帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Linux iptables on P3041

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

Linux iptables on P3041

‎12-03-2013 02:24 PM
1,140 次查看
akolega
Contributor I

If you are running linux on one of the cores of the P3041, can the ethernet controller ports for the processor be configured with standard linux iptables so you can basically run a router on that core?

标签 (1)
标签
0 项奖励
回复
1 回复

‎12-12-2013 02:31 AM
762 次查看
yipingwang
NXP TechSupport
NXP TechSupport

You could configure the specific ethernet ports in Linux with iptable to make the core run IP Forward and NAT, please refer to the following demo.

[root@p4080 root]# ifconfig fm2-gb0 192.168.2.130 netmask 255.255.255.0 up

[root@p4080 root]# ifconfig fm2-gb1 192.168.1.131 netmask 255.255.255.0 up

[root@p4080 root]# ifconfig

fm2-gb0 Link encap:Ethernet HWaddr 00:E0:0C:00:AA:05

        inet addr:192.168.2.130 Bcast:192.168.2.255 Mask:255.255.255.0

        UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

        RX packets:0 errors:0 dropped:0 overruns:0 frame:0

        TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

        collisions:0 txqueuelen:1000

        RX bytes:0 (0.0 Kb) TX bytes:0 (0.0 b)

        Memory:fe5e0000-fe5e0fff

fm2-gb1 Link encap:Ethernet HWaddr 00:E0:0C:00:AA:06

        inet addr:192.168.1.131 Bcast:192.168.1.255 Mask:255.255.255.0

        UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

        RX packets:0 errors:0 dropped:0 overruns:0 frame:0

        TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

        collisions:0 txqueuelen:1000

        RX bytes:0 (0.0 Kb) TX bytes:0 (0.0 b)

        Memory:fe5e0000-fe5e0fff

lo      Link encap:Local Loopback

        inet addr:127.0.0.1 Mask:255.0.0.0

        UP LOOPBACK RUNNING MTU:16436 Metric:1

        RX packets:0 errors:0 dropped:0 overruns:0 frame:0

        TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

        collisions:0 txqueuelen:0

        RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

[root@p4080 root]#

[root@p4080 root]# arp -s 192.168.2.131 00:00:05:00:00:01

[root@p4080 root]# arp -s 192.168.1.130 00:00:06:00:00:01

[root@p4080 root]# echo 1 > /proc/sys/net/ipv4/ip_forward

[root@p4080 root]# iptables -F INPUT

[root@p4080 root]# iptables -F OUTPUT

[root@p4080 root]# iptables -F FORWARD

[root@p4080 root]# iptables -t nat -F PREROUTING

[root@p4080 root]# iptables -t nat -F POSTROUTING

[root@p4080 root]# iptables -P INPUT ACCEPT

[root@p4080 root]# iptables -P OUTPUT ACCEPT

[root@p4080 root]# iptables -P FORWARD ACCEPT

[root@p4080 root]# iptables -t nat -A POSTROUTING -p tcp -o fm2-gb1 -m iprange --src-range \

  1. 192.168.2.1-192.168.2.255 -j SNAT --to-source 9.5.2.1-9.5.2.255:1724-1755

[root@p4080 root]# iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

[root@p4080 root]# iptables -L -t nat

Chain PREROUTING (policy ACCEPT)

target prot opt source destination

Chain POSTROUTING (policy ACCEPT)

target prot opt source   destination

SNAT   tcp --  anywhere anywhere            source IP range 192.168.2.1-192.168.2.255 to:9.5.2.1-9.5.2.255:1724-1755

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

[root@p4080 root]#

0 项奖励
回复