Υڡ Υڡ ܼ

1. ìÈÌÅÊÁÌä

ÎÀáÏáêóêÈÇÉÑÈËËßÆ netfilter ËØÏëìÈÌÅÊÁÌä(È netfilter ËØÊÁÌä) òÂоÝÈÞ

1.1 netfilter/iptables ÏÉéÆþêÇÞ

Netfilter È IPtables ÏLinux 2.4.x ÏÍëËÅýçµìÞ http://www.kernel.org/ ÊÏßéµÈé ÍëòÆþêÆÀµ

æõÖÎÄëÇë 'iptables' Ï http://www.netfilter.org/ http://www.iptables.org/ ÈÃßéËë netfilter ÛàÚéÆþêÄÇÇ

1.2 netfilter Î Linux 2.2 ÏØХÃÝÈâÎÏêÞ

ßÎÈíêÞóÏáÈפÊé ÍÃÈïÃÎóÕÏìËÇÆÞÎÇ ìÛÉÆñÈÈÏÊÏÇ

ÎÊýÌÌÇÆêÞéæËÃÎéÆÀµ

1.3 ICQ conntrack/NAT ØëÑâåëÏêÞ

Linux 2.2 ÎÞóÇÎ IP ÞìÉËìÆëÊé éóÈÉÇÄÀÜ ICQ ÄÌëÎËÏÃÈ ip_masq_icq âåëòÈÃÆÈÇç (ÌõÃí:ÇìéìÆë ip_masq_icq âåëÏ http://djsf.narod.ru/masq-icq/ èêÆþêÄÇ)

ÃâÎâåëò netfilter ÍÑËÆÂÁõÞóÇ ÈÎâICQ ץíÈëÏÒÉøóÇ:) Çâ ìÍøÍÑÇëèËÊëÎâþÖÎÌäÂêÀÈäÏפÃÆÞ

Rusty(ÌõÃí: netfilter ÎçÍ׳ÈÔÇë Rusty Russell ÎÈ) ÏÄÆëץíÈëÎâåëò netfilter ÇÈêÓåçóËÁÈßþàËÏÕêÊéóÈÈ ÕêʵФÊÈâìÄÄÂßÊìФÊéÊÈÀÞ ICQ ËØÆÀСÕêÊéóÈÎÊýÂßÞóÎÇ ÎðàËÏÅçÞó(ÇÕêÈÎÏÍÎÈÇ ÌµÎÁÓë(free beer)ÎÕêÇÏêÞóÄÞêRMS ÎÄêµÁÄÌê ÈÈÇ)

1.4 ip_masq_vdolive ä ip_masq_quake ÊÉÎâåëÏÉËÔÃÎÇ

ÎÉÍפÊÊÃâÎâêÞÞÀ netfilter ËܵìÆÊâÎâêÞnetfilter Ï UDP ËÄÆâÁÊÍçóÎÄÉÀפòÔÞÞ ÑÃÈÎÎìòÇëÂêËÊèËëÝêêÞÎÇ ÖäÃÆßéÆפÈâÎâêÞ

1.5 patch-o-matic ÈÏìÂÎÇÞìòäÏÉÎèËÈФèÎÇ

2.4.x ÏÍëÏÂÄêÈÇêêÇÎÇæßÈÃæÎâÎò êêÈÇÎÍëËýÁàÈÏÇÞóæÎÉÏÙÆ Þ netfilter patch-o-matic ËÆȵìîµìÞ netfilter ÎÇÀèÃεÇòÈÊépatch-o-matic éÑÃÁòìÄÊåÆÊÆÏÊéÊâìÞó ÇÎ iptables ÑÃ(âÁíó CVS ÎÇâÂçæÉפÇ) ò netfilter ÛàÚéÀóíÉìСpatch-o-matic òÈÈÇÞ

patch-o-matic ÏÃêæóÕòýÃÆÞ

make patch-o-matic

ÈÆþÎÏëÀÇÍëÄê /usr/src/linux ËÊìçÏiptables ÑÃÎÈÃסÇìÈêÇ

make KERNEL_DIR={your-kernel-dir} patch-o-matic

ÈÆÀµpatch-o-matic ÏÑÃÁËèËóÈëµìÆë ÍëËÎÑÃÁÅçëÉòÁÃÞ ÑÃÁÅçìСÎÑÃÁËØëèêÜðÊóòÉë ÑÃÁòÅÍÑëÃפÆÎÑÃÁËÔÄÊÉÎÁÂòÇë µÊץíóץÈɵìÞ

1.6 ipnatctl ÈìËØëÜÙÊðÊóÏÉËêÞ

ipnatctl Ï2.3.x ÍëÎnetfilter ÎéüÎÈÈÇËÆ æõÖé NAT ëëòÀßÄêëÎËÈïìÆÞ âÉÍפÊÊÃÎÇÆþêâÇÊÊêÞ ipatctl εÇÏÙÆiptables ÈËèêÄóµìÆÞ Netfilter ÛàÚËë NAT HOWTO òÈÀµ (ÌõÃí: NAT HOWTO ÎÆüËÜìÌõÏ http://www.linux.or.jp/JF/JFdocs/NAT-HOWTO.html ËêÞ)


Υڡ Υڡ ܼ