Raspberry Bridged Router

问题描述 投票:-2回答:1

我有一个带有Raspbian Buster(10)的raspberry pi 3 b +,我正在尝试构建一个路由器。我已经设置了正在运行的程序:

  • bind9用于本地DNS解析
  • 用于wifi热点的hostapd
  • bridge-utils桥接多个USB RJ45网络适配器
  • 用于DHCP的isc-dhcp服务器

[一切正常,除了https://www.blizzard.com/https://elinux.org/RPi_VerifiedPeripherals之类的某些站点在LAN计算机上不起作用,它在树莓派端确实起作用。挖掘输出:

dig https://elinux.org/RPi_VerifiedPeripherals

; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> https://elinux.org/RPi_VerifiedPeripherals
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37276
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 0d6425f2b8e87c5dc87196165dac4eca3c572ad51447b5b3 (good)
;; QUESTION SECTION:
;https://elinux.org/RPi_VerifiedPeripherals. IN A

;; AUTHORITY SECTION:
.                       10800   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019102000 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 193.231.252.1#53(193.231.252.1)
;; WHEN: Sun Oct 20 13:10:50 BST 2019
;; MSG SIZE  rcvd: 174

任何想法?

非常感谢您,祝您周末愉快!

PS:这是我的防火墙脚本

#!/bin/bash
echo "Setting sysctl ..."
/sbin/sysctl net.ipv4.ip_forward=1
/sbin/sysctl net.ipv6.conf.default.forwarding=1
/sbin/sysctl net.ipv6.conf.all.forwarding=1
/sbin/sysctl -p
echo "Cleanig ..."
#Flash IPTABLES
iptables -F 
iptables -t nat -F
iptables -t mangle -F
iptables -X
echo "Creating ..."
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i ppp0 -j ACCEPT
iptables -A INPUT -s 8x.1x.x.248 -j ACCEPT
iptables -A INPUT -s 8x.1x.x.0 -j ACCEPT
iptables -A INPUT -s 8x.1x.x.6 -j ACCEPT
iptables -A INPUT -s 8x.1x.x.21 -j ACCEPT
iptables -A INPUT -s 8x.1x.x.36 -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A FORWARD -p icmp --icmp-type echo-reply -j ACCEPT

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

iptables -A INPUT -m iprange --src-range 192.168.0.0-192.168.0.255 -j ACCEPT
iptables -A INPUT -m iprange --src-range 192.168.1.0-192.168.1.255 -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A OUTPUT -j ACCEPT
#iptables -A nat -j ACCEPT

iptables -A INPUT -j LOG --log-prefix "INPUT:DROP:" --log-level 4
iptables -A OUTPUT -j LOG --log-prefix "OUTPUT:DROP:" --log-level 4
iptables -A FORWARD -j LOG --log-prefix "FORWARD:DROP:" --log-level 4
iptables -A nat -j LOG --log-prefix "nat:DROP:" --log-level 4

iptables -A INPUT -j DROP
echo "Droping ...:"
#iptables -I INPUT -s 95.90.x.x -j DRO

echo "Sysctl rules:"
/sbin/sysctl -p
echo "Iptables rules:"
iptables -v -L -n
linux networking raspberry-pi3 router raspbian
1个回答
0
投票
dig elinux.org

尝试从PC和Pi运行它并提供输出另外,请从PC和Pi尝试以下命令:

ping elinux.org
traceroute elinux.org

它应该有助于确定问题的根源

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.