Linux Release :
[root@cproute00 ~]# cat /etc/fedora-release
Fedora Core release 4 (Stentz)
Linux Version :
[root@cproute00 ~]# uname -a
Linux cproute00 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT 2005 i686 i686 i386 GNU/Linux
Saprouter :
[root@cproute00 saprouter]# ll saprouter
-rwxr-xr-x 1 root root 642191 Mar 1 01:28 saprouter
SAP Network Interface Router, Version 36.15
Compiled Sep 6 2004 23:31:02
[root@cproute00 saprouter]# more saprouter.sh
/opt/saprouter/saprouter -r -G saprouter.log -C 10 -E -W 10000
[root@cproute00 saprouter]# more saprouttab
P 202.165.xx.xx 10.1.xx.xx *
P 202.47.xx.xx 10.1.xx.xx *
exp:
P : Permit
202.165.xx.xx : Source IP Address
10.1.xx.x : Destination IP Address
* : Permit all services / port
./saprouter.sh &
More on saprouter command:
[poniran@cproute00 saprouter]$ saprouter
SAP Network Interface Router, Version 36.15
Compiled Sep 6 2004 23:31:02
start router : saprouter -r
stop router : saprouter -s
soft shutdown: saprouter -p
router info : saprouter -l (-L)
new routtab : saprouter -n
toggle trace : saprouter -t
cancel route : saprouter -c id
dump buffers : saprouter -d
flush " : saprouter -f
start router with third-party library: saprouter -a library
additional options
-R routtab : name of route-permission-file (default ./saprouttab)
-G logfile : name of log file (default no logging)
-T tracefile : name of trace file (default dev_rout)
-V tracelev : trace level to run with (default 1)
-H hostname : of running SAProuter (default localhost)
-S service : service-name / number (default 3299)
-P infopass : password for info requests
-C clients : maximum no of clients (default 801)
-Y servers : maximum no of servers to start (default 1)
-K [myname] : activate SNC; if given, use 'myname' as own sec-id
-A initstring: initialization options for third-party library
-D : switch DNS reverse lookup off
-E : append log- and trace-files to existing
expert options
-B quelength : max. no. of queued packets per client (default 1)
-Q queuesize : max. total size for all queues (default 20000000 bytes)
-W waittime : timeout for blocking net-calls (default 5000 millisec)
-M min.max : portrange for outgoing connects, like -M 1.1023
-U abs_path : absolute path for Unix Domain Sockets,
default is "/tmp/.sapstream%d"
# this is a sample routtab : -----------------------------------------
D host1 host2 serviceX
D host3
P * * serviceX
P 155.56.*.* 155.56
P 155.57.1011xxxx.*
P host4 host5 * xxx
P host6 localhost 3299
P host7 host8 telnet
S host9
P0,* host10
KP sncname1 * *
KS * host11 *
KD "sncname "abc" * *
KT sncname3 host11 *
# deny routes from host1 to host2 serviceX
# deny all routes from host3
# permit routes from anywhere to any host using serviceX
# permit all routes from/to addresses matching 155.56
# permit ... with 3rd byte matching 1011xxxx
# permit routes from host4 to host5 if password xxx supplied
# permit information requests from host6
# permit native-protocol-routes to non-SAP-server telnet
# permit ... excluding native-protocol-routes (SAP-servers only)
# permit ... if number of preceding/succeeding hops (SAProuters) <= 0/*
# permit SNC-connection with partnerid = 'sncname1' to any host
# permit all SAP-SAP SNC-connections to host11
# deny all SNC-connections with partnerid = 'sncname "abc'
# open connects to host11 with SNC enabled and partnerid = 'sncname3'
# first match [host/sncname host service] is used
# permission is denied if no entry matches
# service wildcard (*) does not apply to native-protocol-routes
# --------------------------------------------------------------------
LAN Information:
[root@cproute00 saprouter]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:BA:4F:95:5E
inet addr:202.165.xx.xx Bcast:202.165.xx.xx Mask:255.255.255.240
inet6 addr: fe80::250:baff:fe4f:955e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:184645 errors:0 dropped:0 overruns:0 frame:0
TX packets:24702 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:16153193 (15.4 MiB) TX bytes:18968865 (18.0 MiB)
Interrupt:10 Base address:0xdc00
eth1 Link encap:Ethernet HWaddr 00:55:D0:41:A4:1B
inet addr:10.1.xx.xx Bcast:10.1.255.255 Mask:255.255.0.0
inet6 addr: fe80::255:d0ff:fe41:a41b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1805350 errors:0 dropped:0 overruns:0 frame:0
TX packets:27730 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2081842500 (1.9 GiB) TX bytes:5600992 (5.3 MiB)
Interrupt:11 Base address:0xe000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:848 errors:0 dropped:0 overruns:0 frame:0
TX packets:848 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:71272 (69.6 KiB) TX bytes:71272 (69.6 KiB)
[root@cproute00 saprouter]# cat /etc/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/ip route add 10.101.0.0/16 via 10.1.0.12
/sbin/ip route add 10.108.4.0/22 via 10.1.0.12
/opt/saprouter/saprouter.sh
How To Use:
SAPRouter String : /H/219.83.xx.xx/S/3299/H/
Good Luck.
No comments:
Post a Comment