作者: plc1222 時間: 2017-10-21 10:14 標題: Raspberry Pi + Shadowsocks 問題
已經set完(上網炒人)
但如果唔想俾 Shadowsocks user access 到local ip devices
要點做
iptables -L 係空白
作者: plc1222 時間: 2017-10-23 09:15
係咪應該搬去LINUX版
作者: D@niel 時間: 2017-10-23 09:28
用ufw 簡單d,然後set allow 8388,睇你需要通常incoming 的default policy set deny, outgoing 的就allow
作者: plc1222 時間: 2017-10-23 09:41
用ufw 簡單d,然後set allow 8388,睇你需要通常incoming 的default policy set deny, outgoing 的就allow ...
D@niel 發表於 2017-10-23 09:28
如果唔想Shadowsocks user 去local ip可以點set? local ip 係192.168.2.X
作者: D@niel 時間: 2017-10-23 10:20
回覆 4# plc1222
吾明白!
作者: plc1222 時間: 2017-10-23 10:39
回覆 plc1222
吾明白!
D@niel 發表於 2017-10-23 10:20
Raspberry Pi + Shadowsocks 宜家SET好左係我屋企
我主要俾親戚朋友用
但我試左Shadowsocks 可以去/PING到我屋企內部既NAS
有無得 DENY左Shadowsocks 呢部SERVER 去到我屋企內部其他IP
作者: alanh999 時間: 2017-10-23 11:46
Raspberry Pi + Shadowsocks 宜家SET好左係我屋企
我主要俾親戚朋友用
但我試左Shadowsocks 可以 ...
plc1222 發表於 23/10/2017 10:39
You have to set rules in your firewall to isolate the Raspberry PI.
作者: plc1222 時間: 2017-10-23 11:55
You have to set rules in your firewall to isolate the Raspberry PI.
alanh999 發表於 2017-10-23 11:46
firewall 會處理內部PACKET?
作者: alanh999 時間: 2017-10-23 11:59
firewall 會處理內部PACKET?
plc1222 發表於 23/10/2017 11:55
Does your PI device have IP address in a subnet which is different from your LAN subnet and it's your router which handles routing of traffics between these 2 subnets? If yes then you can block traffics between these 2 subnets and mission achieved.
If your PI is in your LAN subnet then it's hard for you to achieve what you want to do......
作者: plc1222 時間: 2017-10-23 12:14
Does your PI device have IP address in a subnet which is different from your LAN subnet and i ...
alanh999 發表於 2017-10-23 11:59
同一SUBSET啊
屋企NETWORK好簡單
作者: cpchen 時間: 2017-10-23 12:20
VLAN 左去。一个内部。一个比出面人。
作者: Dundee 時間: 2017-10-23 15:48
Sample Code:
- sudo ssserver -c /root/Shadowsocks/shadowsocks.json --forbidden-ip 192.168.0.0/16 -d start