LINUX.ORG.RU

iptables SNAT ругается на имя сетевухи

 ,


0

1

Добрый день Помогите разобраться почему выдает ошибку, пожалуйста. Я учу iptables и пытаюсь разобраться как он работает. Просто маскарад не хочу делать, мне надо в учебных целях. Спасибо.

/etc/iptables.sh
Bad argument `enp4s0'
Try `iptables -h' or 'iptables --help' for more information.

строка в файле

$IPT -A POSTROUTING -t nat -s ${LAN_IP_RANGE} -o enp4s0 -j SNAT --to-source ppp0
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.250  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::523e:aaff:fe0f:5b3a  prefixlen 64  scopeid 0x20<link>
        ether 50:3e:aa:0f:5b:3a  txqueuelen 1000  (Ethernet)
        RX packets 120150  bytes 139394294 (132.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 83120  bytes 33720973 (32.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 50:3e:aa:0f:5b:3a  txqueuelen 1000  (Ethernet)
        RX packets 120631  bytes 141108082 (134.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 84396  bytes 33804317 (32.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::523e:aaff:fe0f:b42e  prefixlen 64  scopeid 0x20<link>
        ether 50:3e:aa:0f:b4:2e  txqueuelen 1000  (Ethernet)
        RX packets 81788  bytes 31500986 (30.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 115957  bytes 141345917 (134.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1  bytes 88 (88.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1  bytes 88 (88.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1492
        inet 10.102.246.170  netmask 255.255.255.255  destination 212.115.225.252
        ppp  txqueuelen 3  (Point-to-Point Protocol)
        RX packets 8741  bytes 8688793 (8.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5448  bytes 825297 (805.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 192.168.37.6  netmask 255.255.255.255  destination 192.168.37.5
        inet6 fe80::f3a8:7e7b:9b8b:2903  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9  bytes 432 (432.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::fc54:ff:fe17:58a  prefixlen 64  scopeid 0x20<link>
        ether fe:54:00:17:05:8a  txqueuelen 1000  (Ethernet)
        RX packets 200  bytes 10672 (10.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 866  bytes 128108 (125.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
 $ cat /etc/iptables.sh
#!/usr/bin/env bash

export IPT="iptables"

# WAN 1
export WAN=ppp0
export WAN_IP=91.225.234.208

# Local
export LAN1=br0
export LAN1_IP_RANGE=192.168.0.250/24

# Flush rules
$IPT -F
$IPT -F -t nat
$IPT -F -t mangle
$IPT -F -t filter
#$IPT -F -t conntrack
$IPT -F -t raw
$IPT -X
$IPT -X -t nat
$IPT -X -t mangle
$IPT -X -t filter
#$IPT -X -t conntrack
$IPT -X -t raw


$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT

$IPT -A INPUT -i lo -j ACCEPT
$IPT -A INPUT -i $LAN1 -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
$IPT -A OUTPUT -o $LAN1 -j ACCEPT



$IPT -A POSTROUTING -t nat -s ${LAN_IP_RANGE} -o enp4s0 -j SNAT --to-source ppp0

Для того чтобы оставить комментарий войдите или зарегистрируйтесь.