removido
(usa Nenhuma)
Enviado em 21/08/2009 - 17:49h
Ae pessoal estouconfigurando um servidor para balanceamento de Link's e estou tendo problema, configurei tudo certinho e tals, o script roda tranquilo, mas quando chega na ultima regra do script ele da um erro, segue abaixo meu script se puderem me ajudar ficarei grato :
#!/bin/bash
IPT="/sbin/iptables"
IPLINK1="201.28.219.42"
IPLINK2="80.80.80.40"
GTWLINK1="201.28.219.2"
GTWLINK2="80.80.80.1"
IPREDE1="192.168.1.1/24"
IPREDE2="10.1.1.1/24"
fw_start()
{
######################
# Regras de Firewall #
######################
# Definicao de variaveis
IPT="/sbin/iptables"
IF_LINK1="eth0"
IF_LINK2="eth3"
ifup -a
# Limpando Regras antigas
$IPT -t nat -F
$IPT -t filter -F
$IPT -t mangle -F
$IPT -t nat -X
$IPT -t filter -X
$IPT -t mangle -X
route del default
ip route flush cached
# Definicao de regras padrao
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
# Liberando o acesso a internet para os 2 Links
$IPT -t nat -A POSTROUTING -o $IF_LINK1 -j MASQUERADE
$IPT -t nat -A POSTROUTING -o $IF_LINK2 -j MASQUERADE
# Fundamental estar desabilitado para funcionar o roteamento com 2 links
echo "0" > /proc/sys/net/ipv4/conf/default/rp_filter
# Habilitando o Roteamento do Kernel
echo "1" > /proc/sys/net/ipv4/ip_forward
#################
# Balanceamento #
#################
# Configurando O PRIMEIRO LINK
ip route add 201.28.219.0/24 dev eth0 src 201.28.219.42 table link1
ip route add default via 201.28.219.2 table link1
# Configurando O SEGUNDO LINK
ip route add 80.80.80.0/24 dev eth3 src 80.80.80.40 table link2
ip route add default via 80.80.80.1 table link2
# Configurando as Rotas dos 2 LINKS
ip rule add from 201.28.219.42 table link1
ip rule add from 80.80.80.40 table link2
# Balanceando os Links
ip route add default scope global nexthop via 201.28.219.2 dev eth0 weight 1 nexthop via 80.80.80.1 dev eth3 weight 1
echo ""
echo "Ativando Balanceamento de Link + Redundancia ...............................[OK]"
echo ""
}
fw_stop()
{
$IPT -t filter -P INPUT ACCEPT
$IPT -t filter -P FORWARD ACCEPT
$IPT -t filter -P OUTPUT ACCEPT
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P POSTROUTING ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -t mangle -P INPUT ACCEPT
$IPT -t mangle -P FORWARD ACCEPT
$IPT -t filter -F
$IPT -t nat -F
$IPT -t mangle -F
$IPT -t filter -X
$IPT -t nat -X
$IPT -t mangle -X
$IPT -t filter -Z
$IPT -t nat -Z
$IPT -t mangle -Z
echo ""
echo "Balanceamento de Link Suspensso !"
echo ""
}
fw_usage()
{
echo
echo "$0 (start | stop | restart | clear)"
echo
echo "start - Ativa o Balanceamento"
echo "stop - Desativa o Balanceamento"
echo "restart - Reativa o Balanceamento"
echo "clear - Limpa os contatores"
echo
}
fw_clear()
{
$IPT -t filter -Z
$IPT -t nat -Z
$IPT -t mangle -Z
}
case $1 in
start)
fw_start;
;;
stop)
fw_stop;
;;
restart)
fw_stop;
fw_start;
;;
clear)
fw_clear;
;;
*)
fw_usage;
exit;
;;
esac