Archive for Juni 13th, 2021
 	  
		
				
				
				Sonntag, Juni 13th, 2021
				
					
internal firewall network
10.0.0.0/30
CIDR-Suffix:30
Netzwerkmaske: 255.255.255.252
Anzahl Hosts: 2
Netzadresse: 10.0.0.0
Broadcast: 10.0.0.3
Host-IPs von: 10.0.0.1 bis: 10.0.0.2
root@pve-02:~# vi /etc/network/interfaces
auto lo
iface lo inet loopback
auto enp2s0
iface enp2s0 inet static
address 192.168.1.152/24
gateway 192.168.1.254
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A PREROUTING -i enp2s0 -p tcp -m multiport ! –dport 22,8006 -j DNAT –to 10.0.0.2
post-up iptables -t nat -A PREROUTING -i enp2s0 -p udp -j DNAT –to 10.0.0.2
auto vmbr0
iface vmbr0 inet manual
bridge-ports none
bridge-stp off
bridge-fd 0
auto vmbr1
iface vmbr1 inet static
address 10.0.0.1/30
bridge-ports none
bridge-stp off
bridge-fd 0
post-up iptables -t nat -A POSTROUTING -s ‚10.0.0.0/30‘ -o enp2s0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s ‚10.0.0.0/30‘ -o enp2s0 -j MASQUERADE
auto vmbr2
iface vmbr2 inet static
address 192.168.27.253/24
bridge-ports none
bridge-stp off
bridge-fd 0
root@pve-02:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination 
DNAT tcp — anywhere anywhere multiport dports !ssh,8006 to:10.0.0.2
DNAT udp — anywhere anywhere to:10.0.0.2
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination 
MASQUERADE all — 10.0.0.0/30 anywhere
root@pve-02:~#







				 
				 Posted in Administration, Linux Solution, Network Info, Proxmox |   No Comments »