ระบบแยกเน็ต+เกม 2, 3, 4, 5, ...สาย + แจก Basic-Code
วันนี้ขออนุญาต มาใช้บอร์ดที่เว็บไซต์ http://i-gatez.ath.cx
เพื่อ นำเสนอ iptables โค๊ด สำหรับสร้างกฎใน firewall เพื่อแยกเกมส์+เน็ต แบบเด็ดขาด (ทดสอบแล้วในร้านของผม จำนวน 80 เครื่อง เน็ต 3 เส้น) ด้วย ClarkConnect 4.2 Enterprise
จุดประสงค์ :
- เพื่อแบ่งปันโค๊ดดีๆ สร้างเสริมนิสัยการ Open Source ให้กับประชาชนคนไทย มิใช่หวังเอาแต่ได้ เอาผลกำไรอย่างเดียว
- เพื่อให้ร้านเน็ตที่มีทุนน้อย สามารถทำระบบเน็ตสองสายแบบประหยัดได้ด้วยตัวเอง (เบื้องต้น)
2+1 WANs
=========
โค๊ดอยู่ตรงนี้
3+1 WANs
=========
โค๊ดอยู่ตรงนี้
โค๊ดอยู่ตรงนี้
หาก มีผลบุญกุศลใดๆ อันเกิดจากการแบ่งปันโค๊ดและให้ความรู้ของข้าพเจ้าตั้งแต่ในอดีตจนถึง ปัจจุบัน ขอให้ผลบุญนั้นจงตกอยู่แก่ตัวข้าพเจ้าทั้งหมด เพื่อความสุข ความเจริญ
ไร้โรคาพยาธิ หมดทุกข์ หมดโศก หมดโรค หมดภัย ของตัวข้าพเจ้า, ของบิดามารดาของข้าพเจ้า, ของคนรักของข้าพเจ้า, ของครอบครัวของข้าพเจ้า,
ของญาติสนิทมิตรสหายของข้าพเจ้า ตลอดจนคู่กรรมคู่เวรทั้งหลายของข้าพเจ้าด้วย ขอให้ท่านทั้งหลายที่ข้าพเจ้าได้เอ่ยถึงมาทั้งหมดนี้
จงได้รับส่วนบุญส่วนกุศลที่ข้าพเจ้าได้อุทิศให้นี้ด้วยเทอญ สาธุ
เพื่อ นำเสนอ iptables โค๊ด สำหรับสร้างกฎใน firewall เพื่อแยกเกมส์+เน็ต แบบเด็ดขาด (ทดสอบแล้วในร้านของผม จำนวน 80 เครื่อง เน็ต 3 เส้น) ด้วย ClarkConnect 4.2 Enterprise
จุดประสงค์ :
- เพื่อแบ่งปันโค๊ดดีๆ สร้างเสริมนิสัยการ Open Source ให้กับประชาชนคนไทย มิใช่หวังเอาแต่ได้ เอาผลกำไรอย่างเดียว
- เพื่อให้ร้านเน็ตที่มีทุนน้อย สามารถทำระบบเน็ตสองสายแบบประหยัดได้ด้วยตัวเอง (เบื้องต้น)
2+1 WANs
=========
อ้างถึง
[ Net ]-----------------
|-------------[linux Server]---------. . .
[Games]----------------
- แบบนี้แยกเน็ต แยกเกมส์ อยู่คนละเส้น|-------------[linux Server]---------. . .
[Games]----------------
โค๊ดอยู่ตรงนี้
อ้างถึง
# ----- 2 WANs
# ----- change to you local IP
My_Local_Net="192.168.0.0/16"
# ----- Flush
iptables -t mangle -F
modprobe ip_nat_ftp
modprobe ip_tables
modprobe iptable_nat
modprobe ipt_conntrack
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_irc
modprobe ip_nat_snmp_basic
# ----- set default policies
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# ----- set default policies
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
# ----- set default policies
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
# ----- IP sharing
# iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE > /dev/null
iptables -t nat -D POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE > /dev/null
# iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
iptables -t nat -A POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE
# ----- Squid
if [ -f /var/run/squid.pid ]; then
iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 > /dev/null
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
fi
# ----- Frox
if [ -f /var/run/frox.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121
fi
# ----- Msn Yahoo Icq Irc
if [ -f /var/run/imspector.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667
fi
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - START - multi wan 2 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Note
# ppp0 = 0x8000 / ppp1 = 0x8001
# ----- Create our own CHAINS
# ----- Create CHECK_SERVICE_PORTS
iptables -t mangle -F CHECK_SERVICE_PORTS
iptables -t mangle -N CHECK_SERVICE_PORTS
iptables -t mangle -A CHECK_SERVICE_PORTS -p tcp -m multiport --dports 20:25,80,443,554,1863,2121,5050,5190,3128,3130,8080,16667 -j ACCEPT
# ----- Create CHECK_GAMES
iptables -t mangle -F CHECK_GAMES
iptables -t mangle -N CHECK_GAMES
# Asiasoft
iptables -t mangle -A CHECK_GAMES -d 203.144.0.0/16 -j MARK --set-mark 0x8000
#
iptables -t mangle -A CHECK_GAMES -d 203.146.0.0/16 -j MARK --set-mark 0x8000
# SF,LN2, Asiasoft International
iptables -t mangle -A CHECK_GAMES -d 61.90.0.0/16 -j MARK --set-mark 0x8000
# ProjectOne, DOMO
iptables -t mangle -A CHECK_GAMES -d 61.19.0.0/16 -j MARK --set-mark 0x8000
# Seal, HY, 3Kingdoms, 16
iptables -t mangle -A CHECK_GAMES -d 61.47.0.0/16 -j MARK --set-mark 0x8000
# PFW, Eco
iptables -t mangle -A CHECK_GAMES -d 61.91.0.0/16 -j MARK --set-mark 0x8000
# HipStreet
iptables -t mangle -A CHECK_GAMES -d 58.97.0.0/16 -j MARK --set-mark 0x8000
# Pangya, Rebirth, Pucca, Flyff
iptables -t mangle -A CHECK_GAMES -d 58.64.0.0/16 -j MARK --set-mark 0x8000
# DotA, Getamped
iptables -t mangle -A CHECK_GAMES -d 210.86.0.0/16 -j MARK --set-mark 0x8000
# LunaOnline, pko, water, SDO, Secret, RYL, cso
iptables -t mangle -A CHECK_GAMES -d 202.43.0.0/16 -j MARK --set-mark 0x8000
# RAN
iptables -t mangle -A CHECK_GAMES -d 203.142.0.0/16 -j MARK --set-mark 0x8000
# TalesRunner
iptables -t mangle -A CHECK_GAMES -d 203.113.0.0/16 -j MARK --set-mark 0x8000
# ----- START rule adding
# Firstly, set mark for packet to go to NET
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j MARK --set-mark 0x8001
# Service Ports
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
# Games
# PREROUTING
iptables -t mangle -A PREROUTING -s $My_Local_Net -j CHECK_GAMES
# FORWARD
iptables -t mangle -A FORWARD -s $My_Local_Net -j CHECK_GAMES
# DotA (no need cache)
# Create DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
# Join DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
# No match, use Load Balance
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j ACCEPT
# ----- END rule adding
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - END - multi wan 2 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Load Balance
ppp1_addr=`ip route | grep ppp1 | head -1 | cut -f 1 -d " "`
ip route change default table 250 proto static nexthop via $ppp1_addr dev ppp1 weight 200
# ----- change to you local IP
My_Local_Net="192.168.0.0/16"
# ----- Flush
iptables -t mangle -F
modprobe ip_nat_ftp
modprobe ip_tables
modprobe iptable_nat
modprobe ipt_conntrack
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_irc
modprobe ip_nat_snmp_basic
# ----- set default policies
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# ----- set default policies
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
# ----- set default policies
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
# ----- IP sharing
# iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE > /dev/null
iptables -t nat -D POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE > /dev/null
# iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
iptables -t nat -A POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE
# ----- Squid
if [ -f /var/run/squid.pid ]; then
iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 > /dev/null
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
fi
# ----- Frox
if [ -f /var/run/frox.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121
fi
# ----- Msn Yahoo Icq Irc
if [ -f /var/run/imspector.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667
fi
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - START - multi wan 2 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Note
# ppp0 = 0x8000 / ppp1 = 0x8001
# ----- Create our own CHAINS
# ----- Create CHECK_SERVICE_PORTS
iptables -t mangle -F CHECK_SERVICE_PORTS
iptables -t mangle -N CHECK_SERVICE_PORTS
iptables -t mangle -A CHECK_SERVICE_PORTS -p tcp -m multiport --dports 20:25,80,443,554,1863,2121,5050,5190,3128,3130,8080,16667 -j ACCEPT
# ----- Create CHECK_GAMES
iptables -t mangle -F CHECK_GAMES
iptables -t mangle -N CHECK_GAMES
# Asiasoft
iptables -t mangle -A CHECK_GAMES -d 203.144.0.0/16 -j MARK --set-mark 0x8000
#
iptables -t mangle -A CHECK_GAMES -d 203.146.0.0/16 -j MARK --set-mark 0x8000
# SF,LN2, Asiasoft International
iptables -t mangle -A CHECK_GAMES -d 61.90.0.0/16 -j MARK --set-mark 0x8000
# ProjectOne, DOMO
iptables -t mangle -A CHECK_GAMES -d 61.19.0.0/16 -j MARK --set-mark 0x8000
# Seal, HY, 3Kingdoms, 16
iptables -t mangle -A CHECK_GAMES -d 61.47.0.0/16 -j MARK --set-mark 0x8000
# PFW, Eco
iptables -t mangle -A CHECK_GAMES -d 61.91.0.0/16 -j MARK --set-mark 0x8000
# HipStreet
iptables -t mangle -A CHECK_GAMES -d 58.97.0.0/16 -j MARK --set-mark 0x8000
# Pangya, Rebirth, Pucca, Flyff
iptables -t mangle -A CHECK_GAMES -d 58.64.0.0/16 -j MARK --set-mark 0x8000
# DotA, Getamped
iptables -t mangle -A CHECK_GAMES -d 210.86.0.0/16 -j MARK --set-mark 0x8000
# LunaOnline, pko, water, SDO, Secret, RYL, cso
iptables -t mangle -A CHECK_GAMES -d 202.43.0.0/16 -j MARK --set-mark 0x8000
# RAN
iptables -t mangle -A CHECK_GAMES -d 203.142.0.0/16 -j MARK --set-mark 0x8000
# TalesRunner
iptables -t mangle -A CHECK_GAMES -d 203.113.0.0/16 -j MARK --set-mark 0x8000
# ----- START rule adding
# Firstly, set mark for packet to go to NET
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j MARK --set-mark 0x8001
# Service Ports
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
# Games
# PREROUTING
iptables -t mangle -A PREROUTING -s $My_Local_Net -j CHECK_GAMES
# FORWARD
iptables -t mangle -A FORWARD -s $My_Local_Net -j CHECK_GAMES
# DotA (no need cache)
# Create DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
# Join DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
# No match, use Load Balance
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j ACCEPT
# ----- END rule adding
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - END - multi wan 2 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Load Balance
ppp1_addr=`ip route | grep ppp1 | head -1 | cut -f 1 -d " "`
ip route change default table 250 proto static nexthop via $ppp1_addr dev ppp1 weight 200
3+1 WANs
=========
อ้างถึง
[Games]---------------
|
[ Net ]------------------------------[linux Server]---------. . .
|
[ Net ]-----------------
- แบบนี้ แยกเกมส์ทั้งหมดไปอยู่เส้นนึง อีกสองเส้นทำ load balance สำหรับเน็ต|
[ Net ]------------------------------[linux Server]---------. . .
|
[ Net ]-----------------
โค๊ดอยู่ตรงนี้
อ้างถึง
# ----- 3 WANs with Load-Balance
# ----- change to you local IP
My_Local_Net="192.168.0.0/16"
# ----- Flush
iptables -t mangle -F
modprobe ip_nat_ftp
modprobe ip_tables
modprobe iptable_nat
modprobe ipt_conntrack
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_irc
modprobe ip_nat_snmp_basic
# ----- set default policies
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# ----- set default policies
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
# ----- set default policies
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
# ----- IP sharing
# iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE > /dev/null
iptables -t nat -D POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE > /dev/null
# iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
iptables -t nat -A POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE
# ----- Squid
if [ -f /var/run/squid.pid ]; then
iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 > /dev/null
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
fi
# ----- Frox
if [ -f /var/run/frox.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121
fi
# ----- Msn Yahoo Icq Irc
if [ -f /var/run/imspector.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667
fi
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - START - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Note
# ppp0 = 0x8000 / ppp1 = 0x8001/ ppp2 = 0x8002
# ----- Create our own CHAINS
# ----- Create CHECK_SERVICE_PORTS
iptables -t mangle -F CHECK_SERVICE_PORTS
iptables -t mangle -N CHECK_SERVICE_PORTS
iptables -t mangle -A CHECK_SERVICE_PORTS -p tcp -m multiport --dports 20:25,80,443,554,1863,2121,5050,5190,3128,3130,8080,16667 -j ACCEPT
# ----- Create CHECK_GAMES
iptables -t mangle -F CHECK_GAMES
iptables -t mangle -N CHECK_GAMES
# Asiasoft
iptables -t mangle -A CHECK_GAMES -d 203.144.0.0/16 -j MARK --set-mark 0x8000
#
iptables -t mangle -A CHECK_GAMES -d 203.146.0.0/16 -j MARK --set-mark 0x8000
# SF,LN2, Asiasoft International
iptables -t mangle -A CHECK_GAMES -d 61.90.0.0/16 -j MARK --set-mark 0x8000
# ProjectOne, DOMO
iptables -t mangle -A CHECK_GAMES -d 61.19.0.0/16 -j MARK --set-mark 0x8000
# Seal, HY, 3Kingdoms, 16
iptables -t mangle -A CHECK_GAMES -d 61.47.0.0/16 -j MARK --set-mark 0x8000
# PFW, Eco
iptables -t mangle -A CHECK_GAMES -d 61.91.0.0/16 -j MARK --set-mark 0x8000
# HipStreet
iptables -t mangle -A CHECK_GAMES -d 58.97.0.0/16 -j MARK --set-mark 0x8000
# Pangya, Rebirth, Pucca, Flyff
iptables -t mangle -A CHECK_GAMES -d 58.64.0.0/16 -j MARK --set-mark 0x8000
# DotA, Getamped
iptables -t mangle -A CHECK_GAMES -d 210.86.0.0/16 -j MARK --set-mark 0x8000
# LunaOnline, pko, water, SDO, Secret, RYL, cso
iptables -t mangle -A CHECK_GAMES -d 202.43.0.0/16 -j MARK --set-mark 0x8000
# RAN
iptables -t mangle -A CHECK_GAMES -d 203.142.0.0/16 -j MARK --set-mark 0x8000
# TalesRunner
iptables -t mangle -A CHECK_GAMES -d 203.113.0.0/16 -j MARK --set-mark 0x8000
# ----- START rule adding
# Service Ports
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
# Games
# PREROUTING
iptables -t mangle -A PREROUTING -s $My_Local_Net -j CHECK_GAMES
# FORWARD
iptables -t mangle -A FORWARD -s $My_Local_Net -j CHECK_GAMES
# DotA (no need cache)
# Create DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
# Join DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
# No match, use Load Balance
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j ACCEPT
# ----- END rule adding
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - END - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Load Balance
ppp1_addr=`ip route | grep ppp1 | head -1 | cut -f 1 -d " "`
ppp2_addr=`ip route | grep ppp2 | head -1 | cut -f 1 -d " "`
ip route change default table 250 proto static nexthop via $ppp1_addr dev ppp1 weight 1 nexthop via $ppp2_addr dev ppp2 weight 1
# ----- change to you local IP
My_Local_Net="192.168.0.0/16"
# ----- Flush
iptables -t mangle -F
modprobe ip_nat_ftp
modprobe ip_tables
modprobe iptable_nat
modprobe ipt_conntrack
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_irc
modprobe ip_nat_snmp_basic
# ----- set default policies
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# ----- set default policies
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
# ----- set default policies
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
# ----- IP sharing
# iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE > /dev/null
iptables -t nat -D POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE > /dev/null
# iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
iptables -t nat -A POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE
# ----- Squid
if [ -f /var/run/squid.pid ]; then
iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 > /dev/null
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
fi
# ----- Frox
if [ -f /var/run/frox.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121
fi
# ----- Msn Yahoo Icq Irc
if [ -f /var/run/imspector.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667
fi
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - START - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Note
# ppp0 = 0x8000 / ppp1 = 0x8001/ ppp2 = 0x8002
# ----- Create our own CHAINS
# ----- Create CHECK_SERVICE_PORTS
iptables -t mangle -F CHECK_SERVICE_PORTS
iptables -t mangle -N CHECK_SERVICE_PORTS
iptables -t mangle -A CHECK_SERVICE_PORTS -p tcp -m multiport --dports 20:25,80,443,554,1863,2121,5050,5190,3128,3130,8080,16667 -j ACCEPT
# ----- Create CHECK_GAMES
iptables -t mangle -F CHECK_GAMES
iptables -t mangle -N CHECK_GAMES
# Asiasoft
iptables -t mangle -A CHECK_GAMES -d 203.144.0.0/16 -j MARK --set-mark 0x8000
#
iptables -t mangle -A CHECK_GAMES -d 203.146.0.0/16 -j MARK --set-mark 0x8000
# SF,LN2, Asiasoft International
iptables -t mangle -A CHECK_GAMES -d 61.90.0.0/16 -j MARK --set-mark 0x8000
# ProjectOne, DOMO
iptables -t mangle -A CHECK_GAMES -d 61.19.0.0/16 -j MARK --set-mark 0x8000
# Seal, HY, 3Kingdoms, 16
iptables -t mangle -A CHECK_GAMES -d 61.47.0.0/16 -j MARK --set-mark 0x8000
# PFW, Eco
iptables -t mangle -A CHECK_GAMES -d 61.91.0.0/16 -j MARK --set-mark 0x8000
# HipStreet
iptables -t mangle -A CHECK_GAMES -d 58.97.0.0/16 -j MARK --set-mark 0x8000
# Pangya, Rebirth, Pucca, Flyff
iptables -t mangle -A CHECK_GAMES -d 58.64.0.0/16 -j MARK --set-mark 0x8000
# DotA, Getamped
iptables -t mangle -A CHECK_GAMES -d 210.86.0.0/16 -j MARK --set-mark 0x8000
# LunaOnline, pko, water, SDO, Secret, RYL, cso
iptables -t mangle -A CHECK_GAMES -d 202.43.0.0/16 -j MARK --set-mark 0x8000
# RAN
iptables -t mangle -A CHECK_GAMES -d 203.142.0.0/16 -j MARK --set-mark 0x8000
# TalesRunner
iptables -t mangle -A CHECK_GAMES -d 203.113.0.0/16 -j MARK --set-mark 0x8000
# ----- START rule adding
# Service Ports
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
# Games
# PREROUTING
iptables -t mangle -A PREROUTING -s $My_Local_Net -j CHECK_GAMES
# FORWARD
iptables -t mangle -A FORWARD -s $My_Local_Net -j CHECK_GAMES
# DotA (no need cache)
# Create DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
# Join DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
# No match, use Load Balance
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j ACCEPT
# ----- END rule adding
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - END - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Load Balance
ppp1_addr=`ip route | grep ppp1 | head -1 | cut -f 1 -d " "`
ppp2_addr=`ip route | grep ppp2 | head -1 | cut -f 1 -d " "`
ip route change default table 250 proto static nexthop via $ppp1_addr dev ppp1 weight 1 nexthop via $ppp2_addr dev ppp2 weight 1
อ้างถึง
[Games AiaSoft]------
|
[Games Others]------------------[linux Server]---------. . .
|
[ Net ]-----------------
- แบบนี้ให้เกมส์ Asiasoft เส้นนึง, เกมส์ค่ายอื่นๆ เส้นนึง, แล้วก็เน็ตเส้นนึง|
[Games Others]------------------[linux Server]---------. . .
|
[ Net ]-----------------
โค๊ดอยู่ตรงนี้
อ้างถึง
# ----- 3 WANs
# ----- change to you local IP
My_Local_Net="192.168.0.0/16"
# ----- Flush
iptables -t mangle -F
modprobe ip_nat_ftp
modprobe ip_tables
modprobe iptable_nat
modprobe ipt_conntrack
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_irc
modprobe ip_nat_snmp_basic
# ----- set default policies
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# ----- set default policies
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
# ----- set default policies
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
# ----- IP sharing
# iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE > /dev/null
iptables -t nat -D POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE > /dev/null
# iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
iptables -t nat -A POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE
# ----- Squid
if [ -f /var/run/squid.pid ]; then
iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 > /dev/null
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
fi
# ----- Frox
if [ -f /var/run/frox.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121
fi
# ----- Msn Yahoo Icq Irc
if [ -f /var/run/imspector.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667
fi
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - START - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Note
# ppp0 = 0x8000 / ppp1 = 0x8001/ ppp2 = 0x8002
# ----- Create our own CHAINS
# ----- Create CHECK_SERVICE_PORTS
iptables -t mangle -F CHECK_SERVICE_PORTS
iptables -t mangle -N CHECK_SERVICE_PORTS
iptables -t mangle -A CHECK_SERVICE_PORTS -p tcp -m multiport --dports 20:25,80,443,554,1863,2121,5050,5190,3128,3130,8080,16667 -j ACCEPT
# ----- Create CHECK_GAMES
iptables -t mangle -F CHECK_GAMES
iptables -t mangle -N CHECK_GAMES
# Asiasoft
iptables -t mangle -A CHECK_GAMES -d 203.144.0.0/16 -j MARK --set-mark 0x8000
#
iptables -t mangle -A CHECK_GAMES -d 203.146.0.0/16 -j MARK --set-mark 0x8000
# SF,LN2, Asiasoft International
iptables -t mangle -A CHECK_GAMES -d 61.90.0.0/16 -j MARK --set-mark 0x8000
# ProjectOne, DOMO
iptables -t mangle -A CHECK_GAMES -d 61.19.0.0/16 -j MARK --set-mark 0x8001
# Seal, HY, 3Kingdoms, 16
iptables -t mangle -A CHECK_GAMES -d 61.47.0.0/16 -j MARK --set-mark 0x8000
# PFW, Eco
iptables -t mangle -A CHECK_GAMES -d 61.91.0.0/16 -j MARK --set-mark 0x8001
# HipStreet
iptables -t mangle -A CHECK_GAMES -d 58.97.0.0/16 -j MARK --set-mark 0x8001
# Pangya, Rebirth, Pucca, Flyff
iptables -t mangle -A CHECK_GAMES -d 58.64.0.0/16 -j MARK --set-mark 0x8001
# DotA, Getamped
iptables -t mangle -A CHECK_GAMES -d 210.86.0.0/16 -j MARK --set-mark 0x8000
# LunaOnline, pko, water, SDO, Secret, RYL, cso
iptables -t mangle -A CHECK_GAMES -d 202.43.0.0/16 -j MARK --set-mark 0x8001
# RAN
iptables -t mangle -A CHECK_GAMES -d 203.142.0.0/16 -j MARK --set-mark 0x8001
# TalesRunner
iptables -t mangle -A CHECK_GAMES -d 203.113.0.0/16 -j MARK --set-mark 0x8001
# ----- START rule adding
# Firstly, set mark for packet to go to NET
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j MARK --set-mark 0x8002
# Service Ports
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
# Games
# PREROUTING
iptables -t mangle -A PREROUTING -s $My_Local_Net -j CHECK_GAMES
# FORWARD
iptables -t mangle -A FORWARD -s $My_Local_Net -j CHECK_GAMES
# DotA (no need cache)
# Create DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
# Join DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
# No match, use Load Balance
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j ACCEPT
# ----- END rule adding
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - END - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Load Balance
ppp2_addr=`ip route | grep ppp2 | head -1 | cut -f 1 -d " "`
ip route change default table 250 proto static nexthop via $ppp2_addr dev ppp1 weight 200
# ----- change to you local IP
My_Local_Net="192.168.0.0/16"
# ----- Flush
iptables -t mangle -F
modprobe ip_nat_ftp
modprobe ip_tables
modprobe iptable_nat
modprobe ipt_conntrack
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_irc
modprobe ip_nat_snmp_basic
# ----- set default policies
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# ----- set default policies
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
# ----- set default policies
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
# ----- IP sharing
# iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE > /dev/null
iptables -t nat -D POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE > /dev/null
# iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
iptables -t nat -A POSTROUTING -s $My_Local_Net -o ppp+ -j MASQUERADE
# ----- Squid
if [ -f /var/run/squid.pid ]; then
iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 > /dev/null
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
fi
# ----- Frox
if [ -f /var/run/frox.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dport 21,5977,10100 -j REDIRECT --to-port 2121
fi
# ----- Msn Yahoo Icq Irc
if [ -f /var/run/imspector.pid ]; then
iptables -t nat -D PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667 > /dev/null
iptables -t nat -A PREROUTING -p tcp -m multiport --dports 1863,6667,5050,5190 -j REDIRECT --to-port 16667
fi
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - START - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Note
# ppp0 = 0x8000 / ppp1 = 0x8001/ ppp2 = 0x8002
# ----- Create our own CHAINS
# ----- Create CHECK_SERVICE_PORTS
iptables -t mangle -F CHECK_SERVICE_PORTS
iptables -t mangle -N CHECK_SERVICE_PORTS
iptables -t mangle -A CHECK_SERVICE_PORTS -p tcp -m multiport --dports 20:25,80,443,554,1863,2121,5050,5190,3128,3130,8080,16667 -j ACCEPT
# ----- Create CHECK_GAMES
iptables -t mangle -F CHECK_GAMES
iptables -t mangle -N CHECK_GAMES
# Asiasoft
iptables -t mangle -A CHECK_GAMES -d 203.144.0.0/16 -j MARK --set-mark 0x8000
#
iptables -t mangle -A CHECK_GAMES -d 203.146.0.0/16 -j MARK --set-mark 0x8000
# SF,LN2, Asiasoft International
iptables -t mangle -A CHECK_GAMES -d 61.90.0.0/16 -j MARK --set-mark 0x8000
# ProjectOne, DOMO
iptables -t mangle -A CHECK_GAMES -d 61.19.0.0/16 -j MARK --set-mark 0x8001
# Seal, HY, 3Kingdoms, 16
iptables -t mangle -A CHECK_GAMES -d 61.47.0.0/16 -j MARK --set-mark 0x8000
# PFW, Eco
iptables -t mangle -A CHECK_GAMES -d 61.91.0.0/16 -j MARK --set-mark 0x8001
# HipStreet
iptables -t mangle -A CHECK_GAMES -d 58.97.0.0/16 -j MARK --set-mark 0x8001
# Pangya, Rebirth, Pucca, Flyff
iptables -t mangle -A CHECK_GAMES -d 58.64.0.0/16 -j MARK --set-mark 0x8001
# DotA, Getamped
iptables -t mangle -A CHECK_GAMES -d 210.86.0.0/16 -j MARK --set-mark 0x8000
# LunaOnline, pko, water, SDO, Secret, RYL, cso
iptables -t mangle -A CHECK_GAMES -d 202.43.0.0/16 -j MARK --set-mark 0x8001
# RAN
iptables -t mangle -A CHECK_GAMES -d 203.142.0.0/16 -j MARK --set-mark 0x8001
# TalesRunner
iptables -t mangle -A CHECK_GAMES -d 203.113.0.0/16 -j MARK --set-mark 0x8001
# ----- START rule adding
# Firstly, set mark for packet to go to NET
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j MARK --set-mark 0x8002
# Service Ports
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -j CHECK_SERVICE_PORTS
# Games
# PREROUTING
iptables -t mangle -A PREROUTING -s $My_Local_Net -j CHECK_GAMES
# FORWARD
iptables -t mangle -A FORWARD -s $My_Local_Net -j CHECK_GAMES
# DotA (no need cache)
# Create DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --sports 7001:7200 -j MARK --set-mark 0x8000
# Join DotA
iptables -t mangle -A PREROUTING -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A OUTPUT -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
iptables -t mangle -A FORWARD -s $My_Local_Net -d ! $My_Local_Net -p tcp -m multiport --dports 6000:7500 -j MARK --set-mark 0x8000
# No match, use Load Balance
iptables -t mangle -A PREROUTING -d ! $My_Local_Net -j ACCEPT
# ----- END rule adding
# ----- ----- ----- ----- ----- ----- ----- ----- #
# - END - multi wan 3 Line
# ----- ----- ----- ----- ----- ----- ----- ----- #
# ----- Load Balance
ppp2_addr=`ip route | grep ppp2 | head -1 | cut -f 1 -d " "`
ip route change default table 250 proto static nexthop via $ppp2_addr dev ppp1 weight 200
หาก มีผลบุญกุศลใดๆ อันเกิดจากการแบ่งปันโค๊ดและให้ความรู้ของข้าพเจ้าตั้งแต่ในอดีตจนถึง ปัจจุบัน ขอให้ผลบุญนั้นจงตกอยู่แก่ตัวข้าพเจ้าทั้งหมด เพื่อความสุข ความเจริญ
ไร้โรคาพยาธิ หมดทุกข์ หมดโศก หมดโรค หมดภัย ของตัวข้าพเจ้า, ของบิดามารดาของข้าพเจ้า, ของคนรักของข้าพเจ้า, ของครอบครัวของข้าพเจ้า,
ของญาติสนิทมิตรสหายของข้าพเจ้า ตลอดจนคู่กรรมคู่เวรทั้งหลายของข้าพเจ้าด้วย ขอให้ท่านทั้งหลายที่ข้าพเจ้าได้เอ่ยถึงมาทั้งหมดนี้
จงได้รับส่วนบุญส่วนกุศลที่ข้าพเจ้าได้อุทิศให้นี้ด้วยเทอญ สาธุ