Å×Å©³ëÄÄÇ»ÅÍ
(ÀÌ ±ÛÀÇ ÃֽŠ¹öÀüÀº http://soback.kornet.net/~eezen/adsl¿¡¼ º¸½Ç ¼ö ÀÖ½À´Ï´Ù) ºÎÆðú ÇÔ²² ÀÎÅÍ³Ý Á¢¼ÓÀÌ µÇ°í, ²÷¾îÁö¸é ÀÚµ¿À¸·Î ÀçÁ¢¼ÓÇÏ°Ô ÇÏ´Â ¹æ¹ýÀ» °£·«È÷ Á¤¸®ÇÕ´Ï´Ù. ÀÌ ±ÛÀº Çѱ¹Åë½Å ADSL...
¸®´ª½º¸¦ ¶ó¿ìÆà ¼¹ö·Î »ç¿ëÇÏ°í Â÷´ÜÇÒ ¾ÆÀÌÇÇ°¡ 211.10.1.1À̶ó°í ÇÑ´Ù¸é ipchains»ç¿ë½Ã (Á¢±ÙºÒ°¡:ipchaines -A input -s 211.10.1.1 -j deny) (´Ù½ÃÇã¿ë:ipchaines -D input -s 211.10.1.1 -j deny) route...
¾È³çÇϼ¼¿ä..¹æ±Ý ¸Å½ºÄ¿ ·¹À̵ùÀ» ¼º°øÇÏ°í ¹Ù·Î ±ÛÀ» ¿Ã¸³´Ï´Ù.. ½Ã½ºÅÛ ±¸¼ºÀº linux box : Ä¿³Î 2.4-test10 eth0 -> 203.xxx.xxx.xxx eth1 -> 192.168.1.1 window box : window 2000 eth0(?) -> 19...
¾È³çÇϼ¼¿ä ¿À´Ãµµ 1ÀüÂ¥¸® ÆÁÀÔ´Ï´Ù. ³Ê¹«³ªµµ °£´ÜÇؼ 1ÀüÂ¥¸®µµ ¾ÈµË´Ï´Ù. ÀÏ´Ü ¸¶½ºÄõ·¹À̵ùÀº ¼º°øÇß´Ù°í °¡Á¤ÇÏ°Ú½À´Ï´Ù. iptables ¿¡¼ ´Ü¼øÈ÷ ¸¶½ºÄõ·¹À̵ù À̸é echo "1" > /proc/sys/net/ipv4/i...
¾È³çÇϼ¼¿ä ¿À´Ãµµ 1ÀüÂ¥¸® ÆÁÀÔ´Ï´Ù. ³Ê¹«³ªµµ °£´ÜÇؼ 1ÀüÂ¥¸®µµ ¾ÈµË´Ï´Ù. ÀÏ´Ü ¸¶½ºÄõ·¹À̵ùÀº ¼º°øÇß´Ù°í °¡Á¤ÇÏ°Ú½À´Ï´Ù. iptables ¿¡¼ ´Ü¼øÈ÷ ¸¶½ºÄõ·¹À̵ù À̸é echo "1" > /proc/sys/net/ipv4/i...
Ä¿³Î 2.4xx ¹öÁ¯ #iptables -A PREROUTING -t nat -p tcp -d 211.111.111.111 --dport 80 \ -j DNAT --to 192.168.1.3:80
insmod ip_conn???_ftp insmod ip_nat_ftp insmod ip_nat_irc
¸Å½ºÄ¿·¹À̵ù ÅøÀÌ Ä¿³Î2.2´ëÀÇ ipchains¿¡¼ 2.4´ë¿¡¼ iptables·Î ¹Ù²î¸é¼ °³³ä ¹× ¼³Á¤ÀÌ ºñ±³Àû ´Ü¼ø¸íÈ®(?)ÇØÁ³½À´Ï´Ù. ipchains¸¦ ÀÌ¿ëÇÏ¿© ¹æȺ®À̳ª ¸Å½ºÄ¿·¹À̵ùÀ» ±¸ÃàÇϽŠºÐµé²² iptables¸¦ Çѹø...
.
.
ÇØÅ·¹æÁö portsentry 1.1 -> for linux 7.2
compile µÈ°Í > ÇãÁ¤±Õ ´ÔÀÌ ¾²½Å ±ÛÀÔ´Ï´Ù. > ÇØÅ·¹æÁö portsentry 1.1 -> for linux 7.2
»ç¿ëÇÏ´Â config > ÇãÁ¤±Õ ´ÔÀÌ ¾²½Å ±ÛÀÔ´Ï´Ù. > ÇØÅ·¹æÁö portsentry 1.1 -> for linux 7.2
µ¥¸ó½ÇÇà¿ë > ÇãÁ¤±Õ ´ÔÀÌ ¾²½Å ±ÛÀÔ´Ï´Ù. > ÇØÅ·¹æÁö portsentry 1.1 -> for linux 7.2
.
ÀÏ´Ü Á¢¼Ó À¯Áö ÇÏ´Â ¹æ¹ýÁß¿¡´Â cronÀ» ¾²´Â °Ì´Ï´Ù. 5ºÐ ¸¶´Ù ping -c 2 home.hitel.net °ú °°ÀÌ Çϸé Á¢¼Ó À¯Áö°¡ µË´Ï´Ù. crontab -u root -e ÇϽøé crontab ÆÄÀÏÀÌ ¿¸®°í ¸¶Áö¸· ¶óÀο¡.. 0,05,10,15,20,...
(ÀÌ ±ÛÀÇ ÃֽŠ¹öÀüÀº http://soback.kornet.net/~eezen/adsl¿¡¼ º¸½Ç ¼ö ÀÖ½À´Ï´Ù) ºÎÆðú ÇÔ²² ÀÎÅÍ³Ý Á¢¼ÓÀÌ µÇ°í, ²÷¾îÁö¸é ÀÚµ¿À¸·Î ÀçÁ¢¼ÓÇÏ°Ô ÇÏ´Â ¹æ¹ýÀ» °£·«È÷ Á¤¸®ÇÕ´Ï´Ù. ÀÌ ±ÛÀº Çѱ¹Åë½Å ADSL...
´ë»ó: ½ÇÁ¦ ÀÎÅÍ³Ý IP°¡ ºÎ¿©µÈ ³×Æ®¿öÅ© »ó¿¡¼ Æ÷¿öµù°ú ¹æȺ® ±¸¼º¿¡ °ü½ÉÀÖ´Â ºÐµé. 1. µé¾î°¡±â ¾Õ¼ Linux°¡ Áß¼ÒÇü ³×Æ®¿öũȯ°æ¿¡¼ ÈǸ¢ÇÏ°Ô ÀÛµ¿ÇÏ´Â °ÍÀº ¸®´ª½º¸¦ »ç¿ëÇÏ°í ÀÖÁö ¾ÊÀº »ç¶÷µµ ÀÍ...
¸®´ª½º¸¦ ¶ó¿ìÆà ¼¹ö·Î »ç¿ëÇÏ°í Â÷´ÜÇÒ ¾ÆÀÌÇÇ°¡ 211.10.1.1À̶ó°í ÇÑ´Ù¸é ipchains»ç¿ë½Ã (Á¢±ÙºÒ°¡:ipchaines -A input -s 211.10.1.1 -j deny) (´Ù½ÃÇã¿ë:ipchaines -D input -s 211.10.1.1 -j deny) route...
#/sbin/ipchains -A forward -j MASQ -s $LOCAL_NETWORK/$LOCAL_NETMASK -d 0.0.0.0/0 /sbin/ipchains -A forward -j MASQ -s 192.168.1.1/255.255.255.194 -d 0.0.0.0/0 /sbin/ipchains -A input -s 1...
°¡Àå ÀϹÝÀûÀÎ ¼³Á¤. ¾ÈµÇ´Â°ÍÀº ¸·°í Ç°À¸¼¼¿ä. #!/bin/sh # For Masquerading of Kernel 2.2.x #ipchains -F ipchains -A forward -s 192.168.0.0/24 -d ! 192.168.0.0/24 -j MASQ ipchains -A forward -...
rpm -Uvh ipmasqadm.rpm ´ÙÀ½Àº ´ÙÀÌ¾Ë ÆÐµå »ç¿ë½Ã »ç¿ë /usr/sbin/ipmasqadm autofw -A -v -u -r udp 51200 51201 -c tcp 7175 /usr/sbin/ipmasqadm autofw -A -v -u -r tcp 51210 51210 -c tcp 7175 /u...
http://www.tsmservices.com/masq/ rpm -Uvh ipmasqadm*.rpm ¿¹Á¦) starcraft =>ipmasqadm autofw -A -r udp 6112 6112 -c tcp 6112 diablo =>ipmasqadm autofw -A -r udp 6112 6112 -c tcp 116 ...
fileÀÔ´Ï´Ù.
´ÙÀ̾ËÆÐµå ¼Ò¸®¹Ù´Ù ½ºÅ¸Å©·¹ÇÁÆ® Æ÷Æ®Æ÷¿öµù ÀÔ´Ï´Ù.
µð½ºÄÏ ÇÑÀåÀ¸·Î ³¡³ª´Â ÀÎÅͳݰøÀ¯. ÀÎÅÍ³Ý °øÀ¯¿¡ ÀûÇÕÇÑ ÃÖ¼Ò »ç¾ç 1.¹Ýµå½ÃÇÊ¿ä power(ÄÉÀ̽ºµµ ÀÖÀ½ ÁÁ°í)/486 CPU /486 MAINBOARD / 8mb RAM/fdd 3.5"/Lancard 2°³/µð½ºÄÏ ÇÑÀå 2.Àá½Ã ºô...
. ÷ºÎÈÀÏÀ» Ŭ¸¯Çϼ¼¿ä.
ip.conf ³»¿ë¿¡ IP=À̶ó°í³Ö´Â´Ù cp ipconf ipconf.conf getifaddr eth0 ppp0 eth1>>ipconf.conf . ./ipconf.conf ±×·³ º¯¼ö´Â $IP¸¦ »ç¿ëÇÏ¿© ½ºÅ©¸³Æ®¸¸µé¸éµÊ.
Çϳª·Î pii333/64mb /3com90x ,realtec8029 ÇÑÅëadsl pii733/128mb/realtec 8029 Àü¿ëȸ¼± mmx166/32mb /3com50x,intel pro 100+ ¸ðµÎ º° ¾î·Á¿ò¾øÀÌ ¼º°øÇÏ¿´½À´Ï´Ù. Áß¿äÇÑ°ÍÀº ·£Ä«µå ================...
¸®¶ó¿¡¼ ²À ÇÊ¿äÇѰ͸¸.
±âÁ¸ µð·ºÅ丮¿¡ ´þÇô ¾º¿ì¼¼¿ä. ±âŸ ÀÚÀßÇÑ °Í ¸î°³ ´õ ³Ö¾ú½À´Ï´Ù.
echo "1" > /proc/sys/net/ipv4/ip_masq_udp_dloose starcraft speed up
[ ÀÚ·á½Ç ]
±¤°í¼º ±ÛÀ̳ª ºÒ¹ýÀÚ·á ¾÷·Îµå¸¦ ±ÝÇÕ´Ï´Ù.
|
Linux Real IP Forward/Firewall Machine ±¸ÃàÇϱâ
|
À̸§ : ÇãÁ¤±Õ ¹øÈ£ : 38 Á¶È¸ : 240970
¾÷·Îµå : 2001-05-03 18:29:57
|
|
´ë»ó: ½ÇÁ¦ ÀÎÅÍ³Ý IP°¡ ºÎ¿©µÈ ³×Æ®¿öÅ© »ó¿¡¼ Æ÷¿öµù°ú ¹æȺ® ±¸¼º¿¡ °ü½ÉÀÖ´Â ºÐµé.
1. µé¾î°¡±â ¾Õ¼
Linux°¡ Áß¼ÒÇü ³×Æ®¿öũȯ°æ¿¡¼ ÈǸ¢ÇÏ°Ô ÀÛµ¿ÇÏ´Â °ÍÀº ¸®´ª½º¸¦ »ç¿ëÇÏ°í ÀÖÁö
¾ÊÀº »ç¶÷µµ ÀÍÈ÷ µé¾î ¾Ë°í ÀÖ°ÚÁö¸¸ ½ÇÁ¦ ¹®¼ÀڷḦ ¾Æ¹«¸® ã¾ÆºÁµµ ¸Ó½ºÄ¿·¹ÀÌ
µù¹æ½ÄÀ» ÀÌ¿ëÇÑ ¹æȺ® ±¸¼º¿¡ ´ëÇÑ ±Û¸¸ ÀÖÀ»»Ó ÀÌ¹Ì ±¸¼ºµÈ ½ÇÁ¦ IP¸¦ °¡Áö´Â ³×
Æ®¿÷¿¡¼ ¹æȺ® ¹× Æ÷¿öµù ¸Ó½ÅÀ» ±¸ÃàÇÏ´Â °Í¿¡ ´ëÇؼ´Â ÀÚ·á°¡ ºÎÁ·ÇÏ¿© º»ÀÎÀº
ÀÌ·¸°Ô Mini-HOWTO¸¦ °¨È÷ ¾²°Ô µÇ¾ú´Ù.
2. ¿ä±¸»çÇ×
- °£´ÜÇÑ ³×Æ®¿öÅ© °³³ä(routing , netmask , forwarding , etc.)
- ½ÇÁ¦ Router¶û ¿¬°áµÇ¾î Àְųª Wan Ä«µå°¡ ºÎÂøµÈ ¸®´ª½º ¸Ó½®
- ´ã¹è(ºñÈí¿¬ÀÚ´Â Äݶó)
3. º»ÀÎÀÇ Àåºñ ¹× ȯ°æ
- Router: CISCO 4500M + 1 Fastethernet module + 4 serial module
- CSU : º¸¶ó³Ý ÀÓ´ë Àåºñ
- Linux1: Intel pentium III 500 + 128M ram + 9G HDD
- NIC: 3com 905 , 905b
- HUB: Intel 405T standalone switch HUB * 3
- IP´ë¿ª: 211.50.38.0/25 (255.255.255.128)
- µð½º ÇѺ¸·ç + ÁöÆ÷ ¶óÀÌÅÍ
- Network Bandwidth: T1
4. ´ßÁúÀÇ ½ÃÀÛ
¿ì¼± ÀÚ½ÅÀÇ ¶ó¿ìÅͳª ·£Ä«µå¿¡ ¸Â´Â Å©·Î½º ÄÉÀ̺íÀ» ¸¸µç´Ù. Å©·Î½º ÄÉÀ̺íÀ» ¸¸µé
ÁÙ ¸ð¸£´Â »ç¶÷Àº ÀßÇÏ´Â »ç¶÷¿¡°Ô ¹è¿ì°Å³ª ÀÎÅͳݿ¡¼ °Ë»öÇغ»´Ù. ¾Æ´Ï¸é ¿ë»êÀ̳ª
Å×Å©³ë¸¶Æ® µîÁö¿¡¼ Å©·Î½º µÈ ¶óÀÎÀ» »ç´øÁö Å©·Î½º¸¦ ½ÃÄÑÁÖ´Â ÀèÀ» »ç¸é µÈ´Ù.
Áß¿äÇÑ°ÍÀº ÀÌ¹Ì ±¸¼ºµÇÀÖ´Â ³×Æ®¿÷¿¡ ¸®´ª½º ¹Ú½º¸¦ Ãß°¡ÇÔÀ¸·Î¼ ¹æȺ®¹× Æ÷¿öµù
±â´ÉÀ» Á¦°øÇϴ°ÍÀ̱⠶§¹®¿¡ ±âÁ¸ ¶ó¿ìÅÍ¿¡¼ Çãºê·Î ¿¬°áµÇ´Â ¶óÀÎÀ» Áß°£¿¡¼ °¡
·Îä¾ß¸¸ ÇÑ´Ù. ±×¸²À¸·Î µµ½ÄÇغ¸°Ú´Ù.
Cross Line(ƯÁ¤ Çãºê´Â Direct¸¦ ½áµµ µÊ)
+---+ +---+ ------------ PC
| |-------| | ------------ PC
| | | | ------------ PC
+---+ +---+ ------------ PC
Router Hub
[±×¸².1] ¿ø·¡ »óÅÂ
Cross
+---+ +---+ +---+ ------------ PC
| |-------| |--- | | ------------ PC
| | | | | | ------------ PC
+---+ +---+ +---+ ------------ PC
Router Box Hub
[±×¸².2] Linux Box°¡ Ãß°¡µÈ »óÅÂ
±×·³ Áß°£¿¡¼ °¡·Îä±â¸¸ ÇÏ¸é µÇ´À³Ä? Àý´ë·Î µÉ¸®°¡ ¾øÀ»°ÍÀÌ´Ù :) ¿ì¼± ¸®´ª½º
¹Ú½ºÀÇ ¼¼ÆúÎÅÍ Çغ¸ÀÚ. ÆíÀǸ¦ À§ÇØ º»ÀÎÀÇ ½ÇÁ¦ IP¸¦ »ç¿ëÇÏ°Ú´Ù. Âø¿À¾ø±â ¹Ù¶õ
´Ù. Áß¿äÇÑ°Ç ¸®´ª½º ¹Ú½º¿¡ ·£Ä«µå µÎÀåÀÌ»óÀÌ ºÙ¾î ÀÖ¾î¾ß ÇÑ´Ù´Â °ÍÀÌ´Ù. ±×¸®°í
Æ÷¿öµù½Ã ½Å·Ú¼º°ú ¼Óµµ¸¦ À§ÇØ ¹ö½º ¸¶½ºÅ͸µÀÌ ÀߵǴ 100Mbps PCI ·£Ä«µå¸¦ »ç¿ë
Çϱ⸦ ±ÇÀåÇÑ´Ù. 3ComÀ̳ª IntelÀÇ 100Mbps ·£Ä«µå¶ó¸é ¹«³ÇÒ °ÍÀÌ´Ù. ¿©±â¼´Â
3Com 3c905¿Í 905b¸¦ »ç¿ëÇÑ´Ù. Çϵå¿þ¾îÀûÀÎ Áغñ°¡ ³¡³µÀ¸¸é Ä¿³Î ÄÄÆÄÀÏÀ» ÇÑ´Ù.
³×Æ®¿÷ ºÎºÐ¿¡¼ ²À IP_FORWARDINGÀ» ¼³Á¤ÇØ¾ß ÇÑ´Ù. ipchains »ç¿ëÀ» À§ÇØ IP_FIRE
WALLÀ» ¼³Á¤Çϴ°͵µ ²À ÀØÁö¸»ÀÚ. ÀÌ·¸°Ô ¸¸µé Ä¿³Î·Î ÀçºÎÆÃÈÄ ·£Ä«µå°¡ ÀßÀνĵÈ
´Ù¸é ÀÌÁ¦´Â ¾à°£ÀÇ ÀÛ¾÷ÀÌ ÇÊ¿äÇÏ´Ù. ¿ì¼± ¶ó¿ìÅÍ¿Í ¹Ù·Î ¹°¸° ·£Ä«µåÀÇ µð¹ÙÀ̽º¸¦
¾Ë¾Æ¾ß ÇÑ´Ù(º»ÀÎÀº eth1). ÀÌÁ¦ ´ÙÀ½ºÎÅÍ°¡ Áß¿äÇѵ¥ ¼ö¸¹Àº ½ÃÇàÂø¿À³¡¿¡ ¾òÀº °á
·ÐÀ» ¸»ÇÏÀÚ¸é ¶ó¿ìÅÍÀÇ IP¿Í ¸®´ª½ºÀÇ ¶ó¿ìÅÍ¿Í ¹°¸° ·£Ä«µå IP¸¦ private IP - Áï
½ÇÁ¦·Î ¶ó¿ìÆÿëÀ¸·Î »ç¿ëÇÏÁö ¾Ê´Â »ç¼³¸Á¿ë IP - ·Î ¹èÁ¤ÇØ¾ß ÇÑ´Ù´Â °ÍÀÌ´Ù.
º»ÀÎÀº Router¿¡´Â 10.0.0.1À» eth1¿¡´Â 10.0.0.2¸¦ ¹èÁ¤Çß´Ù. ½ÇÁ¦ IP·Î ¶ó¿ìÅÍ¿Í
·£Ä«µå¿¡ ¹èÁ¤À» ÇÒ°æ¿ì¿¡´Â ¼ºê³ÝÀ¸·Î ´Ù½Ã ³ª´©Áö ¾ÊÀº ³×Æ®¿÷ÀÇ °æ¿ì(Áï 211.50.
38.0/128À» ´Ù½Ã ´õ ³ª´©Áö ¾Ê´Â ÀÌ»ó) ¶ó¿ìÅÍ¿¡¼ ¶ó¿ìÆÃÀ» Á¦´ë·Î ÇØÁÙ¼ö°¡ ¾ø±â ¶§
¹®¿¡ µÎ ÀåÄ¡¿¡´Â ¶ó¿ìÆÃÀÇ º¸ÁõÀ» À§ÇØ »ç¼³ IP¸¦ »ç¿ëÇÑ°ÍÀÌ´Ù. ½ÇÁ¦ ÀÌ·± ¹®Á¦¶§¹®
ÀÎÁö ISP¿¡¼´Â ½Ã¸®¾ó(¶ó¿ìÅÍ°£ Åë½Å IP)¿¡´Â netmask 255.255.255.252¸¦ »ç¿ëÇÑ´Ù.
IP¸¦ ¹èÁ¤ÇÑ ´ÙÀ½ ³ª¸ÓÁö´Â ±×´ÙÁö Áß¿äÇÑ°Ô ¾ø´Ù. ÀÌ ±ÛÀÇ ¸ñÀûÀÌ ¿ø·¡ Á¸ÀçÇÏ´Â ³×
Æ®¿÷¿¡ ¿µÇâÀ» ¹ÌÄ¡Áö ¾Ê°í Á¶¿ëÈ÷ ¸®´ª½º¸¦ Áý¾î³Ö´Â°ÍÀ̱⠶§¹®¿¡ ³ª¸ÓÁö ·£Ä«µå¿¡
´Â ¿ø·¡ ¶ó¿ìÅÍ°¡ ¾²´ø IP(ÀϹÝÀûÀ¸·Î °ÔÀÌÆ®¿þÀÌ IP)¸¦ ¹èÁ¤ÇÑ´Ù.
Network: 211.50.38.0/25
Cross +---------+
+---+ |+--+ +--+| +---+ ------------ PC 211.50.38.2
| |-----------------| | | |------------| | ------------ PC 211.50.38.3
| | || | | || | | ------------ PC 211.50.38.4
+---+ |+--+ +--+| +---+ ------------ PC
+---------+
serial: NIC0: HUB
211.50.1.202/30 10.0.0.2
ip: NIC1:
10.0.0.1 211.50.38.1
ÀÏ´Ü ÀÌ·¸°Ô ±¸¼ºÀÌ µÇ¸é IP_FORWARDINGÀÌ ¾Ë¾Æ¼ ÀÌ·ç¾îÁö±â ¶§¹®¿¡ ÇãºêÂÊ¿¡ ¹°¸°
PC¿¡¼ ¿ÜºÎ·Î ³ª°¡´Â ³×Æ®¿÷À» ¾µ°æ¿ì ¹«Á¶°Ç ¿ì¸®°¡ ¸¸µç ¸®´ª½º Æ÷¿öµù ¸Ó½®À»
Áö³ª°¡°Ô µÈ´Ù. ÀÚ ÀÌÁ¦´Â Æ÷¿öµù ¸Ó½®¿¡¼ ipchains¸¦ ÀÌ¿ëÇØ °¢Á¾ ¹æȺ® ¼³Á¤À»
ÇÒ ¼ö ÀÖ´Ù. ȸ»ç ³»ºÎ¿¡¼ ¾÷¹«½Ã°£Áß Ã¤ÆÃÀ» ¸·±â À§ÇØ irc Æ÷Æ®·Î ³ª°¡´Â ¸ðµç
³×Æ®¿÷À» ¸·À»¼öµµ ÀÖÀ»°ÍÀÌ°í , Áö±Ý È°¼ºÈµÈ ³×Æ®¿÷µµ ²÷À»¼ö°¡ ÀÖ´Ù :)
½Ç·Ê¸¦ À§ÇØ º»ÀÎÀÇ ¼³Á¤ ¸î°¡Áö¸¦ º¸ÀÌ°Ú´Ù.
- ¶ó¿ìÅÍ ¼³Á¤
[root@unixian /root]# ztelnet 10.0.0.1
Trying 10.0.0.1...
Connected to 10.0.0.1.
Escape character is '^]'.
WyzSoft Research & Development Lab. Access-control Router
User Access Verification
Password:
router>en
Password:
router#show running-config
Building configuration...
Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname router
!
enable secret 5 ******************************
!
ip subnet-zero
ip domain-name wyzlab.com
ip name-server 210.205.2.52
!
interface Serial0
ip address 211.50.1.202 255.255.255.252
!
interface Serial1
no ip address
shutdown
!
interface Serial2
no ip address
shutdown
!
interface Serial3
no ip address
shutdown
!
interface FastEthernet0
ip address 10.0.0.1 255.0.0.0
!
no ip classless
ip route 0.0.0.0 0.0.0.0 211.50.1.201
ip route 211.50.38.0 255.255.255.128 10.0.0.2
logging buffered informational
logging console informational
logging monitor informational
logging 211.50.38.2
snmp-server community wyzlab RO
snmp-server trap-authentication
banner motd ^CWyzSoft Research & Development Lab. Access-control Router^C
!
line con 0
line aux 0
line vty 0 4
password *******************
login
!
end
router#
- ¹æȺ® ¸®´ª½º ¹Ú½ºÀÇ ¼³Á¤
[root@bluebird jhjung]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
211.50.38.1 * 255.255.255.255 UH 0 0 0 eth0
10.0.0.2 * 255.255.255.255 UH 0 0 0 eth1
10.0.0.0 * 255.255.255.252 U 0 0 0 eth1
211.50.38.0 * 255.255.255.128 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth1
- ÀÏ¹Ý PCÀÇ ¼³Á¤(Linux ±âÁØ)
[root@unixian /root]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
211.50.38.38 * 255.255.255.255 UH 0 0 0 eth1
211.50.38.0 * 255.255.255.128 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 211.50.38.1 0.0.0.0 UG 0 0 0 eth1
[root@unixian /root]#
- ÀÏ¹Ý PC¿¡¼ÀÇ traceroute °á°ú
[root@unixian /root]# traceroute linux.sarang.net
traceroute to linux.sarang.net (210.122.59.30), 30 hops max, 38 byte packets
1 211.50.38.1 (211.50.38.1) 0.241 ms 0.192 ms 0.149 ms
2 10.0.0.1 (10.0.0.1) 2.350 ms 0.884 ms 0.777 ms
3 211.50.1.201 (211.50.1.201) 4.102 ms 3.571 ms 3.443 ms
4 anybbb185-fe4-1-0.rt.bora.net (210.120.252.102) 4.060 ms 3.680 ms 3.895 ms
5 anyg4-ge2-0.rt.bora.net (210.120.193.145) 3.775 ms 3.728 ms 3.692 ms
6 selg2-pos8-0.rt.bora.net (210.120.192.117) 4.423 ms 3.924 ms 3.943 ms
7 ysng12kix4-ge5-0.rt.bora.net (210.120.192.69) 4.049 ms 4.053 ms 4.061 ms
8 210.107.53.66 (210.107.53.66) 4.911 ms 5.091 ms 5.216 ms
9 203.255.117.248 (203.255.117.248) 5.077 ms 5.759 ms 5.190 ms
10 10.241.1.178 (10.241.1.178) 12.136 ms 11.571 ms 11.424 ms
11 linux.sarang.net (210.122.59.30) 11.841 ms 10.977 ms 10.900 ms
- ¿ÜºÎ ³×Æ®¿÷¿¡¼ÀÇ traceroute °á°ú
[jhjung@www jhjung]$ /usr/sbin/traceroute 211.50.38.38
traceroute to 211.50.38.38 (211.50.38.38), 30 hops max, 40 byte packets
1 210.118.74.1 (210.118.74.1) 2.944 ms 2.871 ms 2.908 ms
2 210.118.73.1 (210.118.73.1) 0.914 ms 0.905 ms 0.877 ms
3 210.118.49.97 (210.118.49.97) 3.146 ms 3.460 ms 2.889 ms
4 dacomkix-sds-s2-0.rt.bora.net (203.233.37.221) 5.048 ms 5.653 ms 4.491 ms
5 selg2-ge5-0.rt.bora.net (210.120.192.65) 4.608 ms 5.121 ms 4.654 ms
6 anyg4-pos8-0.rt.bora.net (210.120.192.118) 5.543 ms 5.481 ms 4.817 ms
7 anybbb185-ge1-0-0.rt.bora.net (210.120.193.147) 5.259 ms 69.667 ms 5.210 ms
8 anyaba74-fe1-0-0.rt.bora.net (210.120.252.74) 5.457 ms 6.135 ms 5.139 ms
9 211.50.1.202 (211.50.1.202) 9.027 ms 9.660 ms 8.556 ms
10 10.0.0.2 (10.0.0.2) 8.838 ms 9.265 ms 8.908 ms
11 211.50.38.38 (211.50.38.38) 17.076 ms 8.672 ms 8.902 ms
5. »ç¿ëÈıâ
¿ÜºÎ ³×Æ®¿÷ÀÌ T1À̱⠶§¹®¿¡ ¾ÆÁ÷ ÆøÁÖ¸¦ °æÇèÇØ º¸Áö´Â ¸øÇßÁö¸¸ »ó´çÈ÷ Æ÷¿öµù/
¹æȺ® ¸Ó½®À¸·Î´Â °í»ç¾çÀ̱⠶§¹®¿¡ ÆÐŶ ·Î½ºÀ²ÀÌ °ÅÀÇ ¾øÀÌ Àß ÀÛµ¿ÇÑ´Ù. »ç½Ç
Æ÷¿öµù ÀÚü·Î´Â Àǹ̰¡ ¾ø°í ¹æȺ® ¼³ºñ¸¦ ¾ÆÁÖ ¿°°¡·Î ±¸ÃàÇÒ ¼ö Àֱ⠶§¹®¿¡ »ç
¶û¹Þ´Â °ü¸®ÀÚ°¡ µÉ ¼ö ÀÖÀ»°ÍÀÌ´Ù. Æ÷¿öµù ¸Ó½®¿¡¼ ³×Æ®¿öÅ© ºÐ¼®ÅøµéÀ» µ¹¸®¸é(
IPtraf , ntop µî) ¸ðµç ³×Æ®¿÷À» °¨½ÃÇÒ ¼ö Àֱ⶧¹®¿¡ °ü¸®°¡ ÇÑ°á ¼ö¿ùÇØÁø´Ù.
¾ÆÁ÷ ÇØ°áÇÏÁö ¸øÇÑÁ¡ÀÌ ÀÖ´Ù¸é Æ÷¿öµù ¸Ó½® ÀÚü¿¡¼´Â ¿ÜºÎ ³×Æ®¿÷À¸·Î ¿¬°áÇÒ ¼ö
°¡ ¾ø´Ù. ´Ù¸¥ PC¿¡¼ °¡Áö°í ³ª°¡´Â IP´Â ´ÜÁö Æ÷¿öµù¸¸ µÇ±â¶§¹®¿¡ »ó°ü¾øÁö¸¸ ½Ç
Á¦ Æ÷¿öµù ¸Ó½ÅÀÇ ±âº» IP°¡ 10.0.0.2·Î ³ª°¡±â ¶§¹®¿¡ ¿ÜºÎ·Î ¶ó¿ìÆà µÉ ¼ö ¾ø´Â ¹®
Á¦ÀÎ°Í °°´Ù. IP tunnelingÀ» ¾²¸é °¡´ÉÇÏ°ÚÁö¸¸ ¼öÀÍü°¨ÀÇ ¹ýÄ¢»ó ÀÌÁ¤µµ´Â Å«¹®Á¦
°¡ ¾Æ´Ï±â ¶§¹®¿¡ Á׾ Æ÷¿öµù ¸Ó½®¿¡¼ ³×Æ®¿÷À» ½á¾ß°Ú´Ù´Â ºÐÀº IP tunnell-ing
À» ¿¬±¸ÇØ º¸±â ¹Ù¶õ´Ù. Âü°í·Î IPchains¸¦ ½±°Ô ¼³Á¤ÇØ ÁÖ´Â µµ±¸´Â http://www.fre
shmeat.net ¿¡¼ ipchains·Î °Ë»ö Çغ¸±â ¹Ù¶õ´Ù. º»ÀÎÀÌ °¡Àå Áñ°Ü ¾²´Â µµ±¸´Â gtk
front-endÀÎ gfccÀÌ´Ù. ±×·³ Èí¿¬À» À§ÇØ À̸¸ ÁÙÀÔ´Ï´Ù.
Ãâó : kldp.org
|
|
|
Absolute number:50
|
|
|
|
|
|
|
|
|