Bom dia,
Pessoal como eu faco pra compartilhar a internet com o debian?
eu tenho duas interface de rede:
eth0 -> modem ADSL brasiltelecom
eth1 -> rede 192.168.0.x
eu to usando esse firewall
pego em http://www.vivaolinux.com.br/scripts...vivaolinux.sh#
IPTABLES=/sbin/iptables
modprobe ip_conntrack
modprobe ip_tables
modprobe ipt_MASQUERADE
modprobe ipt_state
modprobe iptable_nat
modprobe ipt_LOG
modprobe ipt_REJECT
#desligando forward
echo 0 > /proc/sys/net/ipv4/ip_forward
#limpando tabela NAT
$IPTABLES -t nat -F
$IPTABLES -t nat -X
$IPTABLES -t nat -Z
$IPTABLES -t nat -F POSTROUTING
$IPTABLES -t nat -F PREROUTING
#limpando regras
$IPTABLES -F INPUT
$IPTABLES -F OUTPUT
$IPTABLES -F FORWARD
#setando polihticas
$IPTABLES -P INPUT DROP
$IPTABLES -P FORWARD DROP
$IPTABLES -P OUTPUT DROP
#impedindo alteracao de rotas
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
#prot contra responses bogus
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
#prot contra syn-flood
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
#contra traceroute
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
#contra ip spoofing
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
#--------INPUT--------
$IPTABLES -A INPUT -i lo -s 127.0.0.1/8 -d 127.0.0.1/8 -j ACCEPT
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A INPUT -m state --state INVALID -j DROP
#--------OUTPUT-------
$IPTABLES -A OUTPUT -o lo -s 127.0.0.1/8 -d 127.0.0.1/8 -j ACCEPT
$IPTABLES -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A OUTPUT -m state --state INVALID -j DROP
#------FORWARD--------
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -m state --state INVALID -j DROP
$IPTABLES -A FORWARD -i eth1 -s 192.168.0.0/24 -o eth0 -j ACCEPT
#--------NAT----------
$IPTABLES -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
#habilitando forward
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "Firewall Startado com Sucesso"
exit 0