{"id":3260,"date":"2018-11-07T10:44:53","date_gmt":"2018-11-07T10:44:53","guid":{"rendered":"https:\/\/tst-amo.net.ua\/blog\/?p=3260"},"modified":"2019-07-08T09:01:26","modified_gmt":"2019-07-08T09:01:26","slug":"centos-7-%d1%88%d0%bb%d1%8e%d0%b7-nat","status":"publish","type":"post","link":"https:\/\/tst-amo.net.ua\/blog\/?p=3260","title":{"rendered":"CentOS 7 – \u0448\u043b\u044e\u0437, NAT"},"content":{"rendered":"

\u0423\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0443.<\/p>\n

\/boot\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a01G\r\n\/ \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 20G\r\nswap \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a02G\r\n\/home\u00a0 \u00a0 \u00a0 -\u00a0 \u00a0 \u0432\u0441\u0435 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0435<\/pre>\n
\u041d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b (enp64s0 – WAN, enp5s9 – LAN):<\/p>\n
# nmtui\r\n# timedatectl\r\n# hostnamectl\r\n# visudo\r\n# vim \/etc\/sysconfig\/network-scripts\/enp64s0\r\nTYPE=Ethernet\r\nPROXY_METHOD=none\r\nBROWSER_ONLY=no\r\nBOOTPROTO=static\r\nIPADDR=192.168.113.53\r\nPREFIX=24\r\nGATE=192.168.113.1\r\nDNS1=192.168.113.1\r\nDNS2=8.8.8.8\r\nDEFROUTE=yes\r\nIPV4_FAILURE_FATAL=no\r\nIPV6INIT=no\r\nIPV6_AUTOCONF=no\r\nIPV6_DEFROUTE=no\r\nIPV6_FAILURE_FATAL=no\r\nIPV6_ADDR_GEN_MODE=stable-privacy\r\nNAME=enp64s0\r\nUUID=f1963841-564a-4e83-8417-89279a1ce0cd\r\nDEVICE=enp64s0\r\nONBOOT=yes\r\n<\/pre>\n
# vim \/etc\/sysconfig\/network-scripts\/enp5s9<\/pre>\n
\u0420\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u043c \u043f\u0435\u0440\u0435\u0441\u044b\u043b\u043a\u0443 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 (\u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u044e):<\/p>\n
\n
# vi \/etc\/sysctl.conf<\/pre>\n<\/div>\n
net.ipv4.ip_forward=1<\/pre>\n
\n
# sysctl -p \/etc\/sysctl.conf<\/pre>\n
\u041d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c firewall:<\/p>\n
# firewall<\/span>-<\/span>cmd<\/span> --<\/span>zone<\/span>=<\/span>external<\/span> --<\/span>add<\/span>-<\/span>interface<\/span>=<\/span>enp64s0<\/span>\u00a0--<\/span>permanent\u00a0<\/span>\r\n# firewall<\/span>-<\/span>cmd<\/span> --<\/span>zone<\/span>=<\/span>internal<\/span> --<\/span>add<\/span>-<\/span>interface<\/span>=<\/span>enp5s9<\/span>\u00a0--<\/span>permanent\u00a0<\/span>\r\n# firewall-cmd --direct --permanent --add-rule ipv4 nat POSTROUTING 0 -o enp64s0 -j MASQUERADE\r\n# firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i enp5s9 -o enp64s0 -j ACCEPT\r\n# firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i enp64s0 -o enp5s9 -m state --state RELATED,ESTABLISHED -j ACCEPT\r\n# firewall<\/span>-<\/span>cmd<\/span> --<\/span>reload<\/span><\/pre>\n<\/div>\n
<\/div>\n
<\/div>\n
\"image_pdf\"<\/a>\"image_print\"<\/a><\/div>","protected":false},"excerpt":{"rendered":"
\u0423\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0443. \/boot\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a01G \/ \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 20G swap \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a02G \/home\u00a0 \u00a0 \u00a0 –\u00a0 \u00a0 \u0432\u0441\u0435 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u041d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b (enp64s0 – WAN, enp5s9 – LAN): # nmtui # timedatectl # hostnamectl # visudo # vim \/etc\/sysconfig\/network-scripts\/enp64s0 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no …<\/p>\n
Continue reading ‘CentOS 7 – \u0448\u043b\u044e\u0437, NAT’ »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48,47],"tags":[],"class_list":["post-3260","post","type-post","status-publish","format-standard","hentry","category-centos","category-linux"],"_links":{"self":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3260"}],"collection":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3260"}],"version-history":[{"count":9,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3260\/revisions"}],"predecessor-version":[{"id":4262,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3260\/revisions\/4262"}],"wp:attachment":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3260"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3260"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3260"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}