{"id":34,"date":"2007-11-29T22:47:52","date_gmt":"2007-11-29T13:47:52","guid":{"rendered":"http:\/\/chidipy.jpn.com\/topics\/?p=34"},"modified":"2007-11-29T22:47:52","modified_gmt":"2007-11-29T13:47:52","slug":"ipvs-nat%e3%81%a7%e3%83%aa%e3%82%a2%e3%83%ab%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e3%81%8b%e3%82%89%e5%bf%9c%e7%ad%94%e3%81%8c%e3%81%aa%e3%81%84%e4%ba%8b%e8%b1%a1%e3%81%ae%e8%a7%a3%e6%b1%ba%e6%96%b9","status":"publish","type":"post","link":"https:\/\/chidipy.jpn.com\/topics\/?p=34","title":{"rendered":"IPVS-NAT\u3067\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u5fdc\u7b54\u304c\u306a\u3044\u4e8b\u8c61\u306e\u89e3\u6c7a\u65b9\u6cd5"},"content":{"rendered":"<p><strong>\u25cb \u4e8b\u8c61<\/strong><br \/>\nIPVS(LVS)(NAT\/\u30de\u30b9\u30ab\u30ec\u30fc\u30c9\u69cb\u6210)\u74b0\u5883\u306b\u3066\u3001\u7aef\u672b\u304b\u3089\u30b5\u30fc\u30d3\u30b9\uff29\uff30\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u306e\u5fdc\u7b54\u304c\u306a\u3044\u3002<br \/>\ntcpdump\u3067\u8abf\u3079\u308b\u3068\u3001\u5fdc\u7b54\u30d1\u30b1\u30c3\u30c8\u304c\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u30a2\u30af\u30bb\u30b9\u5143\u7aef\u672b\u306b\u623b\u3063\u3066\u304a\u3089\u305a\u3001\u3055\u3089\u306b\u8abf\u3079\u308b\u3068\u3001IPVS\u3092\u69cb\u7bc9\u3057\u3066\u3044\u308b\u30b5\u30fc\u30d0\u30fc\u3067\u5fdc\u7b54\u30d1\u30b1\u30c3\u30c8\uff08\u623b\u308a\u306e\u901a\u4fe1\uff09\u304c\u7834\u68c4\uff08\u906e\u65ad\uff09\u3055\u308c\u3066\u3044\u308b\u3002<\/p>\n<blockquote><p>\u25a1\u3000\u30a2\u30af\u30bb\u30b9\u7aef\u672b<br \/>\n\u2193\uff5c<br \/>\n\u25a0\u00d7IPVS\u30fb\u30d5\u30a1\u30a4\u30a2\u30fc\u30a6\u30a9\u30fc\u30eb<br \/>\n\u2193\uff5c\u2191<br \/>\n\u25a1\u3000\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc<\/p><\/blockquote>\n<p><strong> \u25cb\u539f\u56e0<\/strong><br \/>\n\u30d5\u30a1\u30a4\u30a2\u30fc\u30a6\u30a9\u30fc\u30eb\u304cIPVS\u3092\u7d4c\u7531\u3057\u305f\u5fdc\u7b54\u30d1\u30b1\u30c3\u30c8\u3092\u8a8d\u8b58\u3057\u3066\u3044\u306a\u3044\uff01<br \/>\n\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u30eb\u30fc\u30eb\u304c<\/p>\n<blockquote><p>iptables -P FORWARD DROP<\/p><\/blockquote>\n<p>\u3067<\/p>\n<blockquote><p>iptables -A INPUT -i eth0  -p tcp &#8211;dport 80 -j ACCEPT<br \/>\niptables -A FORWARD -i eth0  -p tcp &#8211;dport 80 -j ACCEPT<br \/>\niptables -A INPUT -i eth0 -m state &#8211;state ESTABLISHED,RELATED -j ACCEPT<br \/>\niptables -A FORWARD -i eth0 -m state &#8211;state ESTABLISHED,RELATED -j ACCEPT<br \/>\n(eth0\u30fb\u30fb\u30fbWAN(\u5165\u308a\u53e3)    eth1\u30fb\u30fb\u30fbLAN(\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u5074)<\/p><\/blockquote>\n<p>\u3067\u3042\u3063\u305f\u308a\u3059\u308b\u3068\u3001\u901a\u5e38\u306e\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u306a\u3089\u30d5\u30a1\u30a4\u30a2\u30fc\u30a6\u30a9\u30fc\u30eb\u304c\u30a2\u30af\u30bb\u30b9\u5148\u306bHTTP\u30a2\u30af\u30bb\u30b9\u304c\u3042\u3063\u305f\u3053\u3092\u8a18\u61b6\u3057\u3066\u8ee2\u9001\u3057\u3001\u306e\u5fdc\u7b54\u304c\u623b\u3063\u3066\u304d\u305f\u3068\u304d\u306b\u30a2\u30af\u30bb\u30b9\u7aef\u672b\u5074\u306b\u8fd4\u3059\u3002<br \/>\n\u3057\u304b\u3057\u8ee2\u9001\u306bIPVS\u3092\u565b\u307e\u3059\u3068\u30a2\u30af\u30bb\u30b9\u304c\u3042\u3063\u305f\u3068\u3044\u3046\u8a18\u61b6\u3092\u3057\u3066\u3044\u306a\u3044\u3089\u3057\u3044\u3002<br \/>\n\u203b\u6b63\u78ba\u306b\u8a00\u3046\u3068\u3001\u8a18\u61b6\u3057\u3066\u3044\u308b\u5834\u6240\u304c\u9055\u3046\u306e\u3067\u60c5\u5831\u3092\u53d6\u308a\u51fa\u305b\u306a\u3044\u3002<br \/>\n\u7aef\u672b\u2192IPVS\u2192\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u30fb\u30fb\u30fbINPUT\u30c1\u30a7\u30a4\u30f3<br \/>\n\u7aef\u672b\u2190IPVS\u2190\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u30fb\u30fb\u30fbFORWARD\u30c1\u30a7\u30a4\u30f3<br \/>\n\u306a\u306e\u3067\u3001\u5fdc\u7b54\u30d1\u30b1\u30c3\u30c8\uff08\u623b\u308a\u306e\u30d1\u30b1\u30c3\u30c8\uff09\u306e\u30c0\u30a4\u30ca\u30df\u30c3\u30af\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3067\u8a31\u53ef\u304c\u3067\u305a\u3001PVS\u3092\u69cb\u7bc9\u3057\u3066\u3044\u308b\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u30d1\u30b1\u30c3\u30c8\u304c\u7834\u68c4\u3055\u308c\u3066\u3057\u307e\u3046\u30fb\u30fb\u30fb<br \/>\n\u8a73\u7d30\u306f\u3053\u306e\uff35\uff32\uff2c\u306e\u30a4\u30f3\u30c8\u30ed\u30c0\u30af\u30b7\u30e7\u30f3\u53c2\u7167\uff08\u82f1\u6587\uff09<br \/>\n<a title=\"http:\/\/www.austintek.com\/LVS\/LVS-HOWTO\/HOWTO\/LVS-HOWTO.filter_rules.html\" href=\"http:\/\/www.austintek.com\/LVS\/LVS-HOWTO\/HOWTO\/LVS-HOWTO.filter_rules.html\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/www.austintek.com\/LVS\/LVS-HOWTO\/HOWTO\/LVS-HOWTO.filter_rules.html<\/a><br \/>\n\u203b\u8981\u8a33<br \/>\nIPVS-NAT\u306fnetfilter(iptables)\u306e\u4ed5\u69d8\u4e0a\u3001\u7d4c\u8def\u8ffd\u8de1\u306b\u554f\u984c\u304c\u3042\u308b\u3002<br \/>\n\u30ab\u30fc\u30cd\u30eb\u306b\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u554f\u984c\u304c\u89e3\u6c7a\u3059\u308b\u3089\u3057\u3044\u3002<br \/>\n\u307e\u305f\u306fDSR\u69cb\u6210\u306b\u3059\u308b\u3002<br \/>\n\u3068\u8a00\u308f\u308c\u3066\u3082\u3001\u7d20\u306e\u30ab\u30fc\u30cd\u30eb\u3092\u30b3\u30f3\u30d1\u30a4\u30eb\u3057\u3066\uff08\u3057\u304b\u3082\u30d1\u30c3\u30c1\u9069\u7528\uff09\u4f7f\u7528\u3059\u308b\u306e\u306f\u3059\u304c\u306b\u6016\u3044\uff01<br \/>\n\u304b\u3068\u3044\u3066DSR\u69cb\u6210\u306b\u3082\u3067\u304d\u306a\u3044\uff08\u4e26\u884c\u3057\u3066\u3001SSL\u8a3c\u660e\u66f8\u306a\u3069\u306e\u554f\u984c\u3067<br \/>\nPound\u3084Apache\u3092\u3064\u304b\u3063\u3066URL\u30d9\u30fc\u30b9\u306e\u30d0\u30e9\u30f3\u30b7\u30f3\u30b0\u3092\u3057\u3066\u3044\u308b\u306a\u3069\u30fb\u30fb\u30fb\uff09<br \/>\n\u3067\u306f\u3069\u3046\u3059\u308b\u304b\uff1f<br \/>\n<strong> \u25cb\u89e3\u6c7a\u65b9\u6cd5<\/strong><br \/>\n\u30c0\u30a4\u30ca\u30df\u30c3\u30af\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u304c\u3067\u304d\u306a\u3044\u306a\u3089\u3001\u9759\u7684\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3067\u7121\u7406\u3084\u308a\u8a31\u53ef\u3059\u308b\uff01<br \/>\nIPVS\u30b5\u30fc\u30d0\u30fc\u4e0a\u3067\u3001\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u306e\u8ee2\u9001\u901a\u4fe1\u3092\u9001\u4fe1\u5143\u306e\u30dd\u30fc\u30c8\u3092\u7279\u5b9a\u3057\u3066\u8a31\u53ef\u308b\u3002<br \/>\n\u305f\u3068\u3048\u3070SMTP\u306a\u3089<\/p>\n<blockquote><p>iptables -A FORWARD -i eth1 -o eth0 -p tcp &#8211;sport 25 -j ACCEPT<br \/>\n(eth0\u30fb\u30fb\u30fbWAN(\u5165\u308a\u53e3)    eth1\u30fb\u30fb\u30fbLAN(\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u5074)<\/p><\/blockquote>\n<p>\u3053\u308c\u3067\u3081\u3067\u305f\u304f\u958b\u901a\u3002<br \/>\n\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fc\u4e0a\u3061\u3087\u3063\u3068\u6016\u3044\u304c\u30fb\u30fb\u30fb<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u25cb \u4e8b\u8c61 IPVS(LVS)(NAT\/\u30de\u30b9\u30ab\u30ec\u30fc\u30c9\u69cb\u6210)\u74b0\u5883\u306b\u3066\u3001\u7aef\u672b\u304b\u3089\u30b5\u30fc\u30d3\u30b9\uff29\uff30\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u306e\u5fdc\u7b54\u304c\u306a\u3044\u3002 tcpdump\u3067\u8abf\u3079\u308b\u3068\u3001\u5fdc\u7b54\u30d1\u30b1\u30c3\u30c8\u304c\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u30a2\u30af\u30bb\u30b9\u5143\u7aef\u672b\u306b\u623b\u3063\u3066\u304a\u3089\u305a\u3001\u3055 &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/chidipy.jpn.com\/topics\/?p=34\" class=\"more-link\"><span class=\"screen-reader-text\">&#8220;IPVS-NAT\u3067\u30ea\u30a2\u30eb\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u5fdc\u7b54\u304c\u306a\u3044\u4e8b\u8c61\u306e\u89e3\u6c7a\u65b9\u6cd5&#8221; \u306e<\/span>\u7d9a\u304d\u3092\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[16,2,8],"tags":[38],"_links":{"self":[{"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=\/wp\/v2\/posts\/34"}],"collection":[{"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=34"}],"version-history":[{"count":0,"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=\/wp\/v2\/posts\/34\/revisions"}],"wp:attachment":[{"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=34"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=34"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/chidipy.jpn.com\/topics\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=34"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}