0

我有麻烦。无法从 Windows 7 客户端访问我的以太网连接的 MFP,但通过 Ubuntu(和路由器/服务器)机器它可以访问它。

MFP = Epson Stylus Color 730

网络:

MFP (192.168.0.100) + win7clients (192.168.0.101-200) ---> Ubuntu 服务器/路由器 (192.168.0.1) ---> 互联网

MFP 从 DHCP 服务器获取正确的 IP 和设置。在 Windows 机器上禁用所有防火墙等等。

从 Ubuntu 我可以用 MFP 做我想做的事,但为什么我什至不能从 Windows ping 它?

谢谢

编辑:

/etc/sysctl.conf的内容:

#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables
# See sysctl.conf (5) for information.
#

#kernel.domainname = example.com

# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3

##############################################################3
# Functions previously found in netbase
#

# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1

# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6
#  Enabling this option disables Stateless Address Autoconfiguration
#  based on Router Advertisements for this host
#net.ipv6.conf.all.forwarding=1


###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#

编辑 2:经过一些修复 - 除了本地网络中的我之外,其他所有人都可以使用 MFP。所以,新的谜题:

我的本地网络: http: //prntscr.com/kvk5g

“Hakuhonoo”看不到 MFP,但其他的可以。

/etc/iptables.conf的内容:

# Generated by iptables-save v1.4.12 on Fri Nov  9 01:51:58 2012
*filter
:INPUT ACCEPT [23:1420]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [20:18904]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -d 224.0.0.0/4 -i eth0 -j ACCEPT
-A INPUT -s 224.0.0.0/4 -i eth0 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 80:85 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 1985 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 25565 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 60000:65000 -j ACCEPT
-A INPUT -i eth0 -j DROP
-A FORWARD -i eth0 -o br0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br0 -o eth0 -j ACCEPT
-A FORWARD -d 224.0.0.0/4 -j ACCEPT
-A FORWARD -s 224.0.0.0/4 -j ACCEPT
-A FORWARD -i eth0 -p tcp --dport 81:85 -j ACCEPT
-A FORWARD -i eth0 -j DROP
COMMIT
# Completed on Fri Nov  9 01:51:58 2012
# Generated by iptables-save v1.4.12 on Fri Nov  9 01:51:58 2012
*nat
:PREROUTING ACCEPT [377:31747]
:INPUT ACCEPT [39:3558]
:OUTPUT ACCEPT [11:872]
:POSTROUTING ACCEPT [7:570]
-A PREROUTING -i eth0 -p tcp --dport 81:85 -j DNAT --to 192.168.0.101
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Fri Nov  9 01:51:58 2012
# Generated by iptables-save v1.4.12 on Fri Nov  9 01:51:58 2012
*mangle
:PREROUTING ACCEPT [1425:140833]
:INPUT ACCEPT [762:69219]
:FORWARD ACCEPT [495:56655]
:OUTPUT ACCEPT [643:122295]
:POSTROUTING ACCEPT [1152:179096]
-A PREROUTING -d 224.0.0.0/4 -p udp -j TTL --ttl-inc 1
COMMIT
# Completed on Fri Nov  9 01:51:58 2012
4

1 回答 1

0

您是否将 Ubuntu 设置为转发数据包?
启用路由:(取自此处

  1. 通过启用 IP 转发配置网关以在两个接口之间进行路由:

    sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

  2. 编辑 /etc/sysctl.conf,并(最高 10.04)添加以下行:

    net.ipv4.conf.default.forwarding=1
    net.ipv4.conf.all.forwarding=1

  3. 从 10.10 开始,编辑 /etc/sysctl.conf 并取消注释就足够了:

    net.ipv4.ip_forward=1

于 2012-11-25T07:15:43.937 回答