv4/ip_forward
- # Masqerading auf br0 und br0.1 aktivieren
- iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
- iptables -t nat -A POSTROUTING -o br0:1 -j MASQUERADE
- # Forwarding Regeln einrichten
- # Forwarding etablierter Verbindungen von extern (br0 & br0.1) nach intern (br0.100)
- iptables -A FORWARD -i br0 -o br0:100 -m state --state RELATED,ESTABLISHED -j ACCEPT
- iptables -A FORWARD -i br0:1 -o br0:100 -m state --state RELATED,ESTABLISHED -j ACCEPT
- # Forwarding aller Verbindungen von intern (br0.100) nach extern (br0 & br0.1)
- iptables -A FORWARD -i br0:100 -o br0 -j ACCEPT
- iptables -A FORWARD -i br0:100 -o br0:1 -j ACCEPT
- iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
- iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
- iptables -A FORWARD --src 169.254.111.112 -j ACCEPT
- sysctl -w net.ipv4.conf.all.send_redirects=0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement