Добрый… Прошу помочь с VPN'ом. Настроил vpn
eth0 Link encap:Ethernet HWaddr 90:fb:a6:65:5f:ee
inet addr:*.*.*.* Bcast:*.*.*.* Mask:255.255.255.248
inet6 addr: fe80::92fb:a6ff:fe65:5fee/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20383794 errors:0 dropped:0 overruns:0 frame:0
TX packets:13749513 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1791216168 (1.7 GB) TX bytes:1889904714 (1.8 GB)
Interrupt:42 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:19:5b:6a:54:5f
inet addr:192.168.5.1 Bcast:192.168.5.255 Mask:255.255.255.0
inet6 addr: fe80::219:5bff:fe6a:545f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14910980 errors:0 dropped:0 overruns:0 frame:0
TX packets:22152700 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1860792117 (1.8 GB) TX bytes:1789657565 (1.7 GB)
Interrupt:17 Base address:0xcc00
eth1:1 Link encap:Ethernet HWaddr 00:19:5b:6a:54:5f
inet addr:192.168.140.1 Bcast:192.168.140.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:17 Base address:0xcc00
eth1:2 Link encap:Ethernet HWaddr 00:19:5b:6a:54:5f
inet addr:192.168.150.1 Bcast:192.168.150.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:17 Base address:0xcc00
eth1:3 Link encap:Ethernet HWaddr 00:19:5b:6a:54:5f
inet addr:192.168.200.1 Bcast:192.168.200.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:17 Base address:0xcc00
lo Link encap:Локальная петля (Loopback)
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:23096590 errors:0 dropped:0 overruns:0 frame:0
TX packets:23096590 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:872083548 (872.0 MB) TX bytes:872083548 (872.0 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.6.1 P-t-P:192.168.6.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:66 errors:0 dropped:0 overruns:0 frame:0
TX packets:61 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:8720 (8.7 KB) TX bytes:6994 (6.9 KB)
Соответственно eth0 - внешний канал, eth1 локалка. Подключаюсь через vpn, получаю ip вида 192.168.6.x, пингую сервер(192.168.6.1) - ок. Затык в том, что не получается дать доступ с tun0 в eth1
#!/bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 3128 -j DROP
iptables -A INPUT -i eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.5.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.150.0/24 -j MASQUERADE
iptables -A FORWARD -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j REJECT
iptables -t nat -A PREROUTING -i eth1 -p tcp -m multiport --dport 80 -j REDIRECT --to-ports 8080
Далее по идее надо
sudo iptables -A FORWARD -i tun0 -o eth1 -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth1 -s 192.168.6.0/24 -j MASQUERADE
