Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT udp -- anywhere anywhere udp dpt:bootps reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpt:domain reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
DROP tcp -- anywhere anywhere tcp dpt:http
DROP tcp -- anywhere anywhere tcp dpts:0:1023
DROP udp -- anywhere anywhere udp dpts:0:1023
Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- anywhere 192.168.0.0/16
ACCEPT all -- anywhere 192.168.0.0/16
ACCEPT all -- 192.168.0.2 anywhere
ACCEPT all -- 192.168.0.3 anywhere
ACCEPT all -- 192.168.0.4 anywhere
ACCEPT all -- 192.168.0.5 anywhere
вот есть такая настройка, спрашиваеться как можно скажем 192.168.0.5 посадить на 10.68.4.5 с другой стороны???
скажем есть необходимость выдать реальный IP человеку.....
10.68.0.47 - NAT - 192.168.0.1
10.68.0.47 - NAT - 192.168.0.2
10.68.0.47 - NAT - 192.168.0.3
10.68.0.47 - NAT - 192.168.0.4
10.68.4.5 - NAT - 192.168.0.5