Script started on Tue Jul 8 17:48:29 2008
]0;root@demo: /root[?1034h[root@demo ~]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 08:00:27:50:7a:b1 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
3: eth1: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 08:00:27:7f:75:e2 brd ff:ff:ff:ff:ff:ff
inet 169.254.8.10/16 brd 169.254.255.255 scope global eth1:avahi
]0;root@demo: /root[root@demo ~]# cd /etc/net/ifaces/eth1
bash: cd: /etc/net/ifaces/eth1: No such file or directory
]0;root@demo: /root[root@demo ~]# cd /etc/net/ifaces/eth1
[root@demo ~]# [1P[1P /etc/net/ifaces/eth1
[root@demo ~]# l /etc/net/ifaces/eth1
[root@demo ~]# ls /etc/net/ifaces/eth1
[root@demo ~]# ls
[00mls: /etc/net/ifaces/eth1: No such file or directory
[m]0;root@demo: /root[root@demo ~]# ls /etc/net/ifaces/eth1[K[K[K[K
[00m[01;34mdefault[00m [01;34meth0[00m [01;34mlo[00m [01;34munknown[00m
[m]0;root@demo: /root[root@demo ~]# cd /media/c
]0;root@demo: /root[root@demo ~]# cd /m[Ketc/net/ifaces/
]0;root@demo: /etc/net/ifaces[root@demo ifaces]# ls
[00m[01;34mdefault[00m [01;34meth0[00m [01;34mlo[00m [01;34munknown[00m
[m]0;root@demo: /etc/net/ifaces[root@demo ifaces]# cp[Kmkdir eth1
]0;root@demo: /etc/net/ifaces[root@demo ifaces]# cd w[Keth1
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# vim ipv4address
7[?47h[?1h=[1;35r[?12;25h[?12l[?25h[27m[m[H[2J[?25l[35;1H"ipv4address" [New File][>c[2;1H[1m[34m~ [3;1H~ [4;1H~ [5;1H~ [6;1H~ [7;1H~ [8;1H~ [9;1H~ [10;1H~ [11;1H~ [12;1H~ [13;1H~ [14;1H~ [15;1H~ [16;1H~ [17;1H~ [18;1H~ [19;1H~ [20;1H~ [21;1H~ [22;1H~ [23;1H~ [24;1H~ [25;1H~ [26;1H~ [27;1H~ [28;1H~ [29;1H~ [30;1H~ [31;1H~ [32;1H~ [33;1H~ [34;1H~ [m[35;83H0,0-1 All[1;1H[?12l[?25h[?25l[35;73Hi [1;1H[35;73H [1;1H[35;1H[1m-- INSERT --[m[35;13H[K[35;83H0,1 All[1;1H[?12l[?25h[?25l1[35;83H1,2 All[1;2H[?12l[?25h[?25l7[35;83H1,3 All[1;3H[?12l[?25h[?25l2[35;83H1,4 All[1;4H[?12l[?25h[?25l.[35;83H1,5 All[1;5H[?12l[?25h[?25l1[35;83H1,6 All[1;6H[?12l[?25h[?25l6[35;83H1,7 All[1;7H[?12l[?25h[?25l.[35;83H1,8 All[1;8H[?12l[?25h[?25l0[35;83H1,9 All[1;9H[?12l[?25h[?25l.[35;83H1,10 All[1;10H[?12l[?25h[?25l1[35;83H1,11 All[1;11H[?12l[?25h[?25l/[35;83H1,12 All[1;12H[?12l[?25h[?25l2[35;83H1,13 All[1;13H[?12l[?25h[?25l4[35;83H1,14 All[1;14H[?12l[?25h[35;1H[K[1;13H[?25l[35;73H^[ [1;13H[?12l[?25h[?25l[35;73H [1;14H[35;83H1,13 All[1;13H[?12l[?25h[?25l[35;73H: [1;13H[35;73H[K[35;1H:[?12l[?25hq[?25l
:q[?12l[?25h![?25l
:q![?12l[?25h
[?25l[35;1H[K[35;1H[?1l>[?12l[?25h[2J[?47l8]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# echo "172.16.0.1/24" > ip[K[Kipv4address
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# echo "BOO[K[K[KDI[K[K[K-n "
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# cat > options
DISABLED=no
BOOTPROTO=static
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# service network restart
Computing interface groups: ... 3 interfaces found
Processing /etc/net/vlantab: empty.
Stopping group 1/realphys (2 interfaces)
Stopping eth0: ..OK
Stopping eth1: ..OK
Stopping group 0/virtual (1 interfaces)
Stopping lo: .OK
Stopping iptables for default
Flushing the "OUTPUT" chain in the "filter" table
Flushing the "FORWARD" chain in the "filter" table
Flushing the "INPUT" chain in the "filter" table
Flushing the "POSTROUTING" chain in the "nat" table
Flushing the "OUTPUT" chain in the "nat" table
Flushing the "PREROUTING" chain in the "nat" table
Flushing the "POSTROUTING" chain in the "mangle" table
Flushing the "OUTPUT" chain in the "mangle" table
Flushing the "FORWARD" chain in the "mangle" table
Flushing the "INPUT" chain in the "mangle" table
Flushing the "PREROUTING" chain in the "mangle" table
Deleting the "stdin" chain from the "filter" table
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Starting iptables for default
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Creating the "stdin" chain in the "filter" table
Computing interface groups: ... 3 interfaces found
Starting group 0/virtual (1 interfaces)
Starting lo: ....OK
Starting group 1/realphys (2 interfaces)
Starting eth0: .....OK
Starting eth1: .....OK
Processing /etc/net/vlantab: empty.
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 08:00:27:50:7a:b1 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
3: eth1: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 08:00:27:7f:75:e2 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.1/24 brd 172.16.0.255 scope global eth1
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# ip r
172.16.0.0/24 dev eth1 proto kernel scope link src 172.16.0.1
10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15
default via 10.0.2.2 dev eth0
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# apt-cache h[Ksearch tcpdump
libpcap-devel - Development environment for the packet capture library
tcpdump - A network traffic monitoring tool
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# apt-get install tcpdump
Reading Package Lists... 0%
Reading Package Lists... 100%
Reading Package Lists... Done
Building Dependency Tree... 0%
Building Dependency Tree... 0%
Building Dependency Tree... 50%
Building Dependency Tree... 50%
Building Dependency Tree... 94%
Building Dependency Tree... Done
The following NEW packages will be installed:
tcpdump
0 upgraded, 1 newly installed, 0 removed and 6 not upgraded.
Need to get 309kB of archives.
After unpacking 631kB of additional disk space will be used.
0% [Working]
0% [Query]
Get:1 ftp://updates.altlinux.org i586/updates tcpdump 1:3.9.7-alt1 [309kB]
0% [1 tcpdump 0/309kB 0%]
100% [Working]
Fetched 309kB in 1s (291kB/s)
Committing changes...
Preparing... (100%)# (100%)## (100%)### (100%)#### (100%)##### (100%)###### (100%)####### (100%)######## (100%)######### (100%)########## (100%)########### (100%)############ (100%)############# (100%)############## (100%)############### (100%)################ (100%)################# (100%)################## (100%)################### (100%)#################### (100%)##################### (100%)###################### (100%)####################### (100%)######################## (100%)######################### (100%)########################## (100%)########################### (100%)############################ (100%)############################# (100%)############################## (100%)############################### (100%)################################ (100%)################################# (100%)################################## (100%)################################### (100%)#################################### (100%)##################################### (100%)###################################### (100%)####################################### (100%)######################################## (100%)######################################### (100%)########################################## (100%)########################################### (100%)############################################ (100%)############################################# (100%)############################################## (100%)############################################### (100%)################################################ (100%)################################################# (100%)################################################## (100%)################################################### (100%)#################################################### (100%)##################################################### (100%)###################################################### (100%)####################################################### (100%)######################################################## (100%)######################################################### (100%)########################################################## (100%)########################################################### (100%)############################################################ (100%)############################################################# (100%)############################################################## (100%)############################################################### (100%)############################################################### [100%]
1: tcpdump ( 10%)# ( 10%)## ( 10%)### ( 10%)#### ( 10%)##### ( 10%)###### ( 20%)####### ( 20%)######## ( 20%)######### ( 20%)########## ( 20%)########### ( 20%)############ ( 20%)############# ( 31%)############## ( 31%)############### ( 31%)################ ( 31%)################# ( 31%)################## ( 31%)################### ( 41%)#################### ( 41%)##################### ( 41%)###################### ( 41%)####################### ( 41%)######################## ( 41%)######################### ( 41%)########################## ( 51%)########################### ( 51%)############################ ( 51%)############################# ( 51%)############################## ( 51%)############################### ( 51%)################################ ( 51%)################################# ( 62%)################################## ( 62%)################################### ( 62%)#################################### ( 62%)##################################### ( 62%)###################################### ( 62%)####################################### ( 72%)######################################## ( 72%)######################################### ( 72%)########################################## ( 72%)########################################### ( 72%)############################################ ( 72%)############################################# ( 72%)############################################## ( 82%)############################################### ( 82%)################################################ ( 82%)################################################# ( 82%)################################################## ( 82%)################################################### ( 82%)#################################################### ( 82%)##################################################### ( 90%)###################################################### ( 90%)####################################################### ( 90%)######################################################## ( 90%)######################################################### ( 90%)########################################################## ( 92%)########################################################### ( 93%)############################################################ ( 95%)############################################################# ( 99%)############################################################## ( 99%)############################################################### (100%)############################################################### [100%]
Done.
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# tcpdump -i eth1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
18:00:32.777207 IP 172.16.0.2.4471 > 192.168.200.117.webcache: S 2740685371:2740685371(0) win 5840
18:00:32.971091 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 117.200.168.192.in-addr.arpa. (46)
18:00:33.968439 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 117.200.168.192.in-addr.arpa. (46)
18:00:35.798593 IP 172.16.0.2.4471 > 192.168.200.117.webcache: S 2740685371:2740685371(0) win 5840
18:00:35.968782 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 117.200.168.192.in-addr.arpa. (46)
18:00:37.822276 arp who-has demo.local tell 172.16.0.2
18:00:37.822365 arp reply demo.local is-at 08:00:27:7f:75:e2 (oui Unknown)
18:00:38.003206 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 2.0.16.172.in-addr.arpa. (41)
18:00:39.010657 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 2.0.16.172.in-addr.arpa. (41)
18:00:41.017625 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 2.0.16.172.in-addr.arpa. (41)
18:00:41.818490 IP 172.16.0.2.4471 > 192.168.200.117.webcache: S 2740685371:2740685371(0) win 5840
18:00:43.483493 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 251.0.0.224.in-addr.arpa. (42)
18:00:44.484146 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 251.0.0.224.in-addr.arpa. (42)
18:00:46.483956 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 251.0.0.224.in-addr.arpa. (42)
18:00:48.494368 IP demo.local.5353 > 224.0.0.251.5353: 0 PTR (QM)? 1.0.16.172.in-addr.arpa. (41)
18:00:48.494368 IP demo.local.5353 > 224.0.0.251.5353: 0*- [0q] 1/0/0 (Cache flush) PTR[|domain]
18:00:53.803214 IP 172.16.0.2.4471 > 192.168.200.117.webcache: S 2740685371:2740685371(0) win 5840
18:01:17.798826 IP 172.16.0.2.4471 > 192.168.200.117.webcache: S 2740685371:2740685371(0) win 5840
18:01:22.825093 arp who-has demo.local tell 172.16.0.2
18:01:22.825233 arp reply demo.local is-at 08:00:27:7f:75:e2 (oui Unknown)
18:02:05.822643 IP 172.16.0.2.4471 > 192.168.200.117.webcache: S 2740685371:2740685371(0) win 5840
18:02:10.810226 arp who-has demo.local tell 172.16.0.2
18:02:10.810354 arp reply demo.local is-at 08:00:27:7f:75:e2 (oui Unknown)
23 packets captured
23 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# host
Usage: host [-aCdlriTwv] [-c class] [-N ndots] [-t type] [-W time]
[-R number] hostname [server]
-a is equivalent to -v -t *
-c specifies query class for non-IN data
-C compares SOA records on authoritative nameservers
-d is equivalent to -v
-l lists all hosts in a domain, using AXFR
-i IP6.INT reverse lookups
-N changes the number of dots allowed before root lookup is done
-r disables recursive processing
-R specifies number of retries for UDP packets
-t specifies the query type
-T enables TCP/IP mode
-v enables verbose output
-w specifies to wait forever for a reply
-W specifies how long to wait for a reply
-4 use IPv4 query transport only
-6 use IPv6 query transport only
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# host linux.armd.ru
linux.armd.ru is an alias for armd.ru.
armd.ru has address 80.68.240.144
armd.ru mail is handled by 10 smtp.armd.ru.
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# host linux.armd.ru[Ktcpdump -i eth1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
18:04:05.437654 IP 172.16.0.2.2757 > congo-hosting.rbc.ru.http: S 2920138140:2920138140(0) win 5840
1 packets captured
4 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# tcpdump -i eth1 [K[K0 host 80.68.240.144
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
0 packets captured
0 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/net/ifaces/eth1[root@demo eth1]# cd /etc/net/
ifaces/ options.d/ scripts/ sysctl.conf
[root@demo eth1]# cd /etc/net/
]0;root@demo: /etc/net[root@demo net]# grep forw[Kward sysctl.conf
# IPv4 packet forwarding.
net.ipv4.ip_forward = 0
]0;root@demo: /etc/net[root@demo net]# sed -i 's/[K[K/net.ipv4.ip_forward = 0/[Ks/[K[K/s/0/1/' sysctl.conf
]0;root@demo: /etc/net[root@demo net]# !g
grep forward sysctl.conf
# IPv4 packet forwarding.
net.ipv4.ip_forward = 1
]0;root@demo: /etc/net[root@demo net]# service network restart
Computing interface groups: ... 3 interfaces found
Processing /etc/net/vlantab: empty.
Stopping group 1/realphys (2 interfaces)
Stopping eth0: ..OK
Stopping eth1: ..OK
Stopping group 0/virtual (1 interfaces)
Stopping lo: .OK
Stopping iptables for default
Flushing the "OUTPUT" chain in the "filter" table
Flushing the "FORWARD" chain in the "filter" table
Flushing the "INPUT" chain in the "filter" table
Flushing the "POSTROUTING" chain in the "nat" table
Flushing the "OUTPUT" chain in the "nat" table
Flushing the "PREROUTING" chain in the "nat" table
Flushing the "POSTROUTING" chain in the "mangle" table
Flushing the "OUTPUT" chain in the "mangle" table
Flushing the "FORWARD" chain in the "mangle" table
Flushing the "INPUT" chain in the "mangle" table
Flushing the "PREROUTING" chain in the "mangle" table
Deleting the "stdin" chain from the "filter" table
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Starting iptables for default
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Creating the "stdin" chain in the "filter" table
Computing interface groups: ... 3 interfaces found
Starting group 0/virtual (1 interfaces)
Starting lo: ....OK
Starting group 1/realphys (2 interfaces)
Starting eth0: .....OK
Starting eth1: .....OK
Processing /etc/net/vlantab: empty.
]0;root@demo: /etc/net[root@demo net]# service network restart
[root@demo net]# grep forward sysctl.conf
[root@demo net]# [28@sed -i '/net.ipv4.ip_forward = 0/s/0/1/'
[root@demo net]# sed -i '/net.ipv4.ip_forward = 0/s/0/1/' sysctl.conf
[root@demo net]# [28Pgrep forward
[root@demo net]# grep forward sysctl.conf
[root@demo net]# [13Pcd /etc/net/tcpdump -i eth0 host 80.68.240.144
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
18:08:52.657386 IP 172.16.0.2.h323gatestat > congo-hosting.rbc.ru.http: S 3254392215:3254392215(0) win 5840
18:08:52.666204 IP congo-hosting.rbc.ru.http > 172.16.0.2.h323gatestat: S 321792001:321792001(0) ack 3254392216 win 8192
18:08:52.724214 IP 172.16.0.2.h323gatestat > congo-hosting.rbc.ru.http: . ack 1 win 5840
18:10:35.699207 IP 172.16.0.2.h323gatestat > congo-hosting.rbc.ru.http: F 1:1(0) ack 1 win 5840
18:10:35.702806 IP congo-hosting.rbc.ru.http > 172.16.0.2.h323gatestat: . ack 2 win 8760
18:10:35.702817 IP congo-hosting.rbc.ru.http > 172.16.0.2.h323gatestat: F 1:1(0) ack 2 win 8760
18:10:35.707147 IP 172.16.0.2.h323gatestat > congo-hosting.rbc.ru.http: . ack 2 win 5840
7 packets captured
7 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/net[root@demo net]# netcat 80[K[K80.68.240.144 80
EHLO
501 Method Not Implemented
Method Not Implemented
EHLO to /index.html not supported.
]0;root@demo: /etc/net[root@demo net]# ipt
iptables iptables-restore iptables-save iptables-xml iptunnel
[root@demo net]# iptables-save
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:13:06 2008
*mangle
:PREROUTING ACCEPT [428:365625]
:INPUT ACCEPT [394:361829]
:FORWARD ACCEPT [7:296]
:OUTPUT ACCEPT [278:27722]
:POSTROUTING ACCEPT [361:43691]
COMMIT
# Completed on Tue Jul 8 18:13:06 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:13:06 2008
*nat
:PREROUTING ACCEPT [36:4238]
:POSTROUTING ACCEPT [30:2757]
:OUTPUT ACCEPT [29:2705]
COMMIT
# Completed on Tue Jul 8 18:13:06 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:13:06 2008
*filter
:INPUT ACCEPT [65:29557]
:FORWARD ACCEPT [7:296]
:OUTPUT ACCEPT [69:10645]
:stdin - [0:0]
COMMIT
# Completed on Tue Jul 8 18:13:06 2008
]0;root@demo: /etc/net[root@demo net]# iptables -t nat -A POSTROUTING -o eth0 -j snat[K[K[K[KSNAT --to-si[Kource=10.0.2.15
]0;root@demo: /etc/net[root@demo net]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 08:00:27:50:7a:b1 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
3: eth1: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 08:00:27:7f:75:e2 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.1/24 brd 172.16.0.255 scope global eth1
]0;root@demo: /etc/net[root@demo net]# iptables-save
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:17:08 2008
*mangle
:PREROUTING ACCEPT [428:365625]
:INPUT ACCEPT [394:361829]
:FORWARD ACCEPT [7:296]
:OUTPUT ACCEPT [278:27722]
:POSTROUTING ACCEPT [361:43691]
COMMIT
# Completed on Tue Jul 8 18:17:08 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:17:08 2008
*nat
:PREROUTING ACCEPT [36:4238]
:POSTROUTING ACCEPT [30:2757]
:OUTPUT ACCEPT [29:2705]
-A POSTROUTING -o eth0 -j SNAT --to-source 10.0.2.15
COMMIT
# Completed on Tue Jul 8 18:17:08 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:17:08 2008
*filter
:INPUT ACCEPT [65:29557]
:FORWARD ACCEPT [7:296]
:OUTPUT ACCEPT [69:10645]
:stdin - [0:0]
COMMIT
# Completed on Tue Jul 8 18:17:08 2008
]0;root@demo: /etc/net[root@demo net]# iptables -t nat -L -nvx[K
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT 0 -- anywhere anywhere to:10.0.2.15
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
]0;root@demo: /etc/net[root@demo net]# iptables -t nat -L [5P-save
[root@demo net]# iptables-save a[Ktables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source=10.0.2.15
[root@demo net]# iptables-save [Knetcat 80.68.240.144 80
[root@demo net]# tcpdump -i eth0 host 80.68.240.144
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
18:21:54.337149 IP demo.local.4801 > congo-hosting.rbc.ru.http: S 4079413571:4079413571(0) win 5840
18:21:54.347491 IP congo-hosting.rbc.ru.http > demo.local.4801: S 384256001:384256001(0) ack 4079413572 win 8192
18:21:54.369053 IP demo.local.4801 > congo-hosting.rbc.ru.http: . ack 1 win 5840
18:21:56.879758 IP demo.local.4801 > congo-hosting.rbc.ru.http: P 1:2(1) ack 1 win 5840
18:21:56.883444 IP congo-hosting.rbc.ru.http > demo.local.4801: . ack 2 win 8760
18:21:56.959695 IP demo.local.4801 > congo-hosting.rbc.ru.http: P 2:3(1) ack 1 win 5840
18:21:56.963812 IP congo-hosting.rbc.ru.http > demo.local.4801: . ack 3 win 8760
18:22:00.615823 IP demo.local.4801 > congo-hosting.rbc.ru.http: P 3:8(5) ack 1 win 5840
18:22:00.616617 IP congo-hosting.rbc.ru.http > demo.local.4801: . ack 8 win 8760
18:22:00.622625 IP congo-hosting.rbc.ru.http > demo.local.4801: P 1:217(216) ack 8 win 8760
18:22:00.622634 IP congo-hosting.rbc.ru.http > demo.local.4801: F 217:217(0) ack 8 win 8760
18:22:00.624004 IP demo.local.4801 > congo-hosting.rbc.ru.http: . ack 217 win 6432
18:22:00.624073 IP demo.local.4801 > congo-hosting.rbc.ru.http: F 8:8(0) ack 218 win 6432
18:22:00.626149 IP congo-hosting.rbc.ru.http > demo.local.4801: . ack 9 win 8760
14 packets captured
14 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/net[root@demo net]# tcpdump -i eth0 host 80.68.240.144
[root@demo net]# tcpdump -[1@-[1@n[1@
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
18:22:35.220616 IP 10.0.2.15.4802 > 80.68.240.144.http: S 4121055896:4121055896(0) win 5840
18:22:35.227257 IP 80.68.240.144.http > 10.0.2.15.4802: S 389504001:389504001(0) ack 4121055897 win 8192
18:22:35.232999 IP 10.0.2.15.4802 > 80.68.240.144.http: . ack 1 win 5840
18:22:36.160388 IP 10.0.2.15.4802 > 80.68.240.144.http: P 1:2(1) ack 1 win 5840
18:22:36.161985 IP 80.68.240.144.http > 10.0.2.15.4802: . ack 2 win 8760
18:22:43.145085 IP 10.0.2.15.4802 > 80.68.240.144.http: P 2:7(5) ack 1 win 5840
18:22:43.145817 IP 80.68.240.144.http > 10.0.2.15.4802: . ack 7 win 8760
18:22:43.153304 IP 80.68.240.144.http > 10.0.2.15.4802: P 1:217(216) ack 7 win 8760
18:22:43.153570 IP 80.68.240.144.http > 10.0.2.15.4802: F 217:217(0) ack 7 win 8760
18:22:43.156774 IP 10.0.2.15.4802 > 80.68.240.144.http: . ack 217 win 6432
18:22:43.160685 IP 10.0.2.15.4802 > 80.68.240.144.http: F 7:7(0) ack 218 win 6432
18:22:43.164320 IP 80.68.240.144.http > 10.0.2.15.4802: . ack 8 win 8760
12 packets captured
12 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/net[root@demo net]# tcpdump -n -i eth0 host 80.68.240.144[1P[1@1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
18:23:37.940320 IP 172.16.0.2.4803 > 80.68.240.144.http: S 4192929678:4192929678(0) win 5840
18:23:37.945009 IP 80.68.240.144.http > 172.16.0.2.4803: S 397568001:397568001(0) ack 4192929679 win 8192
18:23:37.951733 IP 172.16.0.2.4803 > 80.68.240.144.http: . ack 1 win 5840
18:23:41.386498 IP 172.16.0.2.4803 > 80.68.240.144.http: P 1:6(5) ack 1 win 5840
18:23:41.388562 IP 80.68.240.144.http > 172.16.0.2.4803: . ack 6 win 8760
18:23:41.390993 IP 80.68.240.144.http > 172.16.0.2.4803: P 1:217(216) ack 6 win 8760
18:23:41.394495 IP 80.68.240.144.http > 172.16.0.2.4803: F 217:217(0) ack 6 win 8760
18:23:41.408547 IP 172.16.0.2.4803 > 80.68.240.144.http: . ack 217 win 6432
18:23:41.412625 IP 172.16.0.2.4803 > 80.68.240.144.http: F 6:6(0) ack 218 win 6432
18:23:41.414915 IP 80.68.240.144.http > 172.16.0.2.4803: . ack 7 win 8760
10 packets captured
10 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/net[root@demo net]# cd /etc/sys
sysconfig/ sysctl.conf sysfs.conf syslog.conf syslog.d/ system-release
[root@demo net]# cd /etc/sysconfig/i[K
]0;root@demo: /etc/sysconfig[root@demo sysconfig]# ls
[00m[00mbootsplash[00m [00mframebuffer[00m [00minit[00m [00mkeyboard[00m [00mntpd[00m [00mtomcat5[00m
[00mclamd[00m [01;34mharddisk[00m [00miptables[00m [00mklogd[00m [00mportmap[00m [00musb[00m
[00mclock[00m [00mharddisks[00m [00miptables_modules[00m [00mmouse[00m [00mpptp[00m [00mwpa_supplicant[00m
[01;34mconsole[00m [00mhotplug[00m [00miptables_params[00m [00mnetwork[00m [00mrawdevices[00m [00mxinetd[00m
[00mconsolefont[00m [00mhttpd2[00m [00mipw3945d[00m [01;34mnetwork-scripts[00m [00msyslogd[00m [00mxinitrc[00m
[00methtool[00m [00mi18n[00m [01;34mkernel[00m [00mnfs[00m [00msystem[00m
[m]0;root@demo: /etc/sysconfig[root@demo sysconfig]# cd /etc/net
]0;root@demo: /etc/net[root@demo net]# cd /usr/share/doc/eth[Kcnet-0.9.6/
ChangeLog README.bridge README.plip examples/
README README.firewall TODO wiki-RU/
README.bluetooth README.ossh contrib/
[root@demo net]# cd /usr/share/doc/etcnet-0.9.6/
]0;root@demo: /usr/share/doc/etcnet-0.9.6[root@demo etcnet-0.9.6]# ls
[00m[00mChangeLog[00m [00mREADME.bluetooth[00m [00mREADME.firewall[00m [00mREADME.plip[00m [01;34mcontrib[00m [01;34mwiki-RU[00m
[00mREADME[00m [00mREADME.bridge[00m [00mREADME.ossh[00m [00mTODO[00m [01;34mexamples[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6[root@demo etcnet-0.9.6]# cd examples/
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples[root@demo examples]# ls
[00m[01;34mComplex-without-QoS[00m [01;34mOpenVPN-to-satellite[00m [01;34mQoS-HTB-user-guide[00m [01;34mfirewall-hiddenman[00m
[01;34mEthernet[00m [01;34mPPP[00m [01;34mVLAN-without-vlantab[00m [01;34mrouting[00m
[01;34mEthernet-bridge-GRE[00m [01;34mQoS-CBQ-internet-cafe[00m [01;34mWiFi-WEP-ipw2100[00m [01;34mrouting-LARTC-1[00m
[01;34mOpenVPN-TAP[00m [01;34mQoS-HTB-SFQ-256kbit[00m [01;34mdummy[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples[root@demo examples]# cd firewall-hiddenman/
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman[root@demo firewall-hiddenman]# ;s
bash: syntax error near unexpected token `;'
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman[root@demo firewall-hiddenman]# ls
[00m[01;34mifaces[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman[root@demo firewall-hiddenman]# cd ifaces/
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces[root@demo ifaces]# ls
[00m[01;34mdefault[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces[root@demo ifaces]# cd default/
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default[root@demo default]# ls
[00m[01;34mfw[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default[root@demo default]# cd fw/
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw[root@demo fw]# ls
[00m[01;34miptables[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw[root@demo fw]# cd iptables/
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables[root@demo iptables]# ls
[00m[01;34mfilter[00m [01;34mmangle[00m [00mmodules[00m [01;34mnat[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables[root@demo iptables]# cat modules
ipt_LOG
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables[root@demo iptables]# cd nat/
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables/nat[root@demo nat]# ls
[00m[00mPOSTROUTING[00m [00mPREROUTING[00m
[m]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables/nat[root@demo nat]# cat *
snat-to 5.6.7.8 if marked as 1
dnat-to 1.2.3.4 if proto tcp from any to 4.3.2.1
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables/nat[root@demo nat]# cat POSTROUTING
snat-to 5.6.7.8 if marked as 1
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables/nat[root@demo nat]# pwd
/usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables/nat
]0;root@demo: /usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables/nat[root@demo nat]# cd /etc/net/ifaces/eth0/
]0;root@demo: /etc/net/ifaces/eth0[root@demo eth0]# mkdir -p key originally introduced for the Windows 95 operating system[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[Kfw/iptables/nat
]0;root@demo: /etc/net/ifaces/eth0[root@demo eth0]# fw/iptables/nat[Kcd fw/iptables/nat
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# cat >
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# echo "snat-to 10.0.2.15" > POSTROUTING
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# services network [1P
[root@demo nat]# service network restart
Computing interface groups: ... 3 interfaces found
Processing /etc/net/vlantab: empty.
Stopping group 1/realphys (2 interfaces)
Stopping eth0:
Stopping iptables for eth0
Unloading rules for the "POSTROUTING" chain in the "nat" tableiptables v1.3.7: Invalid rule number `snat-to'
Try `iptables -h' or 'iptables --help' for more information.
ERROR: /etc/net/scripts/config-fw: /sbin/iptables -t nat -D POSTROUTING snat-to 10.0.2.15
.
..OK
Stopping eth1: ..OK
Stopping group 0/virtual (1 interfaces)
Stopping lo: .OK
Stopping iptables for default
Flushing the "OUTPUT" chain in the "filter" table
Flushing the "FORWARD" chain in the "filter" table
Flushing the "INPUT" chain in the "filter" table
Flushing the "POSTROUTING" chain in the "nat" table
Flushing the "OUTPUT" chain in the "nat" table
Flushing the "PREROUTING" chain in the "nat" table
Flushing the "POSTROUTING" chain in the "mangle" table
Flushing the "OUTPUT" chain in the "mangle" table
Flushing the "FORWARD" chain in the "mangle" table
Flushing the "INPUT" chain in the "mangle" table
Flushing the "PREROUTING" chain in the "mangle" table
Deleting the "stdin" chain from the "filter" table
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Starting iptables for default
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Creating the "stdin" chain in the "filter" table
Computing interface groups: ... 3 interfaces found
Starting group 0/virtual (1 interfaces)
Starting lo: ....OK
Starting group 1/realphys (2 interfaces)
Starting eth0: ....
Starting iptables for eth0
Loading rules for the "POSTROUTING" chain in the "nat" tableBad argument `snat-to'
Try `iptables -h' or 'iptables --help' for more information.
ERROR: /etc/net/scripts/config-fw: /sbin/iptables -t nat -A POSTROUTING snat-to 10.0.2.15
.
.OK
Starting eth1: .....OK
Processing /etc/net/vlantab: empty.
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# rpm -ql etcnet | less
[?1049h[?1h=[35;1H[K/etc/net
/etc/net/ifaces
/etc/net/ifaces/default
/etc/net/ifaces/default/fw
/etc/net/ifaces/default/fw/ebtables
/etc/net/ifaces/default/fw/ebtables/broute
/etc/net/ifaces/default/fw/ebtables/broute/BROUTING
/etc/net/ifaces/default/fw/ebtables/filter
/etc/net/ifaces/default/fw/ebtables/filter/FORWARD
/etc/net/ifaces/default/fw/ebtables/filter/INPUT
/etc/net/ifaces/default/fw/ebtables/filter/OUTPUT
/etc/net/ifaces/default/fw/ebtables/filter/loadorder
/etc/net/ifaces/default/fw/ebtables/loadorder
/etc/net/ifaces/default/fw/ebtables/modules
/etc/net/ifaces/default/fw/ebtables/nat
/etc/net/ifaces/default/fw/ebtables/nat/OUTPUT
/etc/net/ifaces/default/fw/ebtables/nat/POSTROUTING
/etc/net/ifaces/default/fw/ebtables/nat/PREROUTING
/etc/net/ifaces/default/fw/ebtables/nat/loadorder
/etc/net/ifaces/default/fw/ip6tables
/etc/net/ifaces/default/fw/ip6tables/filter
/etc/net/ifaces/default/fw/ip6tables/filter/FORWARD
/etc/net/ifaces/default/fw/ip6tables/filter/INPUT
/etc/net/ifaces/default/fw/ip6tables/filter/OUTPUT
/etc/net/ifaces/default/fw/ip6tables/filter/loadorder
/etc/net/ifaces/default/fw/ip6tables/loadorder
/etc/net/ifaces/default/fw/ip6tables/mangle
/etc/net/ifaces/default/fw/ip6tables/mangle/FORWARD
/etc/net/ifaces/default/fw/ip6tables/mangle/INPUT
/etc/net/ifaces/default/fw/ip6tables/mangle/OUTPUT
/etc/net/ifaces/default/fw/ip6tables/mangle/POSTROUTING
/etc/net/ifaces/default/fw/ip6tables/mangle/PREROUTING
/etc/net/ifaces/default/fw/ip6tables/mangle/loadorder
/etc/net/ifaces/default/fw/ip6tables/modules
[35;1H[K[7mlines 1-34 [27m[35;1H[35;1H[K/etc/net/ifaces/default/fw/ip6tables/syntax
/etc/net/ifaces/default/fw/iptables
/etc/net/ifaces/default/fw/iptables/filter
/etc/net/ifaces/default/fw/iptables/filter/FORWARD
/etc/net/ifaces/default/fw/iptables/filter/INPUT
/etc/net/ifaces/default/fw/iptables/filter/OUTPUT
/etc/net/ifaces/default/fw/iptables/filter/loadorder
/etc/net/ifaces/default/fw/iptables/loadorder
/etc/net/ifaces/default/fw/iptables/mangle
/etc/net/ifaces/default/fw/iptables/mangle/FORWARD
/etc/net/ifaces/default/fw/iptables/mangle/INPUT
/etc/net/ifaces/default/fw/iptables/mangle/OUTPUT
/etc/net/ifaces/default/fw/iptables/mangle/POSTROUTING
/etc/net/ifaces/default/fw/iptables/mangle/PREROUTING
/etc/net/ifaces/default/fw/iptables/mangle/loadorder
/etc/net/ifaces/default/fw/iptables/modules
/etc/net/ifaces/default/fw/iptables/nat
/etc/net/ifaces/default/fw/iptables/nat/OUTPUT
/etc/net/ifaces/default/fw/iptables/nat/POSTROUTING
/etc/net/ifaces/default/fw/iptables/nat/PREROUTING
/etc/net/ifaces/default/fw/iptables/nat/loadorder
/etc/net/ifaces/default/fw/iptables/syntax
/etc/net/ifaces/default/fw/options
/etc/net/ifaces/default/options
/etc/net/ifaces/default/options-bnep
/etc/net/ifaces/default/options-dummy
/etc/net/ifaces/default/options-eth
/etc/net/ifaces/default/options-lo
/etc/net/ifaces/default/options-ovpn
/etc/net/ifaces/default/options-ppp
/etc/net/ifaces/default/options-usb
/etc/net/ifaces/default/options-vlan
/etc/net/ifaces/default/sysctl.conf-dvb
/etc/net/ifaces/lo
[35;1H[K[7mlines 35-68 [27m[35;1H[K[?1l>[?1049l]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# ca[K[Kless /etc/net/de[K[Kifaces/default/fw/s[K
ebtables/ ip6tables/ iptables/ options
[root@demo nat]# less /etc/net/ifaces/default/fw/iptables/
filter/ loadorder mangle/ modules nat/ syntax
[root@demo nat]# less /etc/net/ifaces/default/fw/iptables/syntax
[?1049h[?1h=[35;1H[K# All chains and targets are case-sensitive !
policy:
insert: -I
ins: -I
append: -A
add: -A
delete: -D
del: -D
# Builtin targets
accept: -j ACCEPT
allow: -j ACCEPT
pass: -j ACCEPT
drop: -j DROP
deny: -j DROP
return: -j RETURN
queue: -j QUEUE
# Target extensions
balance: -j BALANCE --to-destination
classify: -j CLASSIFY --set-class
clusterip: -j CLUSTERIP --new
clusterip-hashmode: -j CLUSTERIP --hashmode
clusterip-clustermac: -j CLUSTERIP --clustermac
clusterip-total-nodes: -j CLUSTERIP --total-nodes
clusterip-local-node: -j CLUSTERIP --local-node
clusterip-hash-init: -j CLUSTERIP --hash-init
connmark: -j CONNMARK --set-mark
set-connmark: -j CONNMARK --set-mark
mask: --mask
connmark-save: -j CONNMARK --save-mark
save-connmark: -j CONNMARK --save-mark
connmark-restore: -j CONNMARK --restore-mark
restore-connmark: -j CONNMARK --restore-mark
dnat: -j DNAT --to-destination
[35;1H[K[7m/etc/net/ifaces/default/fw/iptables/syntax lines 1-34/299 10%[27m[35;1H[35;1H[Kdnat-to: -j DNAT --to-destination
dnat-to-destination: -j DNAT --to-destination
set-dscp: -j DSCP --set-dscp
set-dscp-class: -j DSCP --set-dscp-class
ecn-tcp-remove: -j ECN --ecn-tcp-remove
log: -j LOG
log-level: --log-level
log-prefix: --log-prefix
log-tcp-sequence: --log-tcp-sequence
log-tcp-options: --log-tcp-options
log-ip-options: --log-ip-options
log-uid: --log-uid
mark: -j MARK --set-mark
set-mark: -j MARK --set-mark
masquerade: -j MASQUERADE
masquerade-to-ports: -j MASQUERADE --to-ports
mirror: -j MIRROR
netmap: -j NETMAP --to
netmap-to: -j NETMAP --to
notrack: -j NOTRACK
redirect: -j REDIRECT
redirect-to: -j REDIRECT --to-ports
redirect-to-ports: -j REDIRECT --to-ports
reject: -j REJECT
reject-with: -j REJECT --reject-with
route-to: -j ROUTE --oif
route-from: -j ROUTE --iif
route-gw: -j ROUTE --gw
route-continue: -j ROUTE --continue
route-tee: -j ROUTE --tee
add-set: -j SET --add-set
del-set: -j SET --del-set
snat: -j SNAT --to-source
snat-to: -j SNAT --to-source
[35;1H[K[7m/etc/net/ifaces/default/fw/iptables/syntax lines 35-68/299 23%[27m[35;1H[K[?1l>[?1049l]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# less /etc/net/ifaces/default/fw/iptables/syntax
[root@demo nat]# [27Prpm -ql etcnet | less
[root@demo nat]# service network restart
[root@demo nat]# echo "snat-to 10.0.2.15" > POSTROUTING
[root@demo nat]# echo "snat-to[1P[1P[1P[1P[1P[1P[1P[1@-[1@j
[root@demo nat]# echo "-j [1@ [1@S[1@N[1@A[1@T
[root@demo nat]# echo "-j SNAT [1@ [1@-[1@-[1@t[1@o[1@-[1@s[1@o[1@u[1@r[1@c[1@e
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# ][Kservice
[5@(reverse-i-search)`':
(reverse-i-search)`': service
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# service network restart
Computing interface groups: ... 3 interfaces found
Processing /etc/net/vlantab: empty.
Stopping group 1/realphys (2 interfaces)
Stopping eth0:
Stopping iptables for eth0
Unloading rules for the "POSTROUTING" chain in the "nat" tableiptables: No chain/target/match by that name
ERROR: /etc/net/scripts/config-fw: /sbin/iptables -t nat -D POSTROUTING -j SNAT --to-source 10.0.2.15
.
..OK
Stopping eth1: ..OK
Stopping group 0/virtual (1 interfaces)
Stopping lo: .OK
Stopping iptables for default
Flushing the "OUTPUT" chain in the "filter" table
Flushing the "FORWARD" chain in the "filter" table
Flushing the "INPUT" chain in the "filter" table
Flushing the "POSTROUTING" chain in the "nat" table
Flushing the "OUTPUT" chain in the "nat" table
Flushing the "PREROUTING" chain in the "nat" table
Flushing the "POSTROUTING" chain in the "mangle" table
Flushing the "OUTPUT" chain in the "mangle" table
Flushing the "FORWARD" chain in the "mangle" table
Flushing the "INPUT" chain in the "mangle" table
Flushing the "PREROUTING" chain in the "mangle" table
Deleting the "stdin" chain from the "filter" table
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Starting iptables for default
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Creating the "stdin" chain in the "filter" table
Computing interface groups: ... 3 interfaces found
Starting group 0/virtual (1 interfaces)
Starting lo: ....OK
Starting group 1/realphys (2 interfaces)
Starting eth0: ....
Starting iptables for eth0
Loading rules for the "POSTROUTING" chain in the "nat" table.
.OK
Starting eth1: .....OK
Processing /etc/net/vlantab: empty.
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# iptables-save
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:39:59 2008
*mangle
:PREROUTING ACCEPT [702:496570]
:INPUT ACCEPT [592:486572]
:FORWARD ACCEPT [75:4034]
:OUTPUT ACCEPT [480:56993]
:POSTROUTING ACCEPT [682:90259]
COMMIT
# Completed on Tue Jul 8 18:39:59 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:39:59 2008
*nat
:PREROUTING ACCEPT [46:6854]
:POSTROUTING ACCEPT [46:4207]
:OUTPUT ACCEPT [55:4959]
-A POSTROUTING -j SNAT --to-source 10.0.2.15
COMMIT
# Completed on Tue Jul 8 18:39:59 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:39:59 2008
*filter
:INPUT ACCEPT [22:6512]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [24:6536]
:stdin - [0:0]
COMMIT
# Completed on Tue Jul 8 18:39:59 2008
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# grep[Kfind /usr/share/doc/etcnet-0.9.6/ -name [K[K[K[K[Kiname postrouting
/usr/share/doc/etcnet-0.9.6/examples/OpenVPN-TAP/i0060756/fw/iptables/nat/POSTROUTING
/usr/share/doc/etcnet-0.9.6/examples/firewall-hiddenman/ifaces/default/fw/iptables/nat/POSTROUTING
/usr/share/doc/etcnet-0.9.6/examples/Complex-without-QoS/ifaces/office-net/fw/iptables/nat/POSTROUTING
/usr/share/doc/etcnet-0.9.6/examples/Complex-without-QoS/ifaces/ppp20/fw/iptables/nat/POSTROUTING
/usr/share/doc/etcnet-0.9.6/examples/OpenVPN-to-satellite/ifaces/sc7am1/fw/iptables/nat/POSTROUTING
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# find /usr/share/doc/etcnet-0.9.6/ -iname postrouting -exec cat {} \;
snat-to ${IPV4ADDRESS} to-iface ${NAME}
snat-to 5.6.7.8 if marked as 1
return if all from $COMPANY1_OFFICE_NET to $COMPANY1_DMZ_NET
return if all from $COMPANY1_OFFICE_NET to $COMPANY1_DMZ_NET2
return if all from $COMPANY1_OFFICE_NET to $COMPANY1_DMZ_NET3
return if all from $COMPANY2_OFFICE_NET to $COMPANY1_DMZ_NET
return if all from $COMPANY2_OFFICE_NET to $COMPANY1_DMZ_NET2
return if all from $COMPANY2_OFFICE_NET to $COMPANY1_DMZ_NET3
return if all from $COMPANY1_USER_F29_LAST29_IP to $COMPANY1_VOIP_PROXY_IP
jump-to OFFICE-SNAT if all from $COMPANY1_OFFICE_NET
jump-to OFFICE-SNAT if all from $COMPANY1_DMZ_NET
jump-to OFFICE-SNAT if all from $COMPANY1_DMZ_NET2
jump-to OFFICE-SNAT if all from $COMPANY1_DMZ_NET3
return if all from $COMPANY1_VOIP_PROXY_IP to $USER_F1_LAST1_IP
snat-to $NAME_IP if all from $COMPANY1_VOIP_PROXY_IP
snat-to ${IPV4ADDRESS} to-iface ${NAME}
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# find /usr/share/doc/etcnet-0.9.6/ -iname postrouting -exec cat {} \;[K
[root@demo nat]# iptables-save [Kservice network restart
[root@demo nat]# echo "-j SNAT --to-source 10.0.2.15" > POSTROUTING
[root@demo nat]# [2Pless /etc/net/ifaces/default/fw/iptables/syntax
[root@demo nat]# [27Prpm -ql etcnet | less
[root@demo nat]# service network restart
[root@demo nat]# echo "snat-to 10.0.2.15" > POSTROUTING[1P[1@'[1P[1@'
[root@demo nat]# echo 's
[root@demo nat]# echo 'sn
[root@demo nat]# echo 'sna
[root@demo nat]# echo 'snat
[root@demo nat]# echo 'snat-
[root@demo nat]# echo 'snat-t
[root@demo nat]# echo 'snat-to
[root@demo nat]# echo 'snat-to
[root@demo nat]# echo 'snat-to 1
[root@demo nat]# echo 'snat-to 10
[root@demo nat]# echo 'snat-to 10.
[root@demo nat]# echo 'snat-to 10.0
[root@demo nat]# echo 'snat-to 10.0.
[root@demo nat]# echo 'snat-to 10.0.2
[root@demo nat]# echo 'snat-to 10.0.2.
[root@demo nat]# echo 'snat-to 10.0.2.1
[root@demo nat]# echo 'snat-to 10.0.2.15[1@ [1P
[root@demo nat]# echo 'snat-to 10.0.2.15'
[root@demo nat]# [15Pservice network restart
[root@demo nat]# [2Prpm -ql etcnet | less
[root@demo nat]# less /etc/net/ifaces/default/fw/iptables/syntax
[root@demo nat]# echo "-j SNAT --to-source 10.0.2.15" > POSTROUTING[1P[1@'[1P[1@'
[root@demo nat]# echo '-
[root@demo nat]# echo '-j
[root@demo nat]# echo '-j
[root@demo nat]# echo '-j S
[root@demo nat]# echo '-j SN
[root@demo nat]# echo '-j SNA
[root@demo nat]# echo '-j SNAT
[root@demo nat]# echo '-j SNAT
[root@demo nat]# echo '-j SNAT -
[root@demo nat]# echo '-j SNAT --
[root@demo nat]# echo '-j SNAT --t
[root@demo nat]# echo '-j SNAT --to
[root@demo nat]# echo '-j SNAT --to-
[root@demo nat]# echo '-j SNAT --to-s
[root@demo nat]# echo '-j SNAT --to-so
[root@demo nat]# echo '-j SNAT --to-sou
[root@demo nat]# echo '-j SNAT --to-sour
[root@demo nat]# echo '-j SNAT --to-sourc
[root@demo nat]# echo '-j SNAT --to-source
[root@demo nat]# echo '-j SNAT --to-source
[root@demo nat]# echo '-j SNAT --to-source 1
[root@demo nat]# echo '-j SNAT --to-source 10
[root@demo nat]# echo '-j SNAT --to-source 10.
[root@demo nat]# echo '-j SNAT --to-source 10.0
[root@demo nat]# echo '-j SNAT --to-source 10.0.
[root@demo nat]# echo '-j SNAT --to-source 10.0.2
[root@demo nat]# echo '-j SNAT --to-source 10.0.2.
[root@demo nat]# echo '-j SNAT --to-source 10.0.2.1
[root@demo nat]# echo '-j SNAT --to-source 10.0.2.15[1P[1P[1P[1P[1P[1P[1P[1P[1P[1@$[1@{[1@I[1@P[1@V[1@4[1@A[1@D[1@D[1@R[1@E[1@S[1@S[1@}
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# echo '-j SNAT --to-source ${IPV4ADDRESS}' > POSTROUTING
[root@demo nat]# find /usr/share/doc/etcnet-0.9.6/ -iname postrouting -exec cat {} \;[K
[root@demo nat]# iptables-save [Kservice network restart
Computing interface groups: ... 3 interfaces found
Processing /etc/net/vlantab: empty.
Stopping group 1/realphys (2 interfaces)
Stopping eth0:
Stopping iptables for eth0
Unloading rules for the "POSTROUTING" chain in the "nat" tableiptables v1.3.7: Unknown arg `--to-source'
Try `iptables -h' or 'iptables --help' for more information.
ERROR: /etc/net/scripts/config-fw: /sbin/iptables -t nat -D POSTROUTING -j SNAT --to-source ${IPV4ADDRESS}
.
..OK
Stopping eth1: ..OK
Stopping group 0/virtual (1 interfaces)
Stopping lo: .OK
Stopping iptables for default
Flushing the "OUTPUT" chain in the "filter" table
Flushing the "FORWARD" chain in the "filter" table
Flushing the "INPUT" chain in the "filter" table
Flushing the "POSTROUTING" chain in the "nat" table
Flushing the "OUTPUT" chain in the "nat" table
Flushing the "PREROUTING" chain in the "nat" table
Flushing the "POSTROUTING" chain in the "mangle" table
Flushing the "OUTPUT" chain in the "mangle" table
Flushing the "FORWARD" chain in the "mangle" table
Flushing the "INPUT" chain in the "mangle" table
Flushing the "PREROUTING" chain in the "mangle" table
Deleting the "stdin" chain from the "filter" table
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Starting iptables for default
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Creating the "stdin" chain in the "filter" table
Computing interface groups: ... 3 interfaces found
Starting group 0/virtual (1 interfaces)
Starting lo: ....OK
Starting group 1/realphys (2 interfaces)
Starting eth0: ....
Starting iptables for eth0
Loading rules for the "POSTROUTING" chain in the "nat" table.
.OK
Starting eth1: .....OK
Processing /etc/net/vlantab: empty.
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# iptables-save
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:43:17 2008
*mangle
:PREROUTING ACCEPT [724:504432]
:INPUT ACCEPT [612:493282]
:FORWARD ACCEPT [75:4034]
:OUTPUT ACCEPT [502:63727]
:POSTROUTING ACCEPT [722:103567]
COMMIT
# Completed on Tue Jul 8 18:43:17 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:43:17 2008
*nat
:PREROUTING ACCEPT [48:8006]
:POSTROUTING ACCEPT [47:4593]
:OUTPUT ACCEPT [57:5732]
-A POSTROUTING -j SNAT --to-source 10.0.2.15
COMMIT
# Completed on Tue Jul 8 18:43:17 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 18:43:17 2008
*filter
:INPUT ACCEPT [20:6710]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [22:6734]
:stdin - [0:0]
COMMIT
# Completed on Tue Jul 8 18:43:17 2008
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# iptables-save service network restart
Computing interface groups: ... 3 interfaces found
Processing /etc/net/vlantab: empty.
Stopping group 1/realphys (2 interfaces)
Stopping eth0:
Stopping iptables for eth0
Unloading rules for the "POSTROUTING" chain in the "nat" tableiptables v1.3.7: Unknown arg `--to-source'
Try `iptables -h' or 'iptables --help' for more information.
ERROR: /etc/net/scripts/config-fw: /sbin/iptables -t nat -D POSTROUTING -j SNAT --to-source ${IPV4ADDRESS}
.
..OK
Stopping eth1: ..OK
Stopping group 0/virtual (1 interfaces)
Stopping lo: .OK
Stopping iptables for default
Flushing the "OUTPUT" chain in the "filter" table
Flushing the "FORWARD" chain in the "filter" table
Flushing the "INPUT" chain in the "filter" table
Flushing the "POSTROUTING" chain in the "nat" table
Flushing the "OUTPUT" chain in the "nat" table
Flushing the "PREROUTING" chain in the "nat" table
Flushing the "POSTROUTING" chain in the "mangle" table
Flushing the "OUTPUT" chain in the "mangle" table
Flushing the "FORWARD" chain in the "mangle" table
Flushing the "INPUT" chain in the "mangle" table
Flushing the "PREROUTING" chain in the "mangle" table
Deleting the "stdin" chain from the "filter" table
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Starting iptables for default
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Creating the "stdin" chain in the "filter" table
Computing interface groups: ... 3 interfaces found
Starting group 0/virtual (1 interfaces)
Starting lo: ....OK
Starting group 1/realphys (2 interfaces)
Starting eth0: ....
Starting iptables for eth0
Loading rules for the "POSTROUTING" chain in the "nat" table.
.OK
Starting eth1: .....OK
Processing /etc/net/vlantab: empty.
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]#
[K[root@demo nat]#
[K[root@demo nat]#
[K[root@demo nat]# hce\[K[K[K[Kchkconfig --list
acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off
anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
atieventsd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off
c-icap 0:off 1:off 2:off 3:off 4:off 5:off 6:off
clamd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
configd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
consolesaver 0:off 1:off 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off
dm 0:off 1:off 2:off 3:off 4:off 5:on 6:off
ethtool 0:off 1:off 2:off 3:off 4:off 5:off 6:off
fbsetfont 0:off 1:off 2:off 3:on 4:on 5:on 6:off
gssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off
hotplug 0:off 1:off 2:on 3:on 4:on 5:on 6:off
httpd-alterator 0:off 1:off 2:on 3:on 4:on 5:on 6:off
httpd2 0:off 1:off 2:off 3:off 4:off 5:off 6:off
idmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ifplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ifrename 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ipw3945d 0:off 1:off 2:off 3:off 4:off 5:off 6:off
jetty5 0:off 1:off 2:off 3:off 4:off 5:off 6:off
keytable 0:off 1:off 2:on 3:on 4:on 5:on 6:off
kheaders 0:off 1:off 2:on 3:on 4:on 5:on 6:off
klogd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
lm_sensors 0:off 1:off 2:on 3:on 4:on 5:on 6:off
mdadm 0:off 1:off 2:on 3:on 4:on 5:on 6:off
messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
nfslock 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
portmap 0:off 1:off 2:on 3:on 4:on 5:on 6:off
postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off
pptptunnel 0:off 1:off 2:off 3:off 4:off 5:off 6:off
random 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off
sound 0:off 1:off 2:on 3:on 4:on 5:on 6:off
splash 0:off 1:off 2:on 3:on 4:on 5:on 6:off
squid 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sshd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sysfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
syslogd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
tomcat5 0:off 1:off 2:off 3:off 4:off 5:off 6:off
udevd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
udevd-final 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ulogd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
update_wms 0:off 1:off 2:off 3:on 4:on 5:on 6:off
winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
wine 0:off 1:off 2:on 3:on 4:on 5:on 6:off
x11_autosetup 0:off 1:off 2:off 3:on 4:off 5:on 6:off
x11presetdrv 0:off 1:off 2:off 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
xinetd based services:
chargen-tcp: off
chargen-udp: off
cups-lpd: off
daytime-tcp: off
daytime-udp: off
discard-tcp: off
discard-udp: off
echo-tcp: off
echo-udp: off
time-tcp: off
time-udp: off
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# chkconfig --list iptables
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]#
[K[root@demo nat]#
[K[root@demo nat]#
[K[root@demo nat]#
[K[root@demo nat]# cat /etc/resolv.conf
# Generated by dhcpcd for interface eth0
search intranet.mpgu.edu.ru
nameserver 10.0.2.3
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# iptables -A FORWARD -j filet[K[K[K[K[K[K[Kt [K[K[K
[root@demo nat]# iptables -[1@-[1@t[1@ [1@f[1@i[1@l[1@t[1@e[1@r[1@
[root@demo nat]# iptables -t filter -A FORWARD -d linux.org.ru -j DROP[K[K[K[KLOG --loglevel-level
[root@demo nat]# iptables -t filter -A FORWARD -d linux.org.ru -j LOG --log-level 2[Kdebug[K[K[K[K[Klogging[K[K[K[K[K[K[Kwarning
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# iptables -t filter -A FORWARD -d linux.org.ru -j LOG --log-level warning[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[KDROP
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# netcat linux.org.ru 80
[root@demo nat]# [1@c[1@a[1@l[1@ [1@|[1@
HTTP/1.1 400 Bad Request
Date: Tue, 08 Jul 2008 15:19:53 GMT
Server: Apache/2.2.8 (Fedora)
Content-Length: 352
Connection: close
Content-Type: text/html; charset=iso-8859-1
400 Bad Request
Bad Request
Your browser sent a request that this server could not understand.
Request header field is missing ':' separator.
Su Mo Tu We Th Fr Sa 1 2 3 4 5 6 7 8 9 10 11 12
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# tail /var/log/syslog/
tail: error reading `/var/log/syslog/': Is a directory
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# tail /var/log/syslog/
alert boot messages.1.bz2 sudo
alert.1.bz2 messages spooler
[root@demo nat]# tail /var/log/syslog/messages
Jul 8 18:44:00 demo last message repeated 4 times
Jul 8 18:50:03 demo crond[10275]: (root) CMD ( [ -f /var/run/clamav/clamd.pid ] && /usr/bin/freshclam --quiet --daemon-notify)
Jul 8 19:01:01 demo crond[10284]: (root) CMD (run-parts /etc/cron.hourly)
Jul 8 19:08:00 demo kernel: atkbd.c: Spurious NAK on isa0060/serio0. Some program might be trying access hardware directly.
Jul 8 19:10:11 demo kernel: atkbd.c: Spurious NAK on isa0060/serio0. Some program might be trying access hardware directly.
Jul 8 19:12:34 demo kernel: atkbd.c: Spurious NAK on isa0060/serio0. Some program might be trying access hardware directly.
Jul 8 19:16:43 demo kernel: ipt_LOG: not logging via system console since somebody else already registered for PF_INET
Jul 8 19:19:09 demo kernel: atkbd.c: Spurious NAK on isa0060/serio0. Some program might be trying access hardware directly.
Jul 8 19:19:13 demo kernel: IN=eth1 OUT=eth0 SRC=172.16.0.2 DST=217.76.32.61 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=16897 DF PROTO=TCP SPT=1395 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jul 8 19:19:16 demo kernel: IN=eth1 OUT=eth0 SRC=172.16.0.2 DST=217.76.32.61 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=16898 DF PROTO=TCP SPT=1395 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# dhcpcd
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# apt-cache search dhcp
ppp-dhcp - DHCP plugin for ppp
avahi-autoipd - Assigning link-local IP addresses service
dhcpcd - DHCP Client Daemon
dhcp-common - Dynamic Host Configuration Protocol (DHCP) distribution
dhcp-server - The ISC DHCP server daemon
vlan-utils - Userspace utilities for controlling VLANs on ethernet devices
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# apt-get install dhcp-server
Reading Package Lists... 0%
Reading Package Lists... 100%
Reading Package Lists... Done
Building Dependency Tree... 0%
Building Dependency Tree... 0%
Building Dependency Tree... 50%
Building Dependency Tree... 50%
Building Dependency Tree... 98%
Building Dependency Tree... Done
The following extra packages will be installed:
dhcp-common
The following NEW packages will be installed:
dhcp-common dhcp-server
0 upgraded, 2 newly installed, 0 removed and 6 not upgraded.
Need to get 0B/615kB of archives.
After unpacking 1865kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
0% [Working]
33% [Working]
66% [Working]
Committing changes...
Preparing... ( 50%)# ( 50%)## ( 50%)### ( 50%)#### ( 50%)##### ( 50%)###### ( 50%)####### ( 50%)######## ( 50%)######### ( 50%)########## ( 50%)########### ( 50%)############ ( 50%)############# ( 50%)############## ( 50%)############### ( 50%)################ ( 50%)################# ( 50%)################## ( 50%)################### ( 50%)#################### ( 50%)##################### ( 50%)###################### ( 50%)####################### ( 50%)######################## ( 50%)######################### ( 50%)########################## ( 50%)########################### ( 50%)############################ ( 50%)############################# ( 50%)############################## ( 50%)############################### ( 50%)################################ (100%)################################# (100%)################################## (100%)################################### (100%)#################################### (100%)##################################### (100%)###################################### (100%)####################################### (100%)######################################## (100%)######################################### (100%)########################################## (100%)########################################### (100%)############################################ (100%)############################################# (100%)############################################## (100%)############################################### (100%)################################################ (100%)################################################# (100%)################################################## (100%)################################################### (100%)#################################################### (100%)##################################################### (100%)###################################################### (100%)####################################################### (100%)######################################################## (100%)######################################################### (100%)########################################################## (100%)########################################################### (100%)############################################################ (100%)############################################################# (100%)############################################################## (100%)############################################################### (100%)############################################################### [100%]
1: dhcp-common ( 2%)# ( 7%)## ( 7%)### ( 7%)#### ( 8%)##### ( 10%)###### ( 11%)####### ( 16%)######## ( 16%)######### ( 16%)########## ( 22%)########### ( 22%)############ ( 22%)############# ( 22%)############## ( 27%)############### ( 27%)################ ( 27%)################# ( 33%)################## ( 33%)################### ( 33%)#################### ( 33%)##################### ( 36%)###################### ( 36%)####################### ( 39%)######################## ( 39%)######################### ( 43%)########################## ( 43%)########################### ( 43%)############################ ( 49%)############################# ( 49%)############################## ( 49%)############################### ( 54%)################################ ( 54%)################################# ( 54%)################################## ( 54%)################################### ( 60%)#################################### ( 60%)##################################### ( 60%)###################################### ( 65%)####################################### ( 65%)######################################## ( 65%)######################################### ( 65%)########################################## ( 68%)########################################### ( 69%)############################################ ( 71%)############################################# ( 72%)############################################## ( 76%)############################################### ( 76%)################################################ ( 76%)################################################# ( 81%)################################################## ( 81%)################################################### ( 81%)#################################################### ( 86%)##################################################### ( 86%)###################################################### ( 86%)####################################################### ( 90%)######################################################## ( 90%)######################################################### ( 90%)########################################################## ( 96%)########################################################### ( 96%)############################################################ ( 96%)############################################################# ( 97%)############################################################## ( 99%)############################################################### (100%)############################################################### [ 50%]
2: dhcp-server ( 10%)# ( 10%)## ( 10%)### ( 10%)#### ( 10%)##### ( 10%)###### ( 20%)####### ( 20%)######## ( 20%)######### ( 20%)########## ( 20%)########### ( 20%)############ ( 29%)############# ( 29%)############## ( 29%)############### ( 29%)################ ( 29%)################# ( 29%)################## ( 29%)################### ( 39%)#################### ( 39%)##################### ( 39%)###################### ( 39%)####################### ( 39%)######################## ( 39%)######################### ( 49%)########################## ( 49%)########################### ( 49%)############################ ( 49%)############################# ( 49%)############################## ( 49%)############################### ( 58%)################################ ( 58%)################################# ( 58%)################################## ( 58%)################################### ( 58%)#################################### ( 58%)##################################### ( 68%)###################################### ( 68%)####################################### ( 68%)######################################## ( 68%)######################################### ( 68%)########################################## ( 68%)########################################### ( 78%)############################################ ( 78%)############################################# ( 78%)############################################## ( 78%)############################################### ( 78%)################################################ ( 78%)################################################# ( 78%)################################################## ( 88%)################################################### ( 88%)#################################################### ( 88%)##################################################### ( 88%)###################################################### ( 88%)####################################################### ( 88%)######################################################## ( 90%)######################################################### ( 90%)########################################################## ( 94%)########################################################### ( 94%)############################################################ ( 97%)############################################################# ( 97%)############################################################## ( 98%)############################################################### (100%)############################################################### [100%]
Done.
]0;root@demo: /etc/net/ifaces/eth0/fw/iptables/nat[root@demo nat]# cd /etc/dhcp
dhcp/ dhcpcd.sh
[root@demo nat]# cd /etc/dhcp/dhcpd.conf.sample [K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K[K
]0;root@demo: /etc/dhcp[root@demo dhcp]# ls
[00m[00mdhcpd.conf.sample[00m
[m]0;root@demo: /etc/dhcp[root@demo dhcp]# cp dhcpd.conf.sample dhcpd.conf.sample [K[K[K[K[K[K[K[K
]0;root@demo: /etc/dhcp[root@demo dhcp]# vim dhcpd.conf
7[?47h[?1h=[1;35r[?12;25h[?12l[?25h[27m[m[H[2J[?25l[35;1H"dhcpd.conf"
"dhcpd.conf" 16L, 396C[>c[1;1H[34m# See dhcpd.conf(5) for further configuration[m
ddns-update-style none;
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers[10C192.168.0.1;
option subnet-mask 255.255.255.0;[9;5Hoption nis-domain[7C[31m"domain.org"[m;
option domain-name [31m"domain.org"[m;
option domain-name-servers 192.168.1.1;[13;5Hrange dynamic-bootp 192.168.0.128 192.168.0.254;
default-lease-time 21600;
max-lease-time 43200;
}
[1m[34m~ [18;1H~ [19;1H~ [20;1H~ [21;1H~ [22;1H~ [23;1H~ [24;1H~ [25;1H~ [26;1H~ [27;1H~ [28;1H~ [29;1H~ [30;1H~ [31;1H~ [32;1H~ [33;1H~ [34;1H~ [m[35;83H1,1 All[1;1H[?12l[?25h[?25l[35;73H5 [1;1H[?12l[?25h[?25l[35;73H5j [1;1H[35;73H [6;4H[35;83H6,1-4 All[6;4H[?12l[?25h[?25l[35;73Hk [6;4H[35;73H [5;1H[35;83H5,1 All[5;1H[?12l[?25h[?25l[35;73Hw [5;1H[35;73H [5;8H[35;83H5,8 All[5;8H[?12l[?25h[?25l[35;73Hc [5;8H[?12l[?25h[?25l[35;73Hcf [5;8H[?12l[?25h[?25l[35;73Hcf [5;8H[35;73H [5;8H[35;1H[1m-- INSERT --[m[35;14H[K[35;83H5,8 All[5;8Hnetmask 255.255.255.0 {[5;31H[K[5;8H[?12l[?25h[?25l1netmask 255.255.255.0 {[35;83H5,9 All[5;9H[?12l[?25h[?25l7netmask 255.255.255.0 {[35;83H5,10 All[5;10H[?12l[?25h[?25l2netmask 255.255.255.0 {[35;83H5,11 All[5;11H[?12l[?25h[?25l.netmask 255.255.255.0 {[35;83H5,12 All[5;12H[?12l[?25h[?25l1netmask 255.255.255.0 {[35;83H5,13 All[5;13H[?12l[?25h[?25l6netmask 255.255.255.0 {[35;83H5,14 All[5;14H[?12l[?25h[?25l.netmask 255.255.255.0 {[35;83H5,15 All[5;15H[?12l[?25h[?25l0netmask 255.255.255.0 {[35;83H5,16 All[5;16H[?12l[?25h[?25l.netmask 255.255.255.0 {[35;83H5,17 All[5;17H[?12l[?25h[?25l0netmask 255.255.255.0 {[35;83H5,18 All[5;18H[?12l[?25h[?25l netmask 255.255.255.0 {[35;83H5,19 All[5;19H[?12l[?25h[35;1H[K[5;18H[?25l[35;73H^[ [5;18H[?12l[?25h[?25l[35;73H [5;19H[35;83H5,18 All[5;18H[?12l[?25h[?25l[35;73Hu [5;18H[35;1H1 change; before #1 13 seconds ago[35;73H[K[35;73H [5;8H192.168.0.0 netmask 255.255.255.0 {[35;83H5,8 All[5;8H[?12l[?25h[?25l[35;73H^R [5;8H[35;1H1 change; after #1 19 seconds ago[35;35H[K[35;73H [5;8H172.16.0.0 netmask 255.255.255.0 {[5;42H[K[35;83H5,8 All[5;8H[?12l[?25h[?25l[35;73H2 [5;8H[?12l[?25h[?25l[35;73H2w [5;8H[35;73H [5;12H[35;83H5,12 All[5;12H[?12l[?25h[?25l[35;73Hw [5;12H[35;73H [5;14H[35;83H5,14 All[5;14H[?12l[?25h[?25l[35;73Hw [5;14H[35;73H [5;15H[35;83H5,15 All[5;15H[?12l[?25h[?25l[35;73Hw [5;15H[35;73H [5;16H[35;83H5,16 All[5;16H[?12l[?25h[?25l[35;73Hw [5;16H[35;73H [5;17H[35;83H5,17 All[5;17H[?12l[?25h[?25l[35;73Hj [5;17H[35;73H [6;17H[35;83H6,14-17 All[6;17H[?12l[?25h[?25l[35;73Hw [6;17H[35;73H [6;29H[35;83H6,19-29 All[6;29H[?12l[?25h[?25l[35;73Hc [6;29H[?12l[?25h[?25l[35;73Hc2 [6;29H[?12l[?25h[?25l[35;73Hc2t [6;29H[?12l[?25h[?25l[35;73Hc2t. [6;29H[35;73H [6;29H[35;1H[1m-- INSERT --[m[35;13H[K[35;83H6,19-29 All[6;29H.0.1;[6;34H[K[6;29H[?12l[?25h[?25li.0.1;[35;83H6,20-30 All[6;30H[?12l[?25h[?25l[35;1H[1m-- REPLACE --[m[35;83H[K[35;83H6,20-30 All[6;30H[?12l[?25h[?25l[35;1H[1m-- INSERT --[m[35;13H[K[35;83H6,20-30 All[6;30H[?12l[?25h[?25l.0.1;[6;34H[K[35;83H6,19-29 All[6;29H[?12l[?25h[?25l1.0.1;[35;83H6,20-30 All[6;30H[?12l[?25h[?25l7.0.1;[35;83H6,21-31 All[6;31H[?12l[?25h[?25l2.0.1;[35;83H6,22-32 All[6;32H[?12l[?25h[?25l..0.1;[35;83H6,23-33 All[6;33H[?12l[?25h[?25l1.0.1;[35;83H6,24-34 All[6;34H[?12l[?25h[?25l6.0.1;[35;83H6,25-35 All[6;35H[?12l[?25h[35;1H[K[6;34H[?25l[35;73H^[ [6;34H[?12l[?25h[?25l[35;73H [6;35H[35;83H6,24-34 All[6;34H[?12l[?25h[?25l[35;73H3 [6;34H[?12l[?25h[?25l[35;73H3j [6;34H[35;73H [9;34H[35;83H9,26-34 All[9;34H[?12l[?25h[?25l[35;73Hd [9;34H[?12l[?25h[?25l[35;73Hdd [9;34H[35;73H [9;5H[9;34r[34;1H
[1;35r[34;1H[1m[34m~ [m[35;83H[K[35;83H9,2-5 All[9;5H[?12l[?25h[?25l[35;73H3 [9;5H[?12l[?25h[?25l[35;73H3w [9;5H[35;73H [9;19H[35;83H9,16-19 All[9;19H[?12l[?25h[?25l[35;73Hw [9;19H[35;73H [9;29H[35;83H9,22-29 All[9;29H[?12l[?25h[?25l[35;73Hw [9;29H[35;73H [9;30H[35;83H9,23-30 All[9;30H[?12l[?25h[?25l[35;73Hd [9;30H[?12l[?25h[?25l[35;73Hdt [9;30H[?12l[?25h[?25l[35;73Hdt" [9;30H[35;73H [9;30H[31m"[m;[9;32H[K[9;30H[?12l[?25h[?25l[35;73Hi [9;30H[35;73H [9;30H[35;1H[1m-- INSERT --[m[35;83H[K[35;83H9,23-30 All[9;30H[?12l[?25h[?25l[31md"[m;[35;83H9,24-31 All[9;31H[?12l[?25h[?25l[31me"[m;[35;83H9,25-32 All[9;32H[?12l[?25h[?25l[31mm"[m;[35;83H9,26-33 All[9;33H[?12l[?25h[?25l[31mo"[m;[35;83H9,27-34 All[9;34H[?12l[?25h[?25l[31m."[m;[35;83H9,28-35 All[9;35H[?12l[?25h[?25l[31mc"[m;[35;83H9,29-36 All[9;36H[?12l[?25h[?25l[31ml"[m;[35;83H9,30-37 All[9;37H[?12l[?25h[?25l[31ma"[m;[35;83H9,31-38 All[9;38H[?12l[?25h[?25l[31ms"[m;[35;83H9,32-39 All[9;39H[?12l[?25h[?25l[31ms"[m;[35;83H9,33-40 All[9;40H[?12l[?25h[?25l[31m."[m;[35;83H9,34-41 All[9;41H[?12l[?25h[?25l[31ma"[m;[35;83H9,35-42 All[9;42H[?12l[?25h[?25l[31ml"[m;[35;83H9,36-43 All[9;43H[?12l[?25h[?25l[31mt"[m;[35;83H9,37-44 All[9;44H[?12l[?25h[?25l[31ml"[m;[35;83H9,38-45 All[9;45H[?12l[?25h[?25l[31mi"[m;[35;83H9,39-46 All[9;46H[?12l[?25h[?25l[31mn"[m;[35;83H9,40-47 All[9;47H[?12l[?25h[?25l[31mu"[m;[35;83H9,41-48 All[9;48H[?12l[?25h[?25l[31mx"[m;[35;83H9,42-49 All[9;49H[?12l[?25h[?25l[31m."[m;[35;83H9,43-50 All[9;50H[?12l[?25h[?25l[31mr"[m;[35;83H9,44-51 All[9;51H[?12l[?25h[?25l[31mu"[m;[35;83H9,45-52 All[9;52H[?12l[?25h[35;1H[K[9;51H[?25l[35;73H^[ [9;51H[?12l[?25h[?25l[35;73H [9;52H[35;83H9,44-51 All[9;51H[?12l[?25h[?25l[35;73Hj [9;51H[35;73H [10;44H[35;83H10,40-44 All[10;44H[?12l[?25h[?25l[35;73Hb [10;44H[35;73H [10;43H[35;83H10,39-43 All[10;43H[?12l[?25h[?25l[35;73Hb [10;43H[35;73H [10;42H[35;83H10,38-42 All[10;42H[?12l[?25h[?25l[35;73Hb [10;42H[35;73H [10;41H[35;83H10,37-41 All[10;41H[?12l[?25h[?25l[35;73Hb [10;41H[35;73H [10;40H[35;83H10,36-40 All[10;40H[?12l[?25h[?25l[35;73Hb [10;40H[35;73H [10;37H[35;83H10,33-37 All[10;37H[?12l[?25h[?25l[35;73Hb [10;37H[35;73H [10;36H[35;83H10,32-36 All[10;36H[?12l[?25h[?25l[35;73Hb [10;36H[35;73H [10;33H[35;83H10,29-33 All[10;33H[?12l[?25h[?25l[35;73Hc [10;33H[?12l[?25h[?25l[35;73Hcf [10;33H[?12l[?25h[?25l[35;73Hcf: [10;33H[35;73H [10;33H[?12l[?25h[?25l[35;73H~@k [10;33H[35;73H [11;1H[35;83H11,0-1 All[11;1H[?12l[?25h[?25l[35;73H~@k [11;1H[35;73H [10;33H[35;83H10,29-33 All[10;33H[?12l[?25h[?25l[35;73Hc [10;33H[?12l[?25h[?25l[35;73Hct [10;33H[?12l[?25h[?25l[35;73Hct; [10;33H[35;73H [10;33H[35;1H[1m-- INSERT --[m[35;83H[K[35;83H10,29-33 All[10;33H;[10;34H[K[10;33H[?12l[?25h[?25li;[35;83H10,30-34 All[10;34H[?12l[?25h[?25l;[10;34H[K[35;83H10,29-33 All[10;33H[?12l[?25h[?25l1;[35;83H10,30-34 All[10;34H[?12l[?25h[?25l0;[35;83H10,31-35 All[10;35H[?12l[?25h[?25l.;[35;83H10,32-36 All[10;36H[?12l[?25h[?25l0;[35;83H10,33-37 All[10;37H[?12l[?25h[?25l.;[35;83H10,34-38 All[10;38H[?12l[?25h[?25l2;[35;83H10,35-39 All[10;39H[?12l[?25h[?25l.;[35;83H10,36-40 All[10;40H[?12l[?25h[?25l3;[35;83H10,37-41 All[10;41H[?12l[?25h[35;1H[K[10;40H[?25l[35;73H^[ [10;40H[?12l[?25h[?25l[35;73H [10;41H[35;83H10,36-40 All[10;40H[?12l[?25h[?25l[35;73Hj [10;40H[35;73H [11;1H[35;83H11,0-1 All[11;1H[?12l[?25h[?25l[35;73Hj [11;1H[35;73H [12;40H[35;83H12,37-40 All[12;40H[?12l[?25h[?25l[35;73H3 [12;40H[?12l[?25h[?25l[35;73H3b [12;40H[35;73H [12;34H[35;83H12,31-34 All[12;34H[?12l[?25h[?25l[35;73H3 [12;34H[?12l[?25h[?25l[35;73H3b [12;34H[35;73H [12;29H[35;83H12,26-29 All[12;29H[?12l[?25h[?25l[35;73Hb [12;29H[35;73H [12;28H[35;83H12,25-28 All[12;28H[?12l[?25h[?25l[35;73Hb [12;28H[35;73H [12;25H[35;83H12,22-25 All[12;25H[?12l[?25h[?25l[35;73Hc [12;25H[?12l[?25h[?25l[35;73Hct [12;25H[?12l[?25h[?25l[35;73Hct [12;25H[35;73H [12;25H[35;1H[1m-- INSERT --[m[35;83H[K[35;83H12,22-25 All[12;25H 192.168.0.254;[12;40H[K[12;25H[?12l[?25h[?25l1 192.168.0.254;[35;83H12,23-26 All[12;26H[?12l[?25h[?25l7 192.168.0.254;[35;83H12,24-27 All[12;27H[?12l[?25h[?25l2 192.168.0.254;[35;83H12,25-28 All[12;28H[?12l[?25h[?25l. 192.168.0.254;[35;83H12,26-29 All[12;29H[?12l[?25h[?25l1 192.168.0.254;[35;83H12,27-30 All[12;30H[?12l[?25h[?25l6 192.168.0.254;[35;83H12,28-31 All[12;31H[?12l[?25h[?25l. 192.168.0.254;[35;83H12,29-32 All[12;32H[?12l[?25h[?25l0 192.168.0.254;[35;83H12,30-33 All[12;33H[?12l[?25h[?25l. 192.168.0.254;[35;83H12,31-34 All[12;34H[?12l[?25h[?25l0 192.168.0.254;[35;83H12,32-35 All[12;35H[?12l[?25h[35;1H[K[12;34H[?25l[35;73H^[ [12;34H[?12l[?25h[?25l[35;73H [12;35H[35;83H12,31-34 All[12;34H[?12l[?25h[?25l[35;73Hw [12;34H[35;73H [12;36H[35;83H12,33-36 All[12;36H[?12l[?25h[?25l[35;73Hj [12;36H[35;73H [13;29H[35;83H13,26-29 All[13;29H[?12l[?25h[?25l[35;73Hj [13;29H[35;73H [14;25H[35;83H14,22-25 All[14;25H[?12l[?25h[?25l[35;73Hl [14;25H[35;73H [14;25H[?12l[?25h[?25l[35;73Hk [14;25H[35;73H [13;29H[35;83H13,26-29 All[13;29H[?12l[?25h[?25l[35;73Hk [13;29H[35;73H [12;36H[35;83H12,33-36 All[12;36H[?12l[?25h[?25l[35;73Hh [12;36H[35;73H [12;35H[35;83H12,32-35 All[12;35H[?12l[?25h[?25l[35;73Hh [12;35H[35;73H [12;34H[35;83H12,31-34 All[12;34H[?12l[?25h[?25l[35;73Hi [12;34H[35;73H [12;34H[35;1H[1m-- INSERT --[m[35;83H[K[35;83H12,31-34 All[12;34H[?12l[?25h[?25l10 192.168.0.254;[35;83H12,32-35 All[12;35H[?12l[?25h[35;1H[K[12;34H[?25l[35;73H^[ [12;34H[?12l[?25h[?25l[35;73H [12;35H[35;83H12,31-34 All[12;34H[?12l[?25h[?25l[35;73Hw [12;34H[35;73H [12;37H[35;83H12,34-37 All[12;37H[?12l[?25h[?25l[35;73Hc [12;37H[?12l[?25h[?25l[35;73Hct [12;37H[?12l[?25h[?25l[35;73Hct; [12;37H[35;73H [12;37H[35;1H[1m-- INSERT --[m[35;83H[K[35;83H12,34-37 All[12;37H;[12;38H[K[12;37H[?12l[?25h[?25l1;[35;83H12,35-38 All[12;38H[?12l[?25h[?25l7;[35;83H12,36-39 All[12;39H[?12l[?25h[?25l2;[35;83H12,37-40 All[12;40H[?12l[?25h[?25l.;[35;83H12,38-41 All[12;41H[?12l[?25h[?25l1;[35;83H12,39-42 All[12;42H[?12l[?25h[?25l6;[35;83H12,40-43 All[12;43H[?12l[?25h[?25l.;[35;83H12,41-44 All[12;44H[?12l[?25h[?25l0;[35;83H12,42-45 All[12;45H[?12l[?25h[?25l.;[35;83H12,43-46 All[12;46H[?12l[?25h[?25l9;[35;83H12,44-47 All[12;47H[?12l[?25h[?25l9;[35;83H12,45-48 All[12;48H[?12l[?25h[35;1H[K[12;47H[?25l[35;73H^[ [12;47H[?12l[?25h[?25l[35;73H [12;48H[35;83H12,44-47 All[12;47H[?12l[?25h[?25l[35;73Hj [12;47H[35;73H [13;29H[35;83H13,26-29 All[13;29H[?12l[?25h[27m[m[H[2J[?25l[1;1H[34m# See dhcpd.conf(5) for further configuration[m
ddns-update-style none;
subnet 172.16.0.0 netmask 255.255.255.0 {
option routers[10C172.16.0.1;
option subnet-mask 255.255.255.0;[9;5Hoption domain-name [31m"demo.class.altlinux.ru"[m;
option domain-name-servers 10.0.2.3;[12;5Hrange dynamic-bootp 172.16.0.10 172.16.0.99;
default-lease-time 21600;
max-lease-time 43200;
}
[1m[34m~ [17;1H~ [18;1H~ [19;1H~ [20;1H~ [21;1H~ [22;1H~ [23;1H~ [24;1H~ [25;1H~ [26;1H~ [27;1H~ [28;1H~ [29;1H~ [30;1H~ [31;1H~ [32;1H~ [33;1H~ [34;1H~ [m[35;82H13,26-29 All[13;29H[?12l[?25h[27m[m[H[2J[?25l[2;1Hddns-update-style none;
subnet 172.16.0.0 netmask 255.255.255.0 {
option routers[10C172.16.0.1;
option subnet-mask 255.255.255.0;[8;5Hoption domain-name [31m"demo.class.altlinux.ru"[m;
option domain-name-servers 10.0.2.3;[11;5Hrange dynamic-bootp 172.16.0.10 172.16.0.99;
default-lease-time 21600;
max-lease-time 43200;
}
[1m[34m~ [16;1H~ [17;1H~ [18;1H~ [19;1H~ [20;1H~ [21;1H~ [22;1H~ [23;1H~ [24;1H~ [25;1H~ [26;1H~ [27;1H~ [28;1H~ [29;1H~ [30;1H~ [m[31;82H13,26-29 Bot[12;29H[?12l[?25h[?25l[31;72Hg [12;29H[?12l[?25h[?25l[31;72H [12;29H[31;72Hgg [12;29H[31;72H [1;1H[1;30r[1;1H[L[1;31r[1;1H[34m# See dhcpd.conf(5) for further configuration[m[31;82H[K[31;82H1,1 All[1;1H[?12l[?25h[?25l[31;72H^G [1;1H[31;1H"dhcpd.conf" [Modified] 15 lines --6%--[31;72H[K[31;72H [1;1H[31;82H1,1 All[1;1H[?12l[?25h[?25l[31;72H2 [1;1H[?12l[?25h[?25l[31;72H2j [1;1H[31;72H [3;1H[31;82H3,1 All[3;1H[?12l[?25h[?25l[31;72HG [3;1H[31;72H [15;1H[5;41H[46m{[15;1H}[m[31;82H15,1 All[15;1H[?12l[?25h[?25l[31;72Ho [15;1H[31;72H [16;1H[31;1H[1m-- INSERT --[m[31;14H[K[31;82H16,1 All[5;41H{[15;1H}[16;1H[K[16;1H[?12l[?25h[?25l[17;1H[K[31;82H17,1 All[17;1H[?12l[?25h[?25ls[31;82H17,2 All[17;2H[?12l[?25h[?25lu[31;82H17,3 All[17;3H[?12l[?25h[?25lb[31;82H17,4 All[17;4H[?12l[?25h[?25ln[31;82H17,5 All[17;5H[?12l[?25h[?25le[31;82H17,6 All[17;6H[?12l[?25h[?25lt[31;82H17,7 All[17;7H[?12l[?25h[?25l[31;82H17,8 All[17;8H[?12l[?25h[?25l1[31;82H17,9 All[17;9H[?12l[?25h[?25l0[31;82H17,10 All[17;10H[?12l[?25h[?25l.[31;82H17,11 All[17;11H[?12l[?25h[?25l0[31;82H17,12 All[17;12H[?12l[?25h[?25l.[31;82H17,13 All[17;13H[?12l[?25h[?25l0[31;82H17,14 All[17;14H[?12l[?25h[?25l.[31;82H17,15 All[17;15H[?12l[?25h[?25l0[31;82H17,16 All[17;16H[?12l[?25h[?25l[31;82H17,17 All[17;17H[?12l[?25h[?25ln[31;82H17,18 All[17;18H[?12l[?25h[?25le[31;82H17,19 All[17;19H[?12l[?25h[?25lt[31;82H17,20 All[17;20H[?12l[?25h[?25lm[31;82H17,21 All[17;21H[?12l[?25h[?25la[31;82H17,22 All[17;22H[?12l[?25h[?25ls[31;82H17,23 All[17;23H[?12l[?25h[?25lk[31;82H17,24 All[17;24H[?12l[?25h[?25l[31;82H17,25 All[17;25H[?12l[?25h[?25l2[31;82H17,26 All[17;26H[?12l[?25h[?25l5[31;82H17,27 All[17;27H[?12l[?25h[?25l5[31;82H17,28 All[17;28H[?12l[?25h[?25l.[31;82H17,29 All[17;29H[?12l[?25h[?25l0[31;82H17,30 All[17;30H[?12l[?25h[?25l.[31;82H17,31 All[17;31H[?12l[?25h[?25l0[31;82H17,32 All[17;32H[?12l[?25h[?25l.[31;82H17,33 All[17;33H[?12l[?25h[?25l0[31;82H17,34 All[17;34H[?12l[?25h[?25l.[31;82H17,35 All[17;35H[?12l[?25h[?25l[17;34H[K[31;82H17,34 All[17;34H[?12l[?25h[?25l[31;82H17,35 All[17;35H[?12l[?25h[?25l{[31;82H17,36 All[17;36H[?12l[?25h[?25l[17;35H[K[31;82H17,35 All[17;35H[?12l[?25h[?25l([31;82H17,36 All[17;36H[?12l[?25h[?25l)[31;82H17,35 All[17;35H[?12l[?25h[?25l[46m()[m[31;82H17,37 All[17;37H[?12l[?25h[?25l([17;36H[K[31;82H17,36 All[17;36H[?12l[?25h[?25l[17;35H[K[31;82H17,35 All[17;35H[?12l[?25h[?25l{[31;82H17,36 All[17;36H[?12l[?25h[?25l}[31;82H17,35 All[17;35H[?12l[?25h[?25l[46m{}[m[31;82H17,37 All[17;37H[?12l[?25h[31;1H[K[17;36H[?25l[31;72H^[ [17;36H[?12l[?25h[?25l[31;72H [17;37H[31;82H17,36 All[17;36H[?12l[?25h[?25l[31;72H: [17;36H[31;72H[K[31;1H:[?12l[?25hw[?25l
:w[?12l[?25hq[?25l
:wq[?12l[?25h
[?25l"dhcpd.conf"
"dhcpd.conf" 17L, 403C written
[?1l>[?12l[?25h[2J[?47l8]0;root@demo: /etc/dhcp[root@demo dhcp]#
]0;root@demo: /etc/dhcp[root@demo dhcp]# service dhcpd start
Starting dhcpd service: [92G[ [1m[32mDONE[39;49m(B[m ]
]0;root@demo: /etc/dhcp[root@demo dhcp]# cat c[Kdhcpd.conf
# See dhcpd.conf(5) for further configuration
ddns-update-style none;
subnet 172.16.0.0 netmask 255.255.255.0 {
option routers 172.16.0.1;
option subnet-mask 255.255.255.0;
option domain-name "demo.class.altlinux.ru";
option domain-name-servers 10.0.2.3;
range dynamic-bootp 172.16.0.10 172.16.0.99;
default-lease-time 21600;
max-lease-time 43200;
}
subnet 10.0.0.0 netmask 255.0.0.0 {}
]0;root@demo: /etc/dhcp[root@demo dhcp]# cat dhcpd.confservice dhcpd start[5Pvim dhcpd.confservice dhcpd start[5Pcat dhcpd.conf[K
[4@(reverse-i-search)`':
(reverse-i-search)`': t': cat dhcpd.confc': cd /etc/dhcp/p': tcpdump -n -i eth1 host 80.68.240.144
(reverse-i-search)`tcp':
[7P[root@demo dhcp]#
[root@demo dhcp]#
[root@demo dhcp]# t
[root@demo dhcp]# tc
[root@demo dhcp]# tcp
[root@demo dhcp]# tcpd
[root@demo dhcp]# tcpdu
[root@demo dhcp]# tcpdum
[root@demo dhcp]# tcpdump
[root@demo dhcp]# tcpdump
[root@demo dhcp]# tcpdump -
[root@demo dhcp]# tcpdump -n
[root@demo dhcp]# tcpdump -n
[root@demo dhcp]# tcpdump -n -
[root@demo dhcp]# tcpdump -n -i
[root@demo dhcp]# tcpdump -n -i
[root@demo dhcp]# tcpdump -n -i e
[root@demo dhcp]# tcpdump -n -i et
[root@demo dhcp]# tcpdump -n -i eth
[root@demo dhcp]# tcpdump -n -i eth1
[root@demo dhcp]# tcpdump -n -i eth1
[root@demo dhcp]# tcpdump -n -i eth1 h
[root@demo dhcp]# tcpdump -n -i eth1 ho
[root@demo dhcp]# tcpdump -n -i eth1 hos
[root@demo dhcp]# tcpdump -n -i eth1 host
[root@demo dhcp]# tcpdump -n -i eth1 host
[root@demo dhcp]# tcpdump -n -i eth1 host 8[1P0.68.240.144[1P.68.240.144[1P68.240.144[1P8.240.144[1P.240.144[1P240.144[1P40.144[1P0.144[1P.144[1P144[1P44
[root@demo dhcp]# tcpdump -n -i eth1 host 4[K[Kya.ru
[root@demo dhcp]# tcpdump -n[1P[1P[1P
]0;root@demo: /etc/dhcp[root@demo dhcp]# iptables-save
# Generated by iptables-save v1.3.7 on Tue Jul 8 19:41:02 2008
*mangle
:PREROUTING ACCEPT [4573:4494995]
:INPUT ACCEPT [4401:4474833]
:FORWARD ACCEPT [133:11894]
:OUTPUT ACCEPT [3484:475786]
:POSTROUTING ACCEPT [3811:531955]
COMMIT
# Completed on Tue Jul 8 19:41:02 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 19:41:02 2008
*nat
:PREROUTING ACCEPT [60:9997]
:POSTROUTING ACCEPT [48:4843]
:OUTPUT ACCEPT [179:12814]
-A POSTROUTING -j SNAT --to-source 10.0.2.15
COMMIT
# Completed on Tue Jul 8 19:41:02 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 19:41:02 2008
*filter
:INPUT ACCEPT [3789:3981551]
:FORWARD ACCEPT [56:7756]
:OUTPUT ACCEPT [2982:412059]
:stdin - [0:0]
-A FORWARD -d 217.76.32.61 -j LOG
-A FORWARD -d 217.76.32.61 -j DROP
COMMIT
# Completed on Tue Jul 8 19:41:02 2008
]0;root@demo: /etc/dhcp[root@demo dhcp]# tail /var/log/messages
Jul 8 19:37:07 demo dhcpd: Sending on Socket/fallback/fallback-net
Jul 8 19:37:07 demo dhcpd: Sending on Socket/fallback/fallback-net
Jul 8 19:37:07 demo dhcpd: Wrote 0 leases to leases file.
Jul 8 19:37:07 demo dhcpd: dhcpd startup succeeded
Jul 8 19:37:17 demo kernel: atkbd.c: Spurious NAK on isa0060/serio0. Some program might be trying access hardware directly.
Jul 8 19:37:45 demo kernel: atkbd.c: Spurious NAK on isa0060/serio0. Some program might be trying access hardware directly.
Jul 8 19:38:46 demo dhcpd: DHCPDISCOVER from 08:00:27:b7:69:b9 via eth1
Jul 8 19:38:47 demo dhcpd: DHCPOFFER on 172.16.0.99 to 08:00:27:b7:69:b9 (localhost.localdomain) via eth1
Jul 8 19:38:47 demo dhcpd: DHCPREQUEST for 172.16.0.99 (172.16.0.1) from 08:00:27:b7:69:b9 (localhost.localdomain) via eth1
Jul 8 19:38:47 demo dhcpd: DHCPACK on 172.16.0.99 to 08:00:27:b7:69:b9 (localhost.localdomain) via eth1
]0;root@demo: /etc/dhcp[root@demo dhcp]# tail /var/log/messages
[root@demo dhcp]# [9Piptables-save
[root@demo dhcp]# iptables-save cat dhcpd.confiptables-save [9@tail /var/log/messages
[root@demo dhcp]# tail /var/log/messages
[root@demo dhcp]# [K
[4@(reverse-i-search)`':
(reverse-i-search)`': [24@t': tail /var/log/messages[9Pc': cd /etc/dhcp/p': tcpdump -n -i eth1 host 80.68.240.144
(reverse-i-search)`tcp': [1@d
(reverse-i-search)`tcpd': [1@u
(reverse-i-search)`tcpdu':
[9P[root@demo dhcp]#
[root@demo dhcp]#
[root@demo dhcp]# t
[root@demo dhcp]# tc
[root@demo dhcp]# tcp
[root@demo dhcp]# tcpd
[root@demo dhcp]# tcpdu
[root@demo dhcp]# tcpdum
[root@demo dhcp]# tcpdump
[root@demo dhcp]# tcpdump
[root@demo dhcp]# tcpdump -
[root@demo dhcp]# tcpdump -n
[root@demo dhcp]# tcpdump -n [1P[1P[1P
[root@demo dhcp]# tcpdump -i eth1 host 80.68.240.144[K[K[K[K[K[K[K[K[K[K[K[K[Kya.ru[K[K[K[K[K
]0;root@demo: /etc/dhcp[root@demo dhcp]# service network restart
Computing interface groups: ... 3 interfaces found
Processing /etc/net/vlantab: empty.
Stopping group 1/realphys (2 interfaces)
Stopping eth0:
Stopping iptables for eth0
Unloading rules for the "POSTROUTING" chain in the "nat" tableiptables v1.3.7: Unknown arg `--to-source'
Try `iptables -h' or 'iptables --help' for more information.
ERROR: /etc/net/scripts/config-fw: /sbin/iptables -t nat -D POSTROUTING -j SNAT --to-source ${IPV4ADDRESS}
.
..OK
Stopping eth1: ..OK
Stopping group 0/virtual (1 interfaces)
Stopping lo: .OK
Stopping iptables for default
Flushing the "OUTPUT" chain in the "filter" table
Flushing the "FORWARD" chain in the "filter" table
Flushing the "INPUT" chain in the "filter" table
Flushing the "POSTROUTING" chain in the "nat" table
Flushing the "OUTPUT" chain in the "nat" table
Flushing the "PREROUTING" chain in the "nat" table
Flushing the "POSTROUTING" chain in the "mangle" table
Flushing the "OUTPUT" chain in the "mangle" table
Flushing the "FORWARD" chain in the "mangle" table
Flushing the "INPUT" chain in the "mangle" table
Flushing the "PREROUTING" chain in the "mangle" table
Deleting the "stdin" chain from the "filter" table
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Starting iptables for default
Setting ACCEPT policy for the "INPUT" chain in the "filter" table
Setting ACCEPT policy for the "FORWARD" chain in the "filter" table
Setting ACCEPT policy for the "OUTPUT" chain in the "filter" table
Creating the "stdin" chain in the "filter" table
Computing interface groups: ... 3 interfaces found
Starting group 0/virtual (1 interfaces)
Starting lo: ....OK
Starting group 1/realphys (2 interfaces)
Starting eth0: ....
Starting iptables for eth0
Loading rules for the "POSTROUTING" chain in the "nat" table.
.OK
Starting eth1: .....OK
Processing /etc/net/vlantab: empty.
]0;root@demo: /etc/dhcp[root@demo dhcp]# service network restart
[root@demo dhcp]# [K
[4@(reverse-i-search)`':
(reverse-i-search)`': t': service network restart
(reverse-i-search)`t[9Pc': cd /etc/dhcp/p': tcpdump -n -i eth1 host 80.68.240.144
(reverse-i-search)`tcp':
]0;root@demo: /etc/dhcp[root@demo dhcp]# iptables-save
# Generated by iptables-save v1.3.7 on Tue Jul 8 19:43:03 2008
*mangle
:PREROUTING ACCEPT [4597:4502649]
:INPUT ACCEPT [4423:4481335]
:FORWARD ACCEPT [133:11894]
:OUTPUT ACCEPT [3508:482312]
:POSTROUTING ACCEPT [3855:544847]
COMMIT
# Completed on Tue Jul 8 19:43:03 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 19:43:03 2008
*nat
:PREROUTING ACCEPT [62:11149]
:POSTROUTING ACCEPT [50:5269]
:OUTPUT ACCEPT [184:13707]
-A POSTROUTING -j SNAT --to-source 10.0.2.15
COMMIT
# Completed on Tue Jul 8 19:43:03 2008
# Generated by iptables-save v1.3.7 on Tue Jul 8 19:43:03 2008
*filter
:INPUT ACCEPT [22:6502]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [24:6526]
:stdin - [0:0]
COMMIT
# Completed on Tue Jul 8 19:43:03 2008
]0;root@demo: /etc/dhcp[root@demo dhcp]#
[4@(reverse-i-search)`':
(reverse-i-search)`': [15@t': iptables-savec': cd /etc/dhcp/p': tcpdump -n -i eth1 host 80.68.240.144
(reverse-i-search)`tcp': [1@d
(reverse-i-search)`tcpd': [1@u
(reverse-i-search)`tcpdu':
[9P[root@demo dhcp]#
[root@demo dhcp]#
[root@demo dhcp]# t
[root@demo dhcp]# tcpdump -n -i eth1 host 80.68.240.144[K[K[K[K[K[K[K[K[K[K[K[K[Kya.[K[K[Klinux.org.ru
[root@demo dhcp]#
[root@demo dhcp]# t
[root@demo dhcp]# tc
[root@demo dhcp]# tcp
[root@demo dhcp]# tcpd
[root@demo dhcp]# tcpdu
[root@demo dhcp]# tcpdum
[root@demo dhcp]# tcpdump
[root@demo dhcp]# tcpdump
[root@demo dhcp]# tcpdump -
[root@demo dhcp]# tcpdump -n
[root@demo dhcp]# tcpdump -n [1P[1P[1P[1P[1@
[root@demo dhcp]# tcpdump -i eth1 host linux.org.ru
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
19:43:40.923714 IP 172.16.0.99.4378 > linux.org.ru.http: S 668120931:668120931(0) win 5840
19:43:40.934759 IP linux.org.ru.http > 172.16.0.99.4378: S 720896001:720896001(0) ack 668120932 win 8192
19:43:40.935954 IP 172.16.0.99.4378 > linux.org.ru.http: . ack 1 win 5840
19:43:40.950012 IP 172.16.0.99.4378 > linux.org.ru.http: P 1:169(168) ack 1 win 5840
19:43:40.950542 IP linux.org.ru.http > 172.16.0.99.4378: . ack 169 win 8760
19:43:40.955974 IP linux.org.ru.http > 172.16.0.99.4378: P 1:534(533) ack 169 win 8760
19:43:40.956036 IP linux.org.ru.http > 172.16.0.99.4378: F 534:534(0) ack 169 win 8760
19:43:40.970101 IP 172.16.0.99.4378 > linux.org.ru.http: . ack 534 win 6432
19:43:40.970128 IP 172.16.0.99.4378 > linux.org.ru.http: F 169:169(0) ack 535 win 6432
19:43:40.970747 IP linux.org.ru.http > 172.16.0.99.4378: . ack 170 win 8760
10 packets captured
10 packets received by filter
0 packets dropped by kernel
]0;root@demo: /etc/dhcp[root@demo dhcp]# cd /etc/dhcp
dhcp/ dhcpcd.sh
[root@demo dhcp]# cd /etc/dhcpd[K/dhcpd.conf
dhcpd.conf dhcpd.conf.sample
[root@demo dhcp]# cd /etc/dhcp/dhcpd.conf
]0;root@demo: /etc/dhcp[root@demo dhcp]# cd /var/lig[Kb/
alterator/ clamav-db/ dosemu/ kdm/ menu/ rpm/ tomcat5/
apt/ dav/ games/ klogd/ misc/ rsbac/ ulogd/
autoipd/ dbus/ hotplug/ locate/ nfs/ run/ wine/
cache/ dhcp/ hwclock/ log/ nvidia/ samba/ xdm/
clamav/ dhcpcd/ jetty5/ logrotate/ osec/ ssl/ xkb/
[root@demo dhcp]# cd /var/lib/dhcp
dhcp/ dhcpcd/
[root@demo dhcp]# cd /var/lib/dhcp/
]0;root@demo: /var/lib/dhcp[root@demo dhcp]# ls
[00m[01;34mdhcpd[00m
[m]0;root@demo: /var/lib/dhcp[root@demo dhcp]# cd dhcpd/
]0;root@demo: /var/lib/dhcp/dhcpd[root@demo dhcpd]# ls
[00m[01;34mdev[00m [01;34metc[00m [01;34mlib[00m [01;34mstate[00m [01;34mvar[00m
[m]0;root@demo: /var/lib/dhcp/dhcpd[root@demo dhcpd]# find . -[K
.
./state
./state/dhcpd.leases
./state/dhcpd.leases~
./dev
./etc
./etc/host.conf
./etc/services
./etc/hosts
./etc/resolv.conf
./etc/nsswitch.conf
./etc/localtime
./lib
./lib/libnsl.so.1
./lib/libnss_hesiod.so.2
./lib/libresolv.so.2
./lib/libnss_nisplus.so.2
./lib/libnss_mdns4_minimal.so.2
./lib/libnss_nis.so.2
./lib/libnss_mdns4.so.2
./lib/libnss_files.so.2
./lib/libnss_dns.so.2
./var
./var/yp
./var/yp/binding
./var/nis
]0;root@demo: /var/lib/dhcp/dhcpd[root@demo dhcpd]# cat state/dhcpd.leases
# All times in this file are in UTC (GMT), not your local timezone. This is
# not a bug, so please don't ask about it. There is no portable way to
# store leases in the local timezone, so please don't request this as a
# feature. If this is inconvenient or confusing to you, we sincerely
# apologize. Seriously, though - don't ask.
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-V3.0.6
lease 172.16.0.99 {
starts 2 2008/07/08 15:38:47;
ends 2 2008/07/08 21:38:47;
binding state active;
next binding state free;
hardware ethernet 08:00:27:b7:69:b9;
uid "\001\010\000'\267i\271";
client-hostname "localhost.localdomain";
}
]0;root@demo: /var/lib/dhcp/dhcpd[root@demo dhcpd]# pwd
/var/lib/dhcp/dhcpd
]0;root@demo: /var/lib/dhcp/dhcpd[root@demo dhcpd]# cd
]0;root@demo: /root[root@demo ~]# vim /etc/dhcp/dhcpd.conf
7[?47h[?1h=[1;31r[?12;25h[?12l[?25h[27m[m[H[2J[?25l[31;1H"/etc/dhcp/dhcpd.conf"
"/etc/dhcp/dhcpd.conf" 17L, 403C[>c[1;1H[34m# See dhcpd.conf(5) for further configuration[m
ddns-update-style none;
subnet 172.16.0.0 netmask 255.255.255.0 {
option routers[10C172.16.0.1;
option subnet-mask 255.255.255.0;[9;5Hoption domain-name [31m"demo.class.altlinux.ru"[m;
option domain-name-servers 10.0.2.3;[12;5Hrange dynamic-bootp 172.16.0.10 172.16.0.99;
default-lease-time 21600;
max-lease-time 43200;
}
subnet 10.0.0.0 netmask 255.0.0.0 {}
[1m[34m~ [19;1H~ [20;1H~ [21;1H~ [22;1H~ [23;1H~ [24;1H~ [25;1H~ [26;1H~ [27;1H~ [28;1H~ [29;1H~ [30;1H~ [m[31;82H1,1 All[1;1H[?12l[?25h[?25l[31;72HG [1;1H[31;72H [17;1H[31;82H17,1 All[17;1H[?12l[?25h[?25l[31;72Ho [17;1H[31;72H [18;1H[31;1H[1m-- INSERT --[m[31;13H[K[31;82H18,1 All[18;1H[K[18;1H[?12l[?25h[?25l[19;1H[K[31;82H19,1 All[19;1H[?12l[?25h[31;1H[K[19;1H[?25l[31;72H^[ [19;1H[?12l[?25h[?25l[31;72H [19;1H[31;82H19,0-1 All[19;1H[?12l[?25h[?25l[31;72Hu [19;1H[31;1H2 fewer lines; before #1 3 seconds ago[31;72H[K[31;72H [17;1H
[1m[34m~ [19;1H~ [m[31;82H17,1 All[17;1H[?12l[?25h[?25l[31;72HO [17;1H[31;72H [17;1H[31;1H[1m-- INSERT --[m[31;13H[K[31;82H17,1 All[17;30r[17;1H[L[1;31r[31;1H[1m-- INSERT --[m[31;82H[K[31;82H17,1 All[17;1H[?12l[?25h[?25l[18;30r[18;1H[L[1;31r[31;1H[1m-- INSERT --[m[31;82H[K[31;82H18,1 All[18;1H[?12l[?25h[?25l[17;30r[30;1H
[1;31r[30;1H[1m[34m~ [m[31;1H[1m-- INSERT --[m[31;82H[K[31;82H17,1 All[17;1H[?12l[?25h[31;1H[K[17;1H[?25l[31;72H^[ [17;1H[?12l[?25h[?25l[31;72H [17;1H[31;82H17,0-1 All[17;1H[?12l