01 02

Liberando porta no DHCP do linux para visualização de camera de segurança!

13. Re: Liberando porta no DHCP do linux para visualização de camera de segurança!

danilo.mattos
(usa Debian)

Enviado em 05/07/2014 - 08:09h

Olá eu acabei de olhar e vi que já existe a regras para as câmeras:

# CONEXAO PORTA CAMERA
#iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
#iptables -A INPUT -i eth0 -p udp --dport 9001 -j ACCEPT
iptables -t nat -p tcp -I PREROUTING -s 0/0 -d 189.19.209.235 --dport 8081 -j DNAT --to 192.168.1.225:9001
iptables -t nat -p tcp -I PREROUTING -s 0/0 -d 189.19.209.235 --dport 9001 -j DNAT --to 192.168.1.225:9001
iptables -t nat -p udp -I PREROUTING -s 0/0 -d 189.19.209.235 --dport 8081 -j DNAT --to 192.168.1.225:9001
iptables -t nat -p udp -I PREROUTING -s 0/0 -d 189.19.209.235 --dport 9001 -j DNAT --to 192.168.1.225:9001
iptables -t nat -A PREROUTING -i eth0 -p tcp -m multiport --dport 8081,9001 -j DNAT --to-dest 192.168.1.225:9001
iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dport 8081,9001 -j DNAT --to-dest 192.168.1.225:9001

iptables -A OUTPUT -p tcp -s 192.168.1.225 --dport 9001 -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.1.225 --dport 8081 -j ACCEPT
iptables -A OUTPUT -p udp -s 192.168.1.225 --dport 9001 -j ACCEPT
iptables -A OUTPUT -p udp -s 192.168.1.225 --dport 8081 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 9001 -j ACCEPT
iptables -A FORWARD -i eth0 -p udp --dport 9001 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 8081 -j ACCEPT
iptables -A FORWARD -i eth0 -p udp --dport 8081 -j ACCEPT
iptables -A FORWARD -p tcp --dport 8081 -i eth0 -j ACCEPT
iptables -A FORWARD -p udp --dport 8081 -i eth0 -j ACCEPT
iptables -A FORWARD -p tcp --dport 9001 -i eth0 -j ACCEPT
iptables -A FORWARD -p udp --dport 9001 -i eth0 -j ACCEPT

#iptables -A INPUT -i eth0 -p tcp -m multiport --dport 80 -j ACCEPT
#iptables -A INPUT -i eth0 -p udp -m multiport --dport 9002 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dport 80,9002 -j DNAT --to-dest 192.168.1.226

#iptables -A INPUT -i eth0 -p tcp -m multiport --dport 80 -j ACCEPT
#iptables -A INPUT -i eth0 -p udp -m multiport --dport 9003 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dport 80,9003 -j DNAT --to-dest 192.168.1.227

iptables -A OUTPUT -p tcp -s 192.168.1.225 --dport 9001 -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.1.225 --dport 8081 -j ACCEPT

#iptables -A INPUT -i eth0 -p tcp -m multiport --dport 80,9001,9002 -j ACCEPT
#iptables -A INPUT -i eth0 -p udp -m multiport --dport 80,9001,9002 -j ACCEPT

iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dport 80,9001,9002 -j DNAT --to-dest 192.168.1.225:9001
iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --sport 80,9001,9002 -j DNAT --to-dest 192.168.1.226:9002
iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --sport 80,9001,9003 -j DNAT --to-dest 192.168.1.227:9003

0 0

Quote