Manualshelf

User`s manual

ManualsBrandsCNET ManualsPrint & ScanCWC-854
41424344454647484950
ThinkCore IA241/240 Linux User’s Manual Managing Communication
4-11
# iptables –A INPUT –i eth0 –p tcp --dport 25 –j LOG
Example 8: Drop all packets from MAC address 01:02:03:04:05:06.
# iptables –A INPUT –i eth0 –p all –m mac –mac-source 01:02:03:04:05:06 –j DROP
NOTE: In Example 8, remember to issue the command
#modprobe ipt_mac
first to load module
ipt_mac.
NAT
NAT (Network Address Translation) protocol translates IP addresses used on one network to
different IP addresses used on another network. One network is designated the inside network and
the other is the outside network. Typically, the IA241/240 connects several devices on a network
and maps local inside network addresses to one or more global outside IP addresses, and un-maps
the global IP addresses on incoming packets back into local IP addresses.
NOTE Click on the following link for more information about iptables and NAT:
http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html
NAT Example
The IP address of LAN1 is changed to 192.168.3.127 (you will need to load the module
ipt_MASQUERADE):
Embedded Computer
PC1 (Linux or Windows)
IP/Netmask:
Gateway:
192.168.3.100/24
192.168.3.127
PC2 (Linux or Windows)
IP/Netmask:
Gateway:
192.168.4.100/24
192.168.4.127
LAN1
LAN2
LAN1: 192.168.3.127/24
LAN2: 192.168.4.127/24
NAT Area / Private IP
1. #echo 1 > /proc/sys/net/ipv4/ip_forward
2. #insmod ip_tables
3. #insmod iptable_ filter
4. #insmod ip_conntrack
5. #insmod iptable_nat
6. #insmod ipt_MASQUERADE
7. #iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 192.168.3.127
8. #iptables -t nat -A POSTROUTING -o eth0 -s 192.168.3.0/24 -j MASQUERADE