Den_LocalNet
-
Публикации
48 -
Зарегистрирован
-
Посещение
Сообщения, опубликованные пользователем Den_LocalNet
-
-
видел такое когда-то на радио линке
-
BlackDeath
Хотел Вам написать в приват, но почему-то мне запрещено это делать.
Поделитесь своим творением пожалуйста...
Если можно то на admin#lan.com.ua
Заранее спасибо.
-
две пары = 4 проводника
-
set limit states 900000000
set limit src-nodes 900000000
set limit frags 90000000
добавь это в pf.conf — у тебя не хватает памяти под таблицу состояний
не помогло
в консоль постоянно сыпет вот такое:
ipfw: pullup failed ipfw: pullup failed ipfw: ouch!, skip past end of rules, denying packet ipfw: ouch!, skip past end of rules, denying packet ipfw: ouch!, skip past end of rules, denying packet ipfw: ouch!, skip past end of rules, denying packet ipfw: ouch!, skip past end of rules, denying packet ipfw: ouch!, skip past end of rules, denying packet ipfw: ouch!, skip past end of rules, denying packet Limiting closed port RST response from 248 to 200 packets/sec
-
Это сейчас... но сейчас все бегает
No ALTQ support in kernel ALTQ related functions disabled Status: Enabled for 0 days 13:00:28 Debug: Urgent Hostid: 0x8f340628 State Table Total Rate current entries 3061 searches 1904252784 40664.8/s inserts 1064067 22.7/s removals 1061006 22.7/s Counters match 1784429577 38106.0/s bad-offset 0 0.0/s fragment 66 0.0/s short 6 0.0/s normalize 0 0.0/s memory 3845 0.1/s bad-timestamp 0 0.0/s congestion 0 0.0/s ip-option 6 0.0/s proto-cksum 0 0.0/s state-mismatch 61901 1.3/s state-insert 0 0.0/s state-limit 0 0.0/s src-limit 0 0.0/s synproxy 0 0.0/s
-
что-бы каждое новое правило обрабатывало как можно меньше.
простите, но я не понял. не хватает существительного. обрабатывало что?
-
Что-то у Вас мне непонятна ситуация с памятью.. Судя по конфигу, у вас 4Гб, а вот top показывает что-то странное..
Может быть у вас ядро не видит всю память? Подобная ситуация у меня была, пришлось пересобрать ядро.
P.S. Не уверен, что все вышенаписанное может иметь отношение к вашей проблеме, но все-таки... Непорядок'c, вроде как.. ;)
Да, действительно не видит. Но побороть это дело не смог. Гугл читал. Если вы знаете как решить эту проблему - помогите.
-
Опубликовано · Изменено пользователем Den_LocalNet · Жалоба на ответ
и вот само сабой все кончилось
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
Ответ от 10.10.10.1: число байт=32 время<1мс TTL=64
В течении месяца менялось только добавленные пайпы для новых абонентов. Все копи-паст.Дело все в том что неделю назад все было отлично.
Неделю назад у Вас была другая конфигурация ipfw и профиль нагрузки на него...
Вообще - все это прекрасная иллюстрация, как не надо строить роутеры.
Пожалуйста укажите мне на мои ошибки.
-
вот что выходит. гугл внятного ничего не сказал
rm -f .newdep
/usr/obj/usr/src/make.i386/make -V CFILES -V SYSTEM_CFILES -V GEN_CFILES | MKDEP_CPP="cc -E" CC="cc" xargs mkdep -a -f .newdep -O -pipe -march=prescott -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -std=c99 -g -nostdinc -I- -I. -I/usr/src/sys -I/usr/src/sys/contrib/altq -I/usr/src/sys/contrib/ipfilter -I/usr/src/sys/contrib/pf -I/usr/src/sys/dev/ath -I/usr/src/sys/contrib/ngatm -I/usr/src/sys/dev/twa -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mno-align-long-strings -mpreferred-stack-boundary=2 -mno-mmx -mno-3dnow -mno-sse -mno-sse2 -ffreestanding
/usr/src/sys/dev/em/if_em.c:82:23: e1000_api.h: No such file or directory
/usr/src/sys/dev/em/if_em.c:83:25: e1000_82575.h: No such file or directory
/usr/src/sys/dev/em/if_em.c:84:19: if_em.h: No such file or directory
mkdep: compile failed
*** Error code 1
Stop in /usr/obj/usr/src/sys/MY2.
*** Error code 1
Stop in /usr/src.
*** Error code 1
Stop in /usr/src.
хотя файлики что он не видит лежат рядом
-
Опубликовано · Изменено пользователем Den_LocalNet · Жалоба на ответ
Там еще и nat небось в pf'е на все эти 100 мегабит ?да, только не на 100.... до 50 в нате
Дело все в том что неделю назад все было отлично.
Дрова от яндекса - те которые они используют в своих боевых серверахhttp://people.yandex-team.ru/~wawa/
полное описание в README.Yandex
достаточно их скинуть в /usr/src/sys/dev/em и пересобрать все в куче?
-
Опубликовано · Изменено пользователем Den_LocalNet · Жалоба на ответ
попробуюобновиться до 6-STABLE
как это юзать? просто стартануть с дискеты/диска и подсунуть?наложить на сетевухи(если 73ие) патч из под доса, а то timeout будут вылезать
поллинг пробовал - больше 100 мбит не прокачиваетпопробовать DEVICE_POLLINGпопробовать дрова от Яндекса на сетевухи без поллинга
"дрова от Яндекса" это как?
Спасибо за помощь
Вы так высоко что я вас почти не вижу. Пожалуйста помогите мне решить этот вопрос.Они через последнее правило ipfw траффик гоняют... тут только цианиды в больших дозах помогут...:-)
-
Конфиг фаерволла и конец dmesg покажиipfw: ouch!, skip past end of rules, denying packet
ipfw: ouch!, skip past end of rules, denying packet
ipfw: ouch!, skip past end of rules, denying packet
ipfw: ouch!, skip past end of rules, denying packet
ipfw: ouch!, skip past end of rules, denying packet
фаервол
00002 count ip from any to any out via vlan193
00003 count ip from any to any in via vlan193
00004 count ip from any to any out via vlan191
00005 count ip from any to any in via vlan191
00006 count ip from any to any out via vlan200
00007 count ip from any to any in via vlan200
00008 count ip from any to ***.**.*6.90,***.**.*6.216/29,***.**.*6.224/28
00009 count ip from ***.**.*6.90,***.**.*6.216/29,***.**.*6.224/28 to any
00010 count ip from any to ***.**.*6.83,***.*.**.192/27,***.*.**.224/28
00011 count ip from ***.**.*6.83,***.*.**.192/27,***.*.**.224/28 to any
00012 count ip from any to ***.*.**.30
00013 count ip from ***.*.**.30 to any
00014 count ip from any to ***.*.**.2
00015 count ip from ***.*.**.2 to any
00016 count ip from any to ***.*.**.14
00017 count ip from ***.*.**.14 to any
00049 allow ip from 10.0.0.0/8 to ***.**.*4.0/22
00049 allow ip from ***.**.*4.0/22 to 10.0.0.0/8
00049 allow ip from ***.**.*4.0/22 to ***.*.**.0/24
00049 allow ip from ***.*.**.0/24 to ***.**.*4.0/22
00050 allow ip from any to me
00050 allow ip from me to any
00051 pipe 2323 ip from any to any in via vlan200
00051 pipe 2424 ip from any to any out via vlan200
00101 allow ip from me to any
00101 allow ip from any to me
00110 allow ip from any to me
00110 allow ip from me to any
00118 allow ip from any to 192.168.0.0/16
00118 allow ip from 192.168.0.0/16 to any
00123 allow ip from any to ***.**.*6.103
00123 allow ip from ***.**.*6.103 to any
00150 allow ip from 192.168.0.0/16 to 192.168.0.0/16
00503 pipe 32 ip from any to 10.10.3.4 in via vlan191
00503 pipe 33 ip from 10.10.3.4 to not table(2)
00504 pipe 1550 ip from any to 10.10.11.8 in via vlan191
00504 pipe 1551 ip from 10.10.11.8 to not table(2)
00504 pipe 1550 ip from any to 10.10.1.37 in via vlan191
00504 pipe 1551 ip from 10.10.1.37 to not table(2)
00504 pipe 64 ip from any to 10.10.11.16 in via vlan191
00504 pipe 65 ip from 10.10.11.16 to not table(2)
00504 pipe 75 ip from any to 10.10.30.2 in via vlan191
00504 pipe 76 ip from 10.10.30.2 to not table(2)
00504 pipe 75 ip from any to 10.10.39.7 in via vlan191
00504 pipe 76 ip from 10.10.39.7 to not table(2)
00504 pipe 100 ip from any to 10.10.1.49 in via vlan191
00504 pipe 101 ip from 10.10.1.49 to not table(2)
00504 pipe 100 ip from any to 10.10.9.23 in via vlan191
00504 pipe 101 ip from 10.10.9.23 to not table(2)
00504 pipe 100 ip from any to 10.10.9.27 in via vlan191
00504 pipe 101 ip from 10.10.9.27 to not table(2)
00504 pipe 100 ip from any to 10.10.11.10 in via vlan191
00504 pipe 101 ip from 10.10.11.10 to not table(2)
00504 pipe 100 ip from any to 10.10.11.20 in via vlan191
00504 pipe 101 ip from 10.10.11.20 to not table(2)
00504 pipe 100 ip from any to 10.10.11.21 in via vlan191
00504 pipe 101 ip from 10.10.11.21 to not table(2)
00504 pipe 100 ip from any to 10.10.11.24 in via vlan191
00504 pipe 101 ip from 10.10.11.24 to not table(2)
00504 pipe 100 ip from any to 10.10.11.25 in via vlan191
00504 pipe 101 ip from 10.10.11.25 to not table(2)
00504 pipe 100 ip from any to 10.10.14.7 in via vlan191
00504 pipe 101 ip from 10.10.14.7 to not table(2)
00504 pipe 100 ip from any to 10.10.14.10 in via vlan191
00504 pipe 101 ip from 10.10.14.10 to not table(2)
00504 pipe 100 ip from any to 10.10.15.19 in via vlan191
00504 pipe 101 ip from 10.10.15.19 to not table(2)
00504 pipe 100 ip from any to 10.10.15.31 in via vlan191
00504 pipe 101 ip from 10.10.15.31 to not table(2)
00504 pipe 100 ip from any to 10.10.15.37 in via vlan191
00504 pipe 101 ip from 10.10.15.37 to not table(2)
00504 pipe 100 ip from any to 10.10.16.20 in via vlan191
00504 pipe 101 ip from 10.10.16.20 to not table(2)
00504 pipe 100 ip from any to 10.10.16.21 in via vlan191
00504 pipe 101 ip from 10.10.16.21 to not table(2)
00504 pipe 100 ip from any to 10.10.29.1 in via vlan191
00504 pipe 101 ip from 10.10.29.1 to not table(2)
00504 pipe 100 ip from any to 10.10.37.7 in via vlan191
00504 pipe 101 ip from 10.10.37.7 to not table(2)
00504 pipe 100 ip from any to 10.10.38.9 in via vlan191
00504 pipe 101 ip from 10.10.38.9 to not table(2)
00504 pipe 100 ip from any to 10.10.39.2 in via vlan191
00504 pipe 101 ip from 10.10.39.2 to not table(2)
00504 pipe 100 ip from any to 10.10.39.9 in via vlan191
00504 pipe 101 ip from 10.10.39.9 to not table(2)
00504 pipe 100 ip from any to 10.10.47.2 in via vlan191
00504 pipe 101 ip from 10.10.47.2 to not table(2)
00504 pipe 100 ip from any to 10.10.47.1 in via vlan191
00504 pipe 101 ip from 10.10.47.1 to not table(2)
00504 pipe 100 ip from any to 10.10.48.5 in via vlan191
00504 pipe 101 ip from 10.10.48.5 to not table(2)
00504 pipe 100 ip from any to 10.10.51.1 in via vlan191
00504 pipe 101 ip from 10.10.51.1 to not table(2)
00504 pipe 100 ip from any to 10.10.54.1 in via vlan191
00504 pipe 101 ip from 10.10.54.1 to not table(2)
00504 pipe 100 ip from any to 10.10.54.2 in via vlan191
00504 pipe 101 ip from 10.10.54.2 to not table(2)
00504 pipe 100 ip from any to 10.10.57.3 in via vlan191
00504 pipe 101 ip from 10.10.57.3 to not table(2)
00504 pipe 100 ip from any to 10.10.59.2 in via vlan191
00504 pipe 101 ip from 10.10.59.2 to not table(2)
00504 pipe 100 ip from any to 10.10.60.1 in via vlan191
00504 pipe 101 ip from 10.10.60.1 to not table(2)
00505 pipe 32 ip from any to 10.10.12.5 in via vlan191
00506 pipe 33 ip from 10.10.12.5 to not table(2)
00509 pipe 32 ip from any to 10.10.13.9 in via vlan191
00509 pipe 33 ip from 10.10.13.9 to not table(2)
00509 pipe 32 ip from any to 10.10.18.2 in via vlan191
00509 pipe 33 ip from 10.10.18.2 to not table(2)
00509 pipe 100 ip from any to 10.10.7.17 in via vlan191
00509 pipe 101 ip from 10.10.7.17 to not table(2)
00509 pipe 100 ip from any to 10.10.7.100 in via vlan191
00509 pipe 101 ip from 10.10.7.100 to not table(2)
00512 pipe 32 ip from any to ***.**.*6.91 in via vlan191
00512 pipe 33 ip from ***.**.*6.91 to any out via vlan191
00513 pipe 64 ip from any to 10.10.9.11 in via vlan191
00513 pipe 65 ip from 10.10.9.11 to not table(2)
00513 pipe 64 ip from any to 10.10.9.16 in via vlan191
00513 pipe 65 ip from 10.10.9.16 to not table(2)
00513 pipe 64 ip from any to 10.10.9.21 in via vlan191
00513 pipe 65 ip from 10.10.9.21 to not table(2)
00514 pipe 64 ip from any to 10.10.12.12 in via vlan191
00514 pipe 65 ip from 10.10.12.12 to not table(2)
00516 pipe 32 ip from any to 10.10.18.4 in via vlan191
00516 pipe 33 ip from 10.10.18.4 to not table(2)
00516 pipe 64 ip from any to 10.10.0.3 in via vlan191
00516 pipe 65 ip from 10.10.0.3 to not table(2)
00516 pipe 64 ip from any to ***.*.**.82 in via vlan191
00516 pipe 65 ip from ***.*.**.82 to any out via vlan191
00516 pipe 64 ip from any to 10.10.0.15 in via vlan191
00516 pipe 65 ip from 10.10.0.15 to not table(2)
00516 pipe 64 ip from any to 10.10.0.100 in via vlan191
00516 pipe 65 ip from 10.10.0.100 to not table(2)
00516 pipe 64 ip from any to 10.10.1.12 in via vlan191
00516 pipe 65 ip from 10.10.1.12 to not table(2)
00516 pipe 64 ip from any to 10.10.1.13 in via vlan191
00516 pipe 65 ip from 10.10.1.13 to not table(2)
00516 pipe 64 ip from any to 10.10.2.3 in via vlan191
00516 pipe 65 ip from 10.10.2.3 to not table(2)
00516 pipe 64 ip from any to 10.10.5.4 in via vlan191
00516 pipe 65 ip from 10.10.5.4 to not table(2)
00516 pipe 64 ip from any to 10.10.7.4 in via vlan191
00516 pipe 65 ip from 10.10.7.4 to not table(2)
00516 pipe 64 ip from any to 10.10.7.10 in via vlan191
00516 pipe 65 ip from 10.10.7.10 to not table(2)
00516 pipe 64 ip from any to 10.10.9.5 in via vlan191
00516 pipe 65 ip from 10.10.9.5 to not table(2)
00516 pipe 64 ip from any to 10.10.13.22 in via vlan191
00516 pipe 65 ip from 10.10.13.22 to not table(2)
00516 pipe 1164 ip from any to 10.10.13.26 in via vlan191
00516 pipe 1165 ip from 10.10.13.26 to not table(2)
00516 pipe 1164 ip from any to 10.10.13.27 in via vlan191
00516 pipe 1165 ip from 10.10.13.27 to not table(2)
00516 pipe 64 ip from any to 10.10.16.5 in via vlan191
00516 pipe 65 ip from 10.10.16.5 to not table(2)
00516 pipe 64 ip from any to 10.10.18.1 in via vlan191
00516 pipe 65 ip from 10.10.18.1 to not table(2)
00516 pipe 64 ip from any to 10.10.18.5 in via vlan191
00516 pipe 65 ip from 10.10.18.5 to not table(2)
00516 pipe 64 ip from any to 10.10.19.2 in via vlan191
00516 pipe 65 ip from 10.10.19.2 to not table(2)
00516 pipe 64 ip from any to 10.10.22.3 in via vlan191
00516 pipe 65 ip from 10.10.22.3 to not table(2)
00516 pipe 64 ip from any to ***.**.*6.76 in via vlan191
00516 pipe 65 ip from ***.**.*6.76 to any out via vlan191
00516 pipe 75 ip from any to 10.10.0.36 in via vlan191
00516 pipe 76 ip from 10.10.0.36 to not table(2)
00516 pipe 75 ip from any to 10.10.3.3 in via vlan191
00516 pipe 76 ip from 10.10.3.3 to not table(2)
00516 pipe 75 ip from any to ***.*.**.76 in via vlan191
00516 pipe 76 ip from ***.*.**.76 to any out via vlan191
00516 pipe 75 ip from any to ***.**.*6.81 in via vlan191
00516 pipe 76 ip from ***.**.*6.81 to any out via vlan191
00516 pipe 100 ip from any to 10.10.0.33 in via vlan191
00516 pipe 101 ip from 10.10.0.33 to not table(2)
00516 pipe 100 ip from any to 10.10.0.39 in via vlan191
00516 pipe 101 ip from 10.10.0.39 to not table(2)
00516 pipe 100 ip from any to 10.10.0.41 in via vlan191
00516 pipe 101 ip from 10.10.0.41 to not table(2)
00516 pipe 100 ip from any to 10.10.1.11 in via vlan191
00516 pipe 101 ip from 10.10.1.11 to not table(2)
00516 pipe 100 ip from any to 10.10.1.25 in via vlan191
00516 pipe 101 ip from 10.10.1.25 to not table(2)
00516 pipe 100 ip from any to 10.10.1.33 in via vlan191
00516 pipe 101 ip from 10.10.1.33 to not table(2)
00516 pipe 100 ip from any to 10.10.1.34 in via vlan191
00516 pipe 101 ip from 10.10.1.34 to not table(2)
00516 pipe 100 ip from any to 10.10.1.44 in via vlan191
00516 pipe 101 ip from 10.10.1.44 to not table(2)
00516 pipe 100 ip from any to 10.10.1.47 in via vlan191
00516 pipe 101 ip from 10.10.1.47 to not table(2)
00516 pipe 100 ip from any to ***.*.**.48 in via vlan191
00516 pipe 101 ip from ***.*.**.48 to any out via vlan191
00516 pipe 100 ip from any to 10.10.2.4 in via vlan191
00516 pipe 101 ip from 10.10.2.4 to not table(2)
00516 pipe 100 ip from any to 10.10.2.5 in via vlan191
00516 pipe 101 ip from 10.10.2.5 to not table(2)
00516 pipe 100 ip from any to 10.10.2.8 in via vlan191
00516 pipe 101 ip from 10.10.2.8 to not table(2)
00516 pipe 100 ip from any to 10.10.2.11 in via vlan191
00516 pipe 101 ip from 10.10.2.11 to not table(2)
00516 pipe 100 ip from any to 10.10.3.8 in via vlan191
00516 pipe 101 ip from 10.10.3.8 to not table(2)
00516 pipe 100 ip from any to 10.10.6.4 in via vlan191
00516 pipe 101 ip from 10.10.6.4 to not table(2)
00516 pipe 100 ip from any to 10.10.6.6 in via vlan191
00516 pipe 101 ip from 10.10.6.6 to not table(2)
00516 pipe 100 ip from any to ***.*.**.31 in via vlan191
00516 pipe 101 ip from ***.*.**.31 to any out via vlan191
00516 pipe 100 ip from any to 10.10.13.7 in via vlan191
00516 pipe 101 ip from 10.10.13.7 to not table(2)
00516 pipe 100 ip from any to 10.10.13.30 in via vlan191
00516 pipe 101 ip from 10.10.13.30 to not table(2)
00516 pipe 100 ip from any to 10.10.13.34 in via vlan191
00516 pipe 101 ip from 10.10.13.34 to not table(2)
00516 pipe 100 ip from any to 10.10.13.15 in via vlan191
00516 pipe 101 ip from 10.10.13.15 to not table(2)
00516 pipe 100 ip from any to ***.*.**.40 in via vlan191
00516 pipe 101 ip from ***.*.**.40 to any out via vlan191
00516 pipe 100 ip from any to ***.*.**.59 in via vlan191
00516 pipe 101 ip from ***.*.**.59 to any out via vlan191
00516 pipe 100 ip from any to 10.10.17.1 in via vlan191
00516 pipe 101 ip from 10.10.17.1 to not table(2)
00516 pipe 100 ip from any to ***.*.**.77 in via vlan191
00516 pipe 101 ip from ***.*.**.77 to any out via vlan191
00516 pipe 100 ip from any to 10.10.21.4 in via vlan191
00516 pipe 101 ip from 10.10.21.4 to not table(2)
00516 pipe 100 ip from any to 10.10.22.5 in via vlan191
00516 pipe 101 ip from 10.10.22.5 to not table(2)
00516 pipe 100 ip from any to 10.10.23.2 in via vlan191
00516 pipe 101 ip from 10.10.23.2 to not table(2)
00516 pipe 100 ip from any to ***.*.**.85 in via vlan191
00516 pipe 101 ip from ***.*.**.85 to any out via vlan191
00516 pipe 100 ip from any to 10.10.24.2 in via vlan191
00516 pipe 101 ip from 10.10.24.2 to not table(2)
00516 pipe 100 ip from any to ***.*.**.37 in via vlan191
00516 pipe 101 ip from ***.*.**.37 to any out via vlan191
00516 pipe 100 ip from any to ***.*.**.44 in via vlan191
00516 pipe 101 ip from ***.*.**.44 to any out via vlan191
00516 pipe 100 ip from any to ***.*.**.72 in via vlan191
00516 pipe 101 ip from ***.*.**.72 to any out via vlan191
00516 pipe 100 ip from any to ***.**.*6.92 in via vlan191
00516 pipe 101 ip from ***.**.*6.92 to any out via vlan191
00516 pipe 128 ip from any to ***.*.**.4 in via vlan191
00516 pipe 129 ip from ***.*.**.4 to any out via vlan191
00516 pipe 12812 ip from any to ***.*.**.75 in via vlan191
00516 pipe 12912 ip from ***.*.**.75 to any out via vlan191
00516 pipe 12812 ip from any to ***.*.**.114 in via vlan191
00516 pipe 12912 ip from ***.*.**.114 to any out via vlan191
00516 pipe 128 ip from any to ***.*.**.113 in via vlan191
00516 pipe 129 ip from ***.*.**.113 to any out via vlan191
00517 pipe 100 ip from any to 10.10.0.2 in via vlan191
00517 pipe 101 ip from 10.10.0.2 to not table(2)
00517 pipe 100 ip from any to 10.10.8.7 in via vlan191
00517 pipe 101 ip from 10.10.8.7 to not table(2)
00517 pipe 128 ip from any to 10.10.0.12 in via vlan191
00517 pipe 129 ip from 10.10.0.12 to not table(2)
00518 pipe 128 ip from any to 10.10.13.8 in via vlan191
00518 pipe 128 ip from 10.10.13.8 to not table(2)
00518 pipe 128 ip from any to 10.10.13.29 in via vlan191
00518 pipe 128 ip from 10.10.13.29 to not table(2)
00518 pipe 128 ip from any to ***.**.*6.77 in via vlan191
00518 pipe 129 ip from ***.**.*6.77 to any out via vlan191
00519 pipe 128 ip from any to ***.*.**.50 in via vlan191
00519 pipe 129 ip from ***.*.**.50 to any out via vlan191
00519 pipe 128 ip from any to 10.10.9.31 in via vlan191
00519 pipe 129 ip from 10.10.9.31 to not table(2)
00519 pipe 128 ip from any to ***.*.**.98 in via vlan191
00519 pipe 129 ip from ***.*.**.98 to any out via vlan191
00519 pipe 12813 ip from any to 10.10.13.1 in via vlan191
00519 pipe 12913 ip from 10.10.13.1 to not table(2)
00519 pipe 12813 ip from any to ***.*.**.24 in via vlan191
00519 pipe 12913 ip from ***.*.**.24 to any out via vlan191
00519 pipe 128 ip from any to ***.*.**.57 in via vlan191
00519 pipe 129 ip from ***.*.**.57 to any out via vlan191
00519 pipe 128 ip from any to ***.*.**.43 in via vlan191
00519 pipe 129 ip from ***.*.**.43 to any out via vlan191
00519 pipe 128 ip from any to ***.*.**.52 in via vlan191
00519 pipe 129 ip from ***.*.**.52 to any out via vlan191
00520 pipe 75 ip from any to 10.10.0.8 in via vlan191
00520 pipe 76 ip from 10.10.0.8 to not table(2)
00520 pipe 75 ip from any to 10.10.6.2 in via vlan191
00520 pipe 76 ip from 10.10.6.2 to not table(2)
00520 pipe 75 ip from any to 10.10.7.19 in via vlan191
00520 pipe 76 ip from 10.10.7.19 to not table(2)
00520 pipe 75 ip from any to 10.10.12.5 in via vlan191
00520 pipe 76 ip from 10.10.12.5 to not table(2)
00520 pipe 75 ip from any to 10.10.12.100 in via vlan191
00520 pipe 76 ip from 10.10.12.100 to not table(2)
00520 pipe 75 ip from any to 10.10.12.15 in via vlan191
00520 pipe 76 ip from 10.10.12.15 to not table(2)
00520 pipe 75 ip from any to 10.10.15.26 in via vlan191
00520 pipe 76 ip from 10.10.15.26 to not table(2)
00520 pipe 75 ip from any to 10.10.16.17 in via vlan191
00520 pipe 76 ip from 10.10.16.17 to not table(2)
00520 pipe 75 ip from any to 10.10.29.2 in via vlan191
00520 pipe 76 ip from 10.10.29.2 to not table(2)
00520 pipe 75 ip from any to 10.10.44.1 in via vlan191
00520 pipe 76 ip from 10.10.44.1 to not table(2)
00520 pipe 100 ip from any to 10.10.34.4 in via vlan191
00520 pipe 101 ip from 10.10.34.4 to not table(2)
00520 pipe 128 ip from any to 10.10.0.31 in via vlan191
00520 pipe 129 ip from 10.10.0.31 to not table(2)
00520 pipe 128 ip from any to 10.10.2.2 in via vlan191
00520 pipe 129 ip from 10.10.2.2 to not table(2)
00520 pipe 1560 ip from any to 10.10.2.7 in via vlan191
00520 pipe 1561 ip from 10.10.2.7 to not table(2)
00520 pipe 1560 ip from any to 10.10.2.100 in via vlan191
00520 pipe 1561 ip from 10.10.2.100 to not table(2)
00520 pipe 128 ip from any to 10.10.5.2 in via vlan191
00520 pipe 129 ip from 10.10.5.2 to not table(2)
00520 pipe 128 ip from any to 10.10.5.3 in via vlan191
00520 pipe 129 ip from 10.10.5.3 to not table(2)
00520 pipe 128 ip from any to 10.10.7.22 in via vlan191
00520 pipe 129 ip from 10.10.7.22 to not table(2)
00520 pipe 128 ip from any to 10.10.8.5 in via vlan191
00520 pipe 129 ip from 10.10.8.5 to not table(2)
00520 pipe 128 ip from any to 10.10.9.13 in via vlan191
00520 pipe 129 ip from 10.10.9.13 to not table(2)
00520 pipe 128 ip from any to 10.10.11.22 in via vlan191
00520 pipe 129 ip from 10.10.11.22 to not table(2)
00520 pipe 128 ip from any to 10.10.14.6 in via vlan191
00520 pipe 129 ip from 10.10.14.6 to not table(2)
00520 pipe 128 ip from any to 10.10.15.27 in via vlan191
00520 pipe 129 ip from 10.10.15.27 to not table(2)
00520 pipe 128 ip from any to 10.10.16.3 in via vlan191
00520 pipe 129 ip from 10.10.16.3 to not table(2)
00520 pipe 128 ip from any to ***.*.**.70 in via vlan191
00520 pipe 129 ip from ***.*.**.70 to not table(2)
00520 pipe 128 ip from any to 10.10.16.23 in via vlan191
00520 pipe 129 ip from 10.10.16.23 to not table(2)
00520 pipe 128 ip from any to 10.10.27.3 in via vlan191
00520 pipe 129 ip from 10.10.27.3 to not table(2)
00520 pipe 128 ip from any to 10.10.28.1 in via vlan191
00520 pipe 129 ip from 10.10.28.1 to not table(2)
00520 pipe 128 ip from any to 10.10.31.1 in via vlan191
00520 pipe 129 ip from 10.10.31.1 to not table(2)
00520 pipe 256 ip from any to 10.10.34.3 in via vlan191
00520 pipe 257 ip from 10.10.34.3 to not table(2)
00520 pipe 256 ip from any to 77.87.151.2 in via vlan191
00520 pipe 257 ip from 77.87.151.2 to any out via vlan191
00520 pipe 128 ip from any to 10.10.40.1 in via vlan191
00520 pipe 129 ip from 10.10.40.1 to not table(2)
00520 pipe 128 ip from any to ***.*.**.32 in via vlan191
00520 pipe 129 ip from ***.*.**.32 to any out via vlan191
00520 pipe 128 ip from any to 10.10.44.2 in via vlan191
00520 pipe 129 ip from 10.10.44.2 to not table(2)
00520 pipe 128 ip from any to 10.10.45.1 in via vlan191
00520 pipe 129 ip from 10.10.45.1 to not table(2)
00520 pipe 128 ip from any to 10.10.57.1 in via vlan191
00520 pipe 129 ip from 10.10.57.1 to not table(2)
00520 pipe 128 ip from any to ***.**.*6.69 in via vlan191
00520 pipe 129 ip from ***.**.*6.69 to any out via vlan191
00520 pipe 256 ip from any to 10.10.42.5 in via vlan191
00520 pipe 257 ip from 10.10.42.5 to not table(2)
00521 pipe 100 ip from any to ***.*.**.23 in via vlan191
00521 pipe 101 ip from ***.*.**.23 to any out via vlan191
00521 pipe 128 ip from any to ***.**.*6.73 in via vlan191
00521 pipe 129 ip from ***.**.*6.73 to any out via vlan191
00521 pipe 128 ip from any to ***.**.*6.84 in via vlan191
00521 pipe 129 ip from ***.**.*6.84 to any out via vlan191
00521 pipe 256 ip from any to ***.*.**.60 in via vlan191
00521 pipe 256 ip from ***.*.**.60 to any out via vlan191
00521 pipe 384 ip from any to ***.*.**.74 in via vlan191
00521 pipe 385 ip from ***.*.**.74 to any out via vlan191
00522 pipe 1554 ip from any to 10.10.26.1 in via vlan191
00522 pipe 1555 ip from 10.10.26.1 to not table(2)
00522 pipe 1554 ip from any to 10.10.26.2 in via vlan191
00522 pipe 1555 ip from 10.10.26.2 to not table(2)
00522 pipe 100 ip from any to 10.10.27.5 in via vlan191
00522 pipe 101 ip from 10.10.27.5 to not table(2)
00522 pipe 100 ip from any to 10.10.28.3 in via vlan191
00522 pipe 101 ip from 10.10.28.3 to not table(2)
00522 pipe 256 ip from any to 10.10.1.17 in via vlan191
00522 pipe 257 ip from 10.10.1.17 to not table(2)
00522 pipe 256 ip from any to 10.10.8.6 in via vlan191
00522 pipe 257 ip from 10.10.8.6 to not table(2)
00522 pipe 512 ip from any to ***.*.**.5 in via vlan191
00522 pipe 513 ip from ***.*.**.5 to any out via vlan191
00522 pipe 512 ip from any to ***.*.**.92 in via vlan191
00522 pipe 513 ip from ***.*.**.92 to any out via vlan191
00522 pipe 514 ip from any to ***.**.*6.68 in via vlan191
00522 pipe 515 ip from ***.**.*6.68 to any out via vlan191
00522 pipe 514 ip from any to ***.**.*6.86 in via vlan191
00522 pipe 515 ip from ***.**.*6.86 to any out via vlan191
00522 pipe 514 ip from any to ***.**.*6.87 in via vlan191
00522 pipe 515 ip from ***.**.*6.87 to any out via vlan191
00522 pipe 514 ip from any to ***.**.*6.80 in via vlan191
00522 pipe 515 ip from ***.**.*6.80 to any out via vlan191
00523 pipe 20000 ip from any to ***.**.*6.83 in via vlan193
00523 pipe 20001 ip from ***.**.*6.83 to any out via vlan193
00523 pipe 20000 ip from any to ***.*.**.192/27 in via vlan193
00523 pipe 20001 ip from ***.*.**.192/27 to any out via vlan193
00523 pipe 20000 ip from any to ***.*.**.224/28 in via vlan193
00523 pipe 20001 ip from ***.*.**.224/28 to any out via vlan193
00523 pipe 20000 ip from any to ***.*.**.160/27 in via vlan193
00523 pipe 20001 ip from ***.*.**.160/27 to any out via vlan193
00523 pipe 2005 ip from any to ***.**.*6.83 in via vlan191
00523 pipe 2006 ip from ***.**.*6.83 to any out via vlan191
00523 pipe 2005 ip from any to ***.*.**.192/27 in via vlan191
00523 pipe 2006 ip from ***.*.**.192/27 to any out via vlan191
00523 pipe 2005 ip from any to ***.*.**.224/28 in via vlan191
00523 pipe 2006 ip from ***.*.**.224/28 to any out via vlan191
00523 pipe 2005 ip from any to ***.*.**.160/27 in via vlan191
00523 pipe 2006 ip from ***.*.**.160/27 to any out via vlan191
00523 pipe 5005 ip from any to ***.*.**.55 in via vlan191
00523 pipe 5006 ip from ***.*.**.55 to any out via vlan191
00523 pipe 5005 ip from any to ***.**.*6.216/29 in via vlan191
00523 pipe 5006 ip from ***.**.*6.216/29 to any out via vlan191
00523 pipe 5005 ip from any to ***.**.*6.224/28 in via vlan191
00523 pipe 5006 ip from ***.**.*6.224/28 to any out via vlan191
00523 pipe 5009 ip from any to ***.*.**.14 in via vlan191
00523 pipe 5010 ip from ***.*.**.14 to any out via vlan191
00523 pipe 5009 ip from any to ***.**.*6.8/29 in via vlan191
00523 pipe 5010 ip from ***.**.*6.8/29 to any out via vlan191
00523 pipe 5013 ip from any to ***.*.**.2 in via vlan191
00523 pipe 5014 ip from ***.*.**.2 to any out via vlan191
00523 pipe 5013 ip from any to ***.*.**.240/29 in via vlan191
00523 pipe 5014 ip from ***.*.**.240/29 to any out via vlan191
00523 pipe 5013 ip from any to ***.*.**.128/27 in via vlan191
00523 pipe 5014 ip from ***.*.**.128/27 to any out via vlan191
00523 pipe 5017 ip from any to ***.*.**.30 in via vlan191
00523 pipe 5018 ip from ***.*.**.30 to any out via vlan191
00524 pipe 30000 ip from any to ***.*.**.55 in via vlan193
00524 pipe 30001 ip from ***.*.**.55 to any out via vlan193
00524 pipe 30000 ip from any to ***.**.*6.216/29 in via vlan193
00524 pipe 30001 ip from ***.**.*6.216/29 to any out via vlan193
00524 pipe 30000 ip from any to ***.**.*6.224/28 in via vlan193
00524 pipe 30001 ip from ***.**.*6.224/28 to any out via vlan193
00524 pipe 5007 ip from any to ***.*.**.14 in via vlan193
00524 pipe 5008 ip from ***.*.**.14 to any out via vlan193
00524 pipe 5007 ip from any to ***.**.*6.8/29 in via vlan193
00524 pipe 5008 ip from ***.**.*6.8/29 to any out via vlan193
00524 pipe 5011 ip from any to ***.*.**.2 in via vlan193
00524 pipe 5012 ip from ***.*.**.2 to any out via vlan193
00524 pipe 5011 ip from any to ***.*.**.240/29 in via vlan193
00524 pipe 5012 ip from ***.*.**.240/29 to any out via vlan193
00524 pipe 5011 ip from any to ***.*.**.128/27 in via vlan193
00524 pipe 5012 ip from ***.*.**.128/27 to any out via vlan193
00524 pipe 5015 ip from any to ***.*.**.30 in via vlan193
00524 pipe 5016 ip from ***.*.**.30 to any out via vlan193
00526 pipe 9998 ip from any to 10.10.3.8 in via vlan193
00526 pipe 9999 ip from 10.10.3.8 to table(2)
00526 pipe 9998 ip from any to 10.10.12.6 in via vlan193
00526 pipe 9999 ip from 10.10.12.6 to table(2)
00526 pipe 9998 ip from any to 10.10.0.32 in via vlan193
00526 pipe 9999 ip from 10.10.0.32 to table(2)
00526 pipe 9998 ip from any to 10.10.53.1 in via vlan193
00526 pipe 9999 ip from 10.10.53.1 to table(2)
00526 pipe 9998 ip from any to 10.10.15.34 in via vlan193
00526 pipe 9999 ip from 10.10.15.34 to table(2)
00526 pipe 9998 ip from any to 10.10.13.1 in via vlan193
00526 pipe 9999 ip from 10.10.13.1 to table(2)
00526 pipe 9998 ip from any to 10.10.0.8 in via vlan193
00526 pipe 9999 ip from 10.10.0.8 to table(2)
00526 pipe 9998 ip from any to 10.10.45.2 in via vlan193
00526 pipe 9999 ip from 10.10.12.6 to table(2)
00526 pipe 9998 ip from any to 10.10.38.6 in via vlan193
00526 pipe 9999 ip from 10.10.38.6 to table(2)
00526 pipe 9998 ip from any to 10.10.26.3 in via vlan193
00526 pipe 9999 ip from 10.10.26.3 to table(2)
00526 pipe 9998 ip from any to 10.10.16.15 in via vlan193
00526 pipe 9999 ip from 10.10.16.15 to table(2)
00526 pipe 9998 ip from any to 10.10.19.2 in via vlan193
00526 pipe 9999 ip from 10.10.19.2 to table(2)
00526 pipe 9998 ip from any to 10.10.54.2 in via vlan193
00526 pipe 9999 ip from 10.10.54.2 to table(2)
00526 pipe 9998 ip from any to 10.10.29.5 in via vlan193
00526 pipe 9999 ip from 10.10.29.5 to table(2)
00526 pipe 9998 ip from any to 10.10.7.8 in via vlan193
00526 pipe 9999 ip from 10.10.7.8 to table(2)
00526 pipe 9998 ip from any to 10.10.6.8 in via vlan193
00526 pipe 9999 ip from 10.10.6.8 to table(2)
00526 pipe 9998 ip from any to 10.10.7.15 in via vlan193
00526 pipe 9999 ip from 10.10.7.15 to table(2)
00526 pipe 9998 ip from any to 10.10.4.5 in via vlan193
00526 pipe 9999 ip from 10.10.4.5 to table(2)
00526 pipe 9998 ip from any to 10.10.29.4 in via vlan193
00526 pipe 9999 ip from 10.10.29.4 to table(2)
00526 pipe 9998 ip from any to 10.10.24.2 in via vlan193
00526 pipe 9999 ip from 10.10.24.2 to table(2)
00526 pipe 9998 ip from any to 10.10.4.4 in via vlan193
00526 pipe 9999 ip from 10.10.4.4 to table(2)
00526 pipe 9998 ip from any to 10.10.5.4 in via vlan193
00526 pipe 9999 ip from 10.10.5.4 to table(2)
00526 pipe 9998 ip from any to 10.10.15.32 in via vlan193
00526 pipe 9999 ip from 10.10.15.32 to table(2)
00526 pipe 9998 ip from any to 10.10.1.13 in via vlan193
00526 pipe 9999 ip from 10.10.1.13 to table(2)
00526 pipe 9998 ip from any to 10.10.1.20 in via vlan193
00526 pipe 9999 ip from 10.10.1.20 to table(2)
00526 pipe 9998 ip from any to 10.10.40.2 in via vlan193
00526 pipe 9999 ip from 10.10.40.2 to table(2)
00526 pipe 9998 ip from any to 10.10.2.2 in via vlan193
00526 pipe 9999 ip from 10.10.2.2 to table(2)
00526 pipe 9998 ip from any to 10.10.2.3 in via vlan193
00526 pipe 9999 ip from 10.10.2.3 to table(2)
00526 pipe 9998 ip from any to 10.10.3.7 in via vlan193
00526 pipe 9999 ip from 10.10.3.7 to table(2)
00526 pipe 9998 ip from any to 10.10.13.30 in via vlan193
00526 pipe 9999 ip from 10.10.13.30 to table(2)
00599 pipe 9998 ip from any to 10.10.1.18 in via vlan193
00599 pipe 9999 ip from 10.10.1.18 to table(2)
00599 pipe 9998 ip from any to 10.10.0.27 in via vlan193
00599 pipe 9999 ip from 10.10.0.27 to table(2)
00599 pipe 9998 ip from any to 10.10.30.1 in via vlan193
00599 pipe 9999 ip from 10.10.30.1 to table(2)
00599 pipe 9998 ip from any to 10.10.1.17 in via vlan193
00599 pipe 9999 ip from 10.10.1.17 to table(2)
00599 pipe 9998 ip from any to 10.10.13.7 in via vlan193
00599 pipe 9999 ip from 10.10.13.7 to table(2)
00599 pipe 9998 ip from any to 10.10.13.10 in via vlan193
00599 pipe 9999 ip from 10.10.13.10 to table(2)
00599 pipe 9998 ip from any to 10.10.18.5 in via vlan193
00599 pipe 9999 ip from 10.10.18.5 to table(2)
00599 pipe 9998 ip from any to 10.10.15.1 in via vlan193
00599 pipe 9999 ip from 10.10.15.1 to table(2)
00599 pipe 9998 ip from any to 10.10.5.2 in via vlan193
00599 pipe 9999 ip from 10.10.5.2 to table(2)
00599 pipe 9998 ip from any to 10.10.15.4 in via vlan193
00599 pipe 9999 ip from 10.10.15.4 to table(2)
00599 pipe 9998 ip from any to 10.10.15.2 in via vlan193
00599 pipe 9999 ip from 10.10.15.2 to table(2)
00599 pipe 9998 ip from any to 10.10.0.15 in via vlan193
00599 pipe 9999 ip from 10.10.0.15 to table(2)
00599 pipe 9998 ip from any to 10.10.7.16 in via vlan193
00599 pipe 9999 ip from 10.10.7.16 to table(2)
00599 pipe 9998 ip from any to 10.10.9.11 in via vlan193
00599 pipe 9999 ip from 10.10.9.11 to table(2)
00599 pipe 9998 ip from any to 10.10.9.12 in via vlan193
00599 pipe 9999 ip from 10.10.9.12 to table(2)
00599 pipe 9998 ip from any to 10.10.9.23 in via vlan193
00599 pipe 9999 ip from 10.10.9.23 to table(2)
00599 pipe 9998 ip from any to 10.10.9.21 in via vlan193
00599 pipe 9999 ip from 10.10.9.21 to table(2)
00599 pipe 9998 ip from any to 10.10.14.4 in via vlan193
00599 pipe 9999 ip from 10.10.14.4 to table(2)
00599 pipe 9998 ip from any to 10.10.8.1 in via vlan193
00599 pipe 9999 ip from 10.10.8.1 to table(2)
00599 pipe 9998 ip from any to 10.10.8.4 in via vlan193
00599 pipe 9999 ip from 10.10.8.4 to table(2)
00599 pipe 9998 ip from any to 10.10.11.11 in via vlan193
00599 pipe 9999 ip from 10.10.11.11 to table(2)
00599 pipe 9998 ip from any to 10.10.11.6 in via vlan193
00599 pipe 9999 ip from 10.10.11.6 to table(2)
00599 pipe 9998 ip from any to 10.10.17.1 in via vlan193
00599 pipe 9999 ip from 10.10.17.1 to table(2)
00599 pipe 9998 ip from any to 10.10.11.3 in via vlan193
00599 pipe 9999 ip from 10.10.11.3 to table(2)
00599 pipe 9998 ip from any to 10.10.13.15 in via vlan193
00599 pipe 9999 ip from 10.10.13.15 to table(2)
00599 pipe 9998 ip from any to 10.10.16.2 in via vlan193
00599 pipe 9999 ip from 10.10.16.2 to table(2)
00599 pipe 9998 ip from any to 10.10.16.10 in via vlan193
00599 pipe 9999 ip from 10.10.16.10 to table(2)
00599 pipe 9998 ip from any to 10.10.16.8 in via vlan193
00599 pipe 9999 ip from 10.10.16.8 to table(2)
00599 pipe 9998 ip from any to 10.10.16.17 in via vlan193
00599 pipe 9999 ip from 10.10.16.17 to table(2)
00599 pipe 9998 ip from any to 10.10.37.5 in via vlan193
00599 pipe 9999 ip from 10.10.37.5 to table(2)
00599 pipe 9998 ip from any to 10.10.1.17 in via vlan193
00599 pipe 9999 ip from 10.10.1.17 to table(2)
00599 pipe 9998 ip from any to 10.10.9.4 in via vlan193
00599 pipe 9999 ip from 10.10.9.4 to table(2)
00599 pipe 9998 ip from any to 10.10.9.14 in via vlan193
00599 pipe 9999 ip from 10.10.9.14 to table(2)
00599 pipe 9998 ip from any to 10.10.13.9 in via vlan193
00599 pipe 9999 ip from 10.10.13.9 to table(2)
00599 pipe 9998 ip from any to 10.10.13.20 in via vlan193
00599 pipe 9999 ip from 10.10.13.20 to table(2)
00600 pipe 9998 ip from any to ***.**.*6.71 in via vlan193
00600 pipe 9999 ip from ***.**.*6.71 to any out via vlan193
00600 pipe 9998 ip from any to ***.**.*6.78 in via vlan193
00600 pipe 9999 ip from ***.**.*6.78 to any out via vlan193
00600 pipe 9998 ip from any to ***.**.*6.80 in via vlan193
00600 pipe 9999 ip from ***.**.*6.80 to any out via vlan193
00600 pipe 9998 ip from any to ***.**.*6.72 in via vlan193
00600 pipe 9999 ip from ***.**.*6.72 to any out via vlan193
00600 pipe 9998 ip from any to ***.**.*6.74 in via vlan193
00600 pipe 9999 ip from ***.**.*6.74 to any out via vlan193
00600 pipe 9998 ip from any to ***.**.*6.76 in via vlan193
00600 pipe 9999 ip from ***.**.*6.76 to any out via vlan193
00600 pipe 9998 ip from any to ***.**.*6.84 in via vlan193
00600 pipe 9999 ip from ***.**.*6.84 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.5 in via vlan193
00600 pipe 9999 ip from ***.*.**.5 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.98 in via vlan193
00600 pipe 9999 ip from ***.*.**.98 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.71 in via vlan193
00600 pipe 9999 ip from ***.*.**.71 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.81 in via vlan193
00600 pipe 9999 ip from ***.*.**.81 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.78 in via vlan193
00600 pipe 9999 ip from ***.*.**.78 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.72 in via vlan193
00600 pipe 9999 ip from ***.*.**.72 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.73 in via vlan193
00600 pipe 9999 ip from ***.*.**.73 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.44 in via vlan193
00600 pipe 9999 ip from ***.*.**.44 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.70 in via vlan193
00600 pipe 9999 ip from ***.*.**.70 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.94 in via vlan193
00600 pipe 9999 ip from ***.*.**.94 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.95 in via vlan193
00600 pipe 9999 ip from ***.*.**.95 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.54 in via vlan193
00600 pipe 9999 ip from ***.*.**.54 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.7 in via vlan193
00600 pipe 9999 ip from ***.*.**.7 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.64 in via vlan193
00600 pipe 9999 ip from ***.*.**.64 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.52 in via vlan193
00600 pipe 9999 ip from ***.*.**.52 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.56 in via vlan193
00600 pipe 9999 ip from ***.*.**.56 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.46 in via vlan193
00600 pipe 9999 ip from ***.*.**.46 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.16 in via vlan193
00600 pipe 9999 ip from ***.*.**.16 to any out via vlan193
00600 pipe 9998 ip from any to 10.10.1.33 in via vlan193
00600 pipe 9999 ip from 10.10.1.33 to any out via vlan193
00600 pipe 9998 ip from any to 10.10.16.11 in via vlan193
00600 pipe 9999 ip from 10.10.16.11 to any out via vlan193
00600 pipe 9998 ip from any to 10.10.22.3 in via vlan193
00600 pipe 9999 ip from 10.10.22.3 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.24 in via vlan193
00600 pipe 9999 ip from ***.*.**.24 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.26 in via vlan193
00600 pipe 9999 ip from ***.*.**.26 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.4 in via vlan193
00600 pipe 9999 ip from ***.*.**.4 to any out via vlan193
00600 pipe 9990 ip from any to ***.**.*6.69 in via vlan193
00600 pipe 9999 ip from ***.**.*6.69 to any out via vlan193
00600 pipe 1558 ip from any to ***.**.*6.81 in via vlan193
00600 pipe 1559 ip from ***.**.*6.81 to any out via vlan193
00600 pipe 1558 ip from any to ***.*.**.20 in via vlan193
00600 pipe 1559 ip from ***.*.**.20 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.29 in via vlan193
00600 pipe 9999 ip from ***.*.**.29 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.23 in via vlan193
00600 pipe 9999 ip from ***.*.**.23 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.62 in via vlan193
00600 pipe 9999 ip from ***.*.**.62 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.37 in via vlan193
00600 pipe 9999 ip from ***.*.**.37 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.60 in via vlan193
00600 pipe 9999 ip from ***.*.**.60 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.63 in via vlan193
00600 pipe 9999 ip from ***.*.**.63 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.64 in via vlan193
00600 pipe 9999 ip from ***.*.**.64 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.76 in via vlan193
00600 pipe 9999 ip from ***.*.**.76 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.75 in via vlan193
00600 pipe 9999 ip from ***.*.**.75 to any out via vlan193
00600 pipe 9998 ip from any to ***.*.**.114 in via vlan193
00600 pipe 9999 ip from ***.*.**.114 to any out via vlan193
00600 pipe 9998 ip from any to 10.10.3.5 in via vlan193
00600 pipe 9999 ip from 10.10.3.5 to table(2)
00600 pipe 9998 ip from any to 10.10.1.33 in via vlan193
00600 pipe 9999 ip from 10.10.1.33 to table(2)
00600 pipe 9998 ip from any to 10.10.1.27 in via vlan193
00600 pipe 9999 ip from 10.10.1.27 to table(2)
00600 pipe 9998 ip from any to 10.10.42.2 in via vlan193
00600 pipe 9999 ip from 10.10.42.2 to table(2)
00600 pipe 9998 ip from any to 10.10.45.1 in via vlan193
00600 pipe 9999 ip from 10.10.45.1 to table(2)
00600 pipe 9998 ip from any to 10.10.13.5 in via vlan193
00600 pipe 9999 ip from 10.10.13.5 to table(2)
00600 pipe 9998 ip from any to 10.10.7.6 in via vlan193
00600 pipe 9999 ip from 10.10.7.6 to table(2)
00600 pipe 9998 ip from any to 10.10.15.9 in via vlan193
00600 pipe 9999 ip from 10.10.15.9 to table(2)
00600 pipe 9998 ip from any to 10.10.15.11 in via vlan193
00600 pipe 9999 ip from 10.10.15.11 to table(2)
00600 pipe 9998 ip from any to 10.10.13.31 in via vlan193
00600 pipe 9999 ip from 10.10.13.31 to table(2)
00600 pipe 9998 ip from any to 10.10.15.14 in via vlan193
00600 pipe 9999 ip from 10.10.15.14 to table(2)
00600 pipe 9998 ip from any to 10.10.15.8 in via vlan193
00600 pipe 9999 ip from 10.10.15.8 to table(2)
00600 pipe 9998 ip from any to 10.10.15.17 in via vlan193
00600 pipe 9999 ip from 10.10.15.17 to table(2)
00600 pipe 9998 ip from any to 10.10.15.21 in via vlan193
00600 pipe 9999 ip from 10.10.15.21 to table(2)
00600 pipe 9998 ip from any to 10.10.12.5 in via vlan193
00600 pipe 9999 ip from 10.10.12.5 to table(2)
00600 pipe 9998 ip from any to 10.10.1.25 in via vlan193
00600 pipe 9999 ip from 10.10.1.25 to table(2)
00600 pipe 9998 ip from any to 10.10.0.14 in via vlan193
00600 pipe 9999 ip from 10.10.0.14 to table(2)
00600 pipe 9998 ip from any to 10.10.1.22 in via vlan193
00600 pipe 9999 ip from 10.10.1.22 to table(2)
00600 pipe 9998 ip from any to 10.10.8.5 in via vlan193
00600 pipe 9999 ip from 10.10.8.5 to table(2)
00600 pipe 9998 ip from any to 10.10.2.5 in via vlan193
00600 pipe 9999 ip from 10.10.2.5 to table(2)
00600 pipe 9998 ip from any to 10.10.13.6 in via vlan193
00600 pipe 9999 ip from 10.10.13.6 to table(2)
00600 pipe 9998 ip from any to 10.10.13.3 in via vlan193
00600 pipe 9999 ip from 10.10.13.3 to table(2)
00600 pipe 9998 ip from any to 10.10.11.9 in via vlan193
00600 pipe 9999 ip from 10.10.11.9 to table(2)
00600 pipe 9998 ip from any to 10.10.11.15 in via vlan193
00600 pipe 9999 ip from 10.10.11.15 to table(2)
00600 pipe 9998 ip from any to 10.10.0.37 in via vlan193
00600 pipe 9999 ip from 10.10.0.37 to table(2)
00600 pipe 9998 ip from any to 10.10.13.25 in via vlan193
00600 pipe 9999 ip from 10.10.13.25 to table(2)
00600 pipe 9998 ip from any to 10.10.13.14 in via vlan193
00600 pipe 9999 ip from 10.10.13.14 to table(2)
00600 pipe 9998 ip from any to 10.10.12.9 in via vlan193
00600 pipe 9999 ip from 10.10.12.9 to table(2)
00600 pipe 9998 ip from any to 10.10.0.10 in via vlan193
00600 pipe 9999 ip from 10.10.0.10 to table(2)
00600 pipe 9998 ip from any to 10.10.0.11 in via vlan193
00600 pipe 9999 ip from 10.10.0.11 to table(2)
00600 pipe 9998 ip from any to 10.10.0.24 in via vlan193
00600 pipe 9999 ip from 10.10.0.24 to table(2)
02000 allow ip from ***.**.*6.86 to any
02000 allow ip from any to ***.**.*6.86
02000 allow ip from ***.**.*6.87 to any
02000 allow ip from any to ***.**.*6.87
02000 allow ip from ***.**.*6.83 to any
02000 allow ip from any to ***.**.*6.83
02000 allow ip from ***.*.**.192/27 to any
02000 allow ip from any to ***.*.**.192/27
02000 allow ip from ***.*.**.224/28 to any
02000 allow ip from any to ***.*.**.224/28
02000 allow ip from ***.*.**.240/29 to any
02000 allow ip from any to ***.*.**.240/29
02000 allow ip from ***.*.**.128/29 to any
02000 allow ip from any to ***.*.**.128/29
02000 allow ip from ***.*.**.160/29 to any
02000 allow ip from any to ***.*.**.160/29
02000 allow ip from ***.**.*6.90 to any
02000 allow ip from any to ***.**.*6.90
02000 allow ip from ***.**.*6.8/29 to any
02000 allow ip from any to ***.**.*6.8/29
02000 allow ip from ***.**.*6.216/29 to any
02000 allow ip from any to ***.**.*6.216/29
02000 allow ip from ***.**.*6.8/29 to any
02000 allow ip from any to ***.**.*6.8/29
02000 allow ip from ***.**.*6.224/28 to any
02000 allow ip from any to ***.**.*6.224/28
02000 allow ip from ***.**.*6.80 to any
02000 allow ip from any to ***.**.*6.80
02000 allow ip from ***.**.*6.73 to any
02000 allow ip from any to ***.**.*6.73
02000 allow ip from ***.**.*6.66 to any
02000 allow ip from any to ***.**.*6.66
02000 allow ip from ***.**.*6.67 to any
02000 allow ip from any to ***.**.*6.67
02000 allow ip from ***.**.*6.85 to any
02000 allow ip from any to ***.**.*6.85
02000 allow ip from 10.10.50.51 to any
02000 allow ip from any to 10.10.50.51
02000 allow ip from 10.10.10.2 to any
02000 allow ip from any to 10.10.10.2
02000 allow ip from 10.10.10.3 to any
02000 allow ip from any to 10.10.10.3
02000 allow ip from 10.10.10.4 to any
02000 allow ip from any to 10.10.10.4
02000 allow ip from 10.10.10.5 to any
02000 allow ip from any to 10.10.10.5
02000 allow ip from 10.10.10.11 to any
02000 allow ip from any to 10.10.10.11
02000 allow ip from 10.10.10.12 to any
02000 allow ip from any to 10.10.10.12
02000 allow ip from 10.10.10.13 to any
02000 allow ip from any to 10.10.10.13
02000 allow ip from 10.10.10.25 to any
02000 allow ip from any to 10.10.10.25
02000 allow ip from ***.**.*6.88 to any
02000 allow ip from any to ***.**.*6.88
02000 allow ip from ***.**.*6.89 to any
02000 allow ip from any to ***.**.*6.89
02000 allow ip from ***.**.*6.94 to any
02000 allow ip from any to ***.**.*6.94
02000 allow ip from ***.*.**.3 to any
02000 allow ip from any to ***.*.**.3
02000 allow ip from ***.*.**.6 to any
02000 allow ip from any to ***.*.**.6
02000 allow ip from ***.*.**.10 to any
02000 allow ip from any to ***.*.**.10
02000 allow ip from table(2) to ***.*.**.100,***.*.**.101,***.*.**.102,***.*.**.103,***.*.**.104,***.*.**.105,**
*.*.**.106,***.*.**.107,***.*.**.108,***.*.**.
109
02000 allow ip from ***.*.**.100,***.*.**.101,***.*.**.102,***.*.**.103,***.*.**.104,***.*.**.105,**
*.*.**.106,***.*.**.107,***.*.**.108,***.*.**.109 to table
(2)
02520 count ip from ***.*.**.30 to table(2)
02521 count ip from table(2) to ***.*.**.30
40001 allow ip from ***.**.*6.77 to any
40001 allow ip from any to ***.**.*6.77
40002 allow ip from 10.10.13.1 to any
40002 allow ip from any to 10.10.13.1
40003 allow ip from 10.10.13.4 to any
40003 allow ip from any to 10.10.13.4
40004 allow ip from 10.10.15.29 to any
40004 allow ip from any to 10.10.15.29
40005 allow ip from 10.10.13.9 to any
40005 allow ip from any to 10.10.13.9
40006 allow ip from ***.**.*6.81 to any
40006 allow ip from any to ***.**.*6.81
40007 allow ip from ***.**.*6.83 to any
40007 allow ip from any to ***.**.*6.83
40008 allow ip from ***.**.*6.71 to any
40008 allow ip from any to ***.**.*6.71
40009 allow ip from ***.**.*6.78 to any
40009 allow ip from any to ***.**.*6.78
40010 allow ip from ***.**.*6.82 to any
40010 allow ip from any to ***.**.*6.82
40011 allow ip from ***.*.**.13 to any
40011 allow ip from any to ***.*.**.13
40012 allow ip from ***.**.*6.76 to any
40012 allow ip from any to ***.**.*6.76
40013 allow ip from ***.*.**.76 to any
40013 allow ip from any to ***.*.**.76
40015 allow ip from ***.*.**.41 to any
40015 allow ip from any to ***.*.**.41
40017 allow ip from 10.10.1.10 to any
40017 allow ip from any to 10.10.1.10
40018 allow ip from 10.10.11.25 to any
40018 allow ip from any to 10.10.11.25
40020 allow ip from 10.10.2.100 to any
40020 allow ip from any to 10.10.2.100
40021 allow ip from 10.10.16.11 to table(2)
40021 allow ip from table(2) to 10.10.16.11
40022 allow ip from 10.10.1.13 to any
40022 allow ip from any to 10.10.1.13
40026 allow ip from 10.10.31.2 to any
40026 allow ip from any to 10.10.31.2
40030 allow ip from ***.*.**.52 to any
40030 allow ip from any to ***.*.**.52
40031 allow ip from 10.10.38.6 to table(2)
40031 allow ip from table(2) to 10.10.38.6
40032 allow ip from 10.10.11.7 to any
40032 allow ip from any to 10.10.11.7
40034 allow ip from 10.10.15.30 to any
40034 allow ip from any to 10.10.15.30
40035 allow ip from 10.10.60.1 to any
40035 allow ip from any to 10.10.60.1
40039 allow ip from ***.*.**.70 to any
40039 allow ip from any to ***.*.**.70
40040 allow ip from 10.10.15.27 to any
40040 allow ip from any to 10.10.15.27
40041 allow ip from ***.*.**.192 to any
40041 allow ip from any to ***.*.**.192
40042 allow ip from 10.10.0.34 to any
40042 allow ip from any to 10.10.0.34
40043 allow ip from 10.10.14.2 to any
40043 allow ip from any to 10.10.14.2
40046 allow ip from ***.*.**.15 to any
40046 allow ip from any to ***.*.**.15
40050 allow ip from 10.10.1.38 to any
40050 allow ip from any to 10.10.1.38
40052 allow ip from ***.*.**.90 to any
40052 allow ip from any to ***.*.**.90
40053 allow ip from 10.10.27.2 to any
40053 allow ip from any to 10.10.27.2
40054 allow ip from 10.10.40.2 to table(2)
40054 allow ip from table(2) to 10.10.40.2
40057 allow ip from 10.10.44.2 to any
40057 allow ip from any to 10.10.44.2
40058 allow ip from 10.10.0.8 to any
40058 allow ip from any to 10.10.0.8
40060 allow ip from ***.*.**.34 to any
40060 allow ip from any to ***.*.**.34
40061 allow ip from ***.**.*6.87 to any
40061 allow ip from any to ***.**.*6.87
40063 allow ip from 10.10.34.2 to any
40063 allow ip from any to 10.10.34.2
40064 allow ip from ***.*.**.25 to any
40064 allow ip from any to ***.*.**.25
40066 allow ip from 10.10.0.5 to any
40066 allow ip from any to 10.10.0.5
40068 allow ip from 10.10.9.29 to any
40068 allow ip from any to 10.10.9.29
40069 allow ip from 10.10.38.3 to any
40069 allow ip from any to 10.10.38.3
40070 allow ip from 10.10.37.5 to table(2)
40070 allow ip from table(2) to 10.10.37.5
40071 allow ip from ***.**.*6.224 to any
40071 allow ip from any to ***.**.*6.224
40073 allow ip from 10.10.13.28 to table(2)
40073 allow ip from table(2) to 10.10.13.28
40074 allow ip from ***.*.**.81 to table(2)
40074 allow ip from table(2) to ***.*.**.81
40076 allow ip from 10.10.7.4 to any
40076 allow ip from any to 10.10.7.4
40077 allow ip from 77.87.151.2 to any
40077 allow ip from any to 77.87.151.2
40079 allow ip from ***.*.**.62 to any
40079 allow ip from any to ***.*.**.62
40080 allow ip from ***.**.*6.73 to any
40080 allow ip from any to ***.**.*6.73
40081 allow ip from 10.10.4.5 to any
40081 allow ip from any to 10.10.4.5
40082 allow ip from 10.10.37.3 to any
40082 allow ip from any to 10.10.37.3
40083 allow ip from ***.*.**.64 to any
40083 allow ip from any to ***.*.**.64
40085 allow ip from ***.*.**.89 to any
40085 allow ip from any to ***.*.**.89
40086 allow ip from ***.*.**.23 to any
40086 allow ip from any to ***.*.**.23
40089 allow ip from ***.*.**.60 to any
40089 allow ip from any to ***.*.**.60
40092 allow ip from 10.10.9.19 to any
40092 allow ip from any to 10.10.9.19
40093 allow ip from 10.10.2.5 to any
40093 allow ip from any to 10.10.2.5
40096 allow ip from 10.10.12.100 to any
40096 allow ip from any to 10.10.12.100
40099 allow ip from ***.**.*6.86 to any
40099 allow ip from any to ***.**.*6.86
40100 allow ip from 10.10.13.14 to table(2)
40100 allow ip from table(2) to 10.10.13.14
40101 allow ip from 10.10.1.23 to any
40101 allow ip from any to 10.10.1.23
40102 allow ip from 10.10.0.15 to any
40102 allow ip from any to 10.10.0.15
40103 allow ip from 10.10.11.9 to any
40103 allow ip from any to 10.10.11.9
40104 allow ip from 10.10.1.42 to any
40104 allow ip from any to 10.10.1.42
40105 allow ip from ***.*.**.57 to any
40105 allow ip from any to ***.*.**.57
40106 allow ip from ***.**.*6.69 to any
40106 allow ip from any to ***.**.*6.69
40107 allow ip from ***.**.*6.74 to any
40107 allow ip from any to ***.**.*6.74
40110 allow ip from 10.10.8.9 to any
40110 allow ip from any to 10.10.8.9
40112 allow ip from ***.**.*6.91 to any
40112 allow ip from any to ***.**.*6.91
40114 allow ip from 10.10.12.20 to table(2)
40114 allow ip from table(2) to 10.10.12.20
40115 allow ip from 10.10.24.2 to any
40115 allow ip from any to 10.10.24.2
40116 allow ip from 10.10.11.6 to any
40116 allow ip from any to 10.10.11.6
40117 allow ip from ***.**.*6.216 to any
40117 allow ip from any to ***.**.*6.216
40118 allow ip from ***.*.**.82 to any
40118 allow ip from any to ***.*.**.82
40119 allow ip from 10.10.33.4 to any
40119 allow ip from any to 10.10.33.4
40122 allow ip from ***.**.*6.68 to any
40122 allow ip from any to ***.**.*6.68
40123 allow ip from ***.*.**.72 to any
40123 allow ip from any to ***.*.**.72
40124 allow ip from 10.10.9.22 to any
40124 allow ip from any to 10.10.9.22
40128 allow ip from 10.10.1.11 to any
40128 allow ip from any to 10.10.1.11
40130 allow ip from 10.10.5.2 to any
40130 allow ip from any to 10.10.5.2
40131 allow ip from 10.10.13.32 to any
40131 allow ip from any to 10.10.13.32
40134 allow ip from 10.10.13.18 to any
40134 allow ip from any to 10.10.13.18
40135 allow ip from ***.*.**.2 to any
40135 allow ip from any to ***.*.**.2
40137 allow ip from ***.*.**.4 to any
40137 allow ip from any to ***.*.**.4
40138 allow ip from 10.10.16.5 to any
40138 allow ip from any to 10.10.16.5
40139 allow ip from ***.*.**.7 to any
40139 allow ip from any to ***.*.**.7
40140 allow ip from 10.10.1.6 to any
40140 allow ip from any to 10.10.1.6
40141 allow ip from ***.*.**.8 to any
40141 allow ip from any to ***.*.**.8
40142 allow ip from 10.10.10.83 to any
40142 allow ip from any to 10.10.10.83
40143 allow ip from ***.*.**.14 to any
40143 allow ip from any to ***.*.**.14
40144 allow ip from 10.10.13.22 to any
40144 allow ip from any to 10.10.13.22
40145 allow ip from ***.*.**.240 to any
40145 allow ip from any to ***.*.**.240
40146 allow ip from ***.*.**.24 to any
40146 allow ip from any to ***.*.**.24
40147 allow ip from ***.*.**.30 to any
40147 allow ip from any to ***.*.**.30
40149 allow ip from ***.*.**.224 to any
40149 allow ip from any to ***.*.**.224
40150 allow ip from ***.*.**.55 to any
40150 allow ip from any to ***.*.**.55
40151 allow ip from 10.10.1.37 to any
40151 allow ip from any to 10.10.1.37
40152 allow ip from 10.10.27.1 to any
40152 allow ip from any to 10.10.27.1
40153 allow ip from ***.*.**.36 to any
40153 allow ip from any to ***.*.**.36
40154 allow ip from 10.10.31.1 to any
40154 allow ip from any to 10.10.31.1
40155 allow ip from 10.10.29.2 to any
40155 allow ip from any to 10.10.29.2
40156 allow ip from 10.10.16.12 to any
40156 allow ip from any to 10.10.16.12
40157 allow ip from ***.**.*6.80 to any
40157 allow ip from any to ***.**.*6.80
40158 allow ip from ***.*.**.46 to any
40158 allow ip from any to ***.*.**.46
40159 allow ip from ***.*.**.56 to any
40159 allow ip from any to ***.*.**.56
40160 allow ip from ***.*.**.50 to any
40160 allow ip from any to ***.*.**.50
40161 allow ip from 10.10.42.2 to any
40161 allow ip from any to 10.10.42.2
40162 allow ip from ***.*.**.53 to any
40162 allow ip from any to ***.*.**.53
40163 allow ip from 10.10.8.1 to any
40163 allow ip from any to 10.10.8.1
40164 allow ip from 10.10.49.1 to any
40164 allow ip from any to 10.10.49.1
40165 allow ip from 10.10.32.1 to any
40165 allow ip from any to 10.10.32.1
40166 allow ip from 10.10.48.2 to any
40166 allow ip from any to 10.10.48.2
40167 allow ip from ***.*.**.66 to any
40167 allow ip from any to ***.*.**.66
40168 allow ip from ***.*.**.65 to any
40168 allow ip from any to ***.*.**.65
40169 allow ip from ***.*.**.67 to any
40169 allow ip from any to ***.*.**.67
40170 allow ip from ***.*.**.68 to any
40170 allow ip from any to ***.*.**.68
40171 allow ip from 10.10.36.1 to any
40171 allow ip from any to 10.10.36.1
40172 allow ip from ***.*.**.69 to any
40172 allow ip from any to ***.*.**.69
40173 allow ip from ***.*.**.71 to any
40173 allow ip from any to ***.*.**.71
40174 allow ip from 10.10.21.3 to any
40174 allow ip from any to 10.10.21.3
40175 allow ip from 10.10.5.8 to any
40175 allow ip from any to 10.10.5.8
40176 allow ip from ***.*.**.74 to any
40176 allow ip from any to ***.*.**.74
40177 allow ip from ***.*.**.75 to any
40177 allow ip from any to ***.*.**.75
40178 allow ip from ***.*.**.110 to any
40178 allow ip from any to ***.*.**.110
40179 allow ip from 10.10.45.4 to any
40179 allow ip from any to 10.10.45.4
40180 allow ip from 10.10.54.1 to any
40180 allow ip from any to 10.10.54.1
40181 allow ip from ***.*.**.112 to any
40181 allow ip from any to ***.*.**.112
40182 allow ip from ***.*.**.87 to any
40182 allow ip from any to ***.*.**.87
40183 allow ip from 10.10.51.2 to any
40183 allow ip from any to 10.10.51.2
40184 allow ip from ***.*.**.83 to any
40184 allow ip from any to ***.*.**.83
40185 allow ip from 10.10.0.42 to any
40185 allow ip from any to 10.10.0.42
40186 allow ip from ***.*.**.84 to any
40186 allow ip from any to ***.*.**.84
40187 allow ip from 10.10.49.2 to any
40187 allow ip from any to 10.10.49.2
40188 allow ip from ***.*.**.250 to any
40188 allow ip from any to ***.*.**.250
40189 allow ip from ***.*.**.92 to any
40189 allow ip from any to ***.*.**.92
40190 allow ip from 10.10.42.5 to any
40190 allow ip from any to 10.10.42.5
40191 allow ip from ***.*.**.97 to any
40191 allow ip from any to ***.*.**.97
40192 allow ip from 10.10.27.5 to any
40192 allow ip from any to 10.10.27.5
40193 allow ip from 10.10.37.7 to any
40193 allow ip from any to 10.10.37.7
40194 allow ip from ***.*.**.114 to any
40194 allow ip from any to ***.*.**.114
40195 allow ip from 10.10.7.22 to any
40195 allow ip from any to 10.10.7.22
40196 allow ip from ***.*.**.128 to any
40196 allow ip from any to ***.*.**.128
40197 allow ip from 10.10.22.5 to any
40197 allow ip from any to 10.10.22.5
40198 allow ip from ***.*.**.79 to table(2)
40198 allow ip from table(2) to ***.*.**.79
40199 allow ip from 10.10.6.10 to any
40199 allow ip from any to 10.10.6.10
40200 allow ip from 10.10.6.8 to any
40200 allow ip from any to 10.10.6.8
40201 allow ip from ***.*.**.45 to any
40201 allow ip from any to ***.*.**.45
40202 allow ip from 10.10.6.20 to any
40202 allow ip from any to 10.10.6.20
40203 allow ip from 10.10.45.3 to any
40203 allow ip from any to 10.10.45.3
40204 allow ip from 10.10.1.17 to any
40204 allow ip from any to 10.10.1.17
40206 allow ip from 10.10.14.8 to any
40206 allow ip from any to 10.10.14.8
40209 allow ip from 10.10.56.2 to any
40209 allow ip from any to 10.10.56.2
40211 allow ip from 10.10.21.1 to any
40211 allow ip from any to 10.10.21.1
40214 allow ip from 10.10.11.23 to any
40214 allow ip from any to 10.10.11.23
40217 allow ip from 10.10.1.48 to any
40217 allow ip from any to 10.10.1.48
40218 allow ip from 10.10.0.19 to any
40218 allow ip from any to 10.10.0.19
40219 allow ip from 10.10.11.22 to any
40219 allow ip from any to 10.10.11.22
40220 allow ip from ***.*.**.43 to any
40220 allow ip from any to ***.*.**.43
40221 allow ip from 10.10.16.23 to any
40221 allow ip from any to 10.10.16.23
40223 allow ip from 10.10.12.6 to any
40223 allow ip from any to 10.10.12.6
40225 allow ip from 10.10.12.15 to any
40225 allow ip from any to 10.10.12.15
40228 allow ip from 10.10.0.39 to any
40228 allow ip from any to 10.10.0.39
40229 allow ip from 10.10.57.1 to any
40229 allow ip from any to 10.10.57.1
40230 allow ip from ***.*.**.5 to any
40230 allow ip from any to ***.*.**.5
40232 allow ip from 10.10.11.20 to any
40232 allow ip from any to 10.10.11.20
40234 allow ip from 10.10.39.4 to any
40234 allow ip from any to 10.10.39.4
40237 allow ip from 10.10.15.14 to any
40237 allow ip from any to 10.10.15.14
40239 allow ip from 10.10.0.4 to any
40239 allow ip from any to 10.10.0.4
40240 allow ip from ***.*.**.99 to any
40240 allow ip from any to ***.*.**.99
40241 allow ip from 10.10.16.15 to any
40241 allow ip from any to 10.10.16.15
40242 allow ip from 10.10.26.3 to any
40242 allow ip from any to 10.10.26.3
40243 allow ip from ***.*.**.32 to any
40243 allow ip from any to ***.*.**.32
40244 allow ip from ***.*.**.26 to any
40244 allow ip from any to ***.*.**.26
40246 allow ip from ***.*.**.21 to any
40246 allow ip from any to ***.*.**.21
40247 allow ip from 10.10.15.11 to any
40247 allow ip from any to 10.10.15.11
40248 allow ip from 10.10.0.16 to table(2)
40248 allow ip from table(2) to 10.10.0.16
40250 allow ip from 10.10.6.4 to any
40250 allow ip from any to 10.10.6.4
40256 allow ip from 10.10.2.2 to any
40256 allow ip from any to 10.10.2.2
40257 allow ip from 10.10.3.1 to table(2)
40257 allow ip from table(2) to 10.10.3.1
40259 allow ip from 10.10.27.6 to table(2)
40259 allow ip from table(2) to 10.10.27.6
40261 allow ip from 10.10.0.33 to any
40261 allow ip from any to 10.10.0.33
40262 allow ip from ***.*.**.73 to table(2)
40262 allow ip from table(2) to ***.*.**.73
40263 allow ip from 10.10.7.23 to any
40263 allow ip from any to 10.10.7.23
40265 allow ip from 77.87.151.4 to any
40265 allow ip from any to 77.87.151.4
40266 allow ip from 10.10.8.5 to any
40266 allow ip from any to 10.10.8.5
40268
-
Это ужас какой-то....
Купили новый сервер 2 месяца назад. Вот конфа:
Мать - Intel S5000VSA4DIMM
CPU - 2xXeon 5130 (2Ghz)
RAM - 2x2GB FBDIMM
HDD - 2x250GB SATAII
Все было просто прекрасно. Но недельку назад начал дохнуть по чуть-чуть сервер.
Сначала начался небольшой(1%) пакетлост на него пакетами 32 байт
Через 3-4 дня это уже было 5%. Со всех сетевых интерфейсов.
Заметели что такие проблемы как правило вчасы пик. Трафик до 200Мбит .... частично нат, частично роутинг. pps - 7000-10000 на интерфейс.
Иногда это не пакетлост а просто вот такой пинг: Ответ от 10.10.10.1: число байт=32 время=5мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=11мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=11мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=13мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=18мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=17мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=14мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=14мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=9мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=4мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=32мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=27мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=13мс TTL=64 Ответ от 10.10.10.1: число байт=32 время=11мс TTL=64
В то время как когда все нормально пинг меньше 1мс
в это же время по топу:
last pid: 14035; load averages: 1.41, 1.28, 1.16 up 0+01:08:51 23:54:27 107 processes: 7 running, 88 sleeping, 12 waiting CPU states: 1.5% user, 0.0% nice, 2.8% system, 35.7% interrupt, 59.9% idle Mem: 592M Active, 798M Inact, 152M Wired, 12K Cache, 112M Buf, 962M Free Swap: 4096M Total, 4096M Free PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND 14 root 1 -44 -163 0K 8K CPU2 3 53:41 94.43% swi1: net 13 root 1 171 52 0K 8K RUN 0 39:27 69.78% idle: cpu0 10 root 1 171 52 0K 8K RUN 3 49:54 56.64% idle: cpu3 12 root 1 171 52 0K 8K CPU1 1 34:49 55.57% idle: cpu1 11 root 1 171 52 0K 8K RUN 2 50:19 53.81% idle: cpu2 15 root 1 -32 -151 0K 8K CPU0 3 22:01 29.88% swi4: clock 23 root 1 -68 -187 0K 8K WAIT 1 6:42 10.74% irq19: em1 22 root 1 -68 -187 0K 8K WAIT 0 3:55 5.52% irq18: em0 6322 root 1 8 -15 419M 418M nanslp 1 2:32 2.83% perl5.8.8 14035 root 1 4 0 3524K 3108K sbwait 3 0:00 1.00% sshd 5407 root 8 20 -15 110M 109M kserel 0 5:55 0.00% ipcad 5401 mysql 9 20 0 58288K 30528K kserel 1 1:38 0.00% mysqld 5206 bind 1 96 0 12536K 11700K select 2 0:17 0.00% named 17 root 1 -16 0 0K 8K - 1 0:10 0.00% yarrow 5421 root 1 96 0 3524K 2724K select 2 0:04 0.00% sshd 31 root 1 171 52 0K 8K pgzero 1 0:02 0.00% pagezero 26 root 1 -64 -183 0K 8K WAIT 2 0:02 0.00% irq20: atapci1 19 root 1 -24 -143 0K 8K WAIT 2 0:01 0.00% swi6: task queue
systat -v 1
1 users Load 1.75 1.39 1.21 Nov 19 23:55 Mem:KB REAL VIRTUAL VN PAGER SWAP PAGER Tot Share Tot Share Free in out in out Act 619244 9400 685588 10968 982124 count All 1580176 12264247401588 14364 pages Interrupts Proc:r p d s w Csw Trp Sys Int Sof Flt 93 cow 22367 total 1 67 1 42288 10561706747453 12 240 155232 wire 6655 18: em0 606728 act 7688 19: em1 1.3%Sys 36.1%Intr 1.5%User 0.0%Nice 61.1%Idl 820348 inact 20: ata | | | | | | | | | | 12 cache 2006 cpu0: time =++++++++++++++++++ 982112 free 2006 cpu1: time daefr 2006 cpu2: time Namei Name-cache Dir-cache 162 prcfr 2006 cpu3: time Calls hits % hits % react 290 290 100 pdwake 86 zfod pdpgs Disks ad4 ad6 ar0 85 ozfod intrn KB/t 0.00 0.00 0.00 98 %slo-z 114464 buf tps 0 0 0 207 tfree 273 dirtybuf MB/s 0.00 0.00 0.00 100000 desiredvnodes % busy 0 0 0 2250 numvnodes 1049 freevnodes
systat -if 1
/0 /1 /2 /3 /4 /5 /6 /7 /8 /9 /10 Load Average ||||||| Interface Traffic Peak Total vlan200 in 346.185 KB/s 1.055 MB/s 332.167 MB out 14.351 KB/s 51.047 KB/s 25.251 MB vlan193 in 11.513 MB/s 13.457 MB/s 3.870 GB out 6.579 MB/s 8.161 MB/s 1.779 GB vlan191 in 432.495 KB/s 588.515 KB/s 1.505 GB out 522.547 KB/s 600.848 KB/s 2.909 GB lo0 in 0.000 KB/s 1.099 MB/s 184.367 MB out 0.000 KB/s 1.099 MB/s 184.367 MB em1 in 11.427 MB/s 13.636 MB/s 781.676 MB out 16.168 MB/s 18.515 MB/s 1.010 GB em0 in 12.324 MB/s 14.519 MB/s 1.941 GB out 7.150 MB/s 8.728 MB/s 981.666 MB
В файрволе 200-300 правил+шейпер на 350-400 правил
gw# uname -a FreeBSD 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Wed Sep 26 22:30:43 UTC 2007 root@:/usr/src/sys/i386/compile/MY2 i386
а это вообще гониво:
gw# ping localhost PING localhost.lan.com.ua (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=30.241 ms 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=33.089 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=39.496 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=27.866 ms 64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=20.460 ms ^C --- localhost.lan.com.ua ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 20.460/30.230/39.496/6.246 ms
systat -ip 1
/0 /1 /2 /3 /4 /5 /6 /7 /8 /9 /10 Load Average ||||||||| IP Input IP Output 26802 total packets received 14981 total packets sent 0 - with bad checksums 135 - generated locally 0 - too short for header 0 - output drops 0 - too short for data 0 output fragments generated 0 - with invalid hlen 0 - fragmentation failed 0 - with invalid length 0 destinations unreachable 0 - with invalid version 0 packets output via raw IP 0 - jumbograms 0 total fragments received UDP Statistics 0 - fragments dropped 27 total input packets 0 - fragments timed out 0 - too short for header 0 - packets reassembled ok 0 - invalid checksum 14846 packets forwarded 0 - no checksum 2 - unreachable dests 0 - invalid length 32 - redirects generated 6 - no socket for dest port 0 option errors 1 - no socket for broadcast 0 unwanted multicasts 0 - socket buffer full 106 delivered to upper layer 16 total output packets
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=b<RXCSUM,TXCSUM,VLAN_MTU> inet ***.***.***.*** netmask 0xffffffff broadcast ***.***.***.*** ether 00:03:47:e3:37:0c media: Ethernet autoselect (1000baseTX <full-duplex>) status: active em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=b<RXCSUM,TXCSUM,VLAN_MTU> inet 10.10.10.1 netmask 0xff000000 broadcast 10.255.255.255 inet ***.***.***.*** netmask 0xffffffe0 broadcast ***.***.***.*** inet ***.***.***.*** netmask 0xffffff80 broadcast ***.***.***.*** inet ***.***.***.*** netmask 0xffffff00 broadcast ***.***.***.*** ether 00:15:17:2a:6e:49 media: Ethernet autoselect (1000baseTX <full-duplex>) status: active pfsync0: flags=0<> mtu 2020 syncpeer: 224.0.0.240 maxupd: 128 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208 vlan191: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet ***.***.***.*** netmask 0xfffffffc broadcast ***.***.***.*** ether 00:03:47:e3:37:0c media: Ethernet autoselect (1000baseTX <full-duplex>) status: active vlan: 191 parent interface: em0 vlan193: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet ***.***.***.*** netmask 0xfffffffc broadcast ***.***.***.*** ether 00:03:47:e3:37:0c media: Ethernet autoselect (1000baseTX <full-duplex>) status: active vlan: 193 parent interface: em0 vlan200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet ***.***.***.*** netmask 0xfffffffc broadcast ***.***.***.*** ether 00:03:47:e3:37:0c media: Ethernet autoselect (1000baseTX <full-duplex>) status: active vlan: 200 parent interface: em0 vlan201: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet ***.***.***.*** netmask 0xfffffffc broadcast ***.***.***.*** ether 00:15:17:2a:6e:49 media: Ethernet autoselect (1000baseTX <full-duplex>) status: active vlan: 201 parent interface: em1
может кто сталкивался - хелп....
Заранее спасибо!
-
всем спасибо
вопрос решился сам собой
-
Опубликовано · Изменено пользователем Den_LocalNet · Жалоба на ответ
Имеем:
MB Intel S5000VSA4DIMM
CPU1 Dual Xeon 5130 (2Ghz, 4Mb cache)
CPU2 Dual Xeon 5130 (2Ghz, 4Mb cache)
RAM Chanel1 FBDIMM Hynix 667 Mhz 2Gb
RAM Chanel2 FBDIMM Hynix 667 Mhz 2Gb
SATA RAID1 2x250Gb
LAN Dual Intel 1 Gbit
вот прикупили шлюзик в инет...
Лажа в том что не могу настроить его никак.
Ставил FreeBSD 6.2, 7
Одна и таже проблема - не могу собрать ядро... даже девственный GENERIC с ошибкой вылетает. По остальному никаких проблем... т.е. с портов и сорцов собирает все на ура оочень шустро.
Кто сталкивался с такой бедой - хелп.... тазик нужно уже в стойку ставить на работу, а я не могу ядро слепить
-
присоединяюсь! на доступ нужно савить умную железку.
по поводу вопросов насчет static arp - не эта функция нужна автору топика, а скорее IP-MAC-Port Binding - привязка IP-MAC-Port, 500 записей на устройства, как в DES-3526, так и в DES-3828
По поводу ACL - их кол-ву у обеих упомянутых моделей 800 штук.
Спасибо!
Почитав документацию так и не понял в чём кардинальное отличие 3526 и 3828..... разный уровень это понятно... но в чём он выражен?
Я так понял для моих задач 3 уровень не нужен....
З.Ы. Странно почему в Украине и России такая разная цена на свитчи. Может кто посоветует к кому в Киеве обратиться за 3526?
-
Не буду повторять про нутро упомянутых "расходников", лень. Лучше "тонко намекну", что МАС меняется на раз-два-три.
Изначально неправильно делаете. Изначально...
Дело в том что Вы немного не с той "высоты" полета смотрите.
Финансы на данном этапе не позволюят ставить умную железку на юзера везде. Пока не позволют.
Если прикинуть что далеко не каждый сможет поменять МАК да и то что у него будет возможность выбирать из 20-30 адресов.... то это большой плюс перед тем что есть сейчас.
Да и хочется меж домами/сегментами убрать броадкаст, сетевое окружение, вирусоопасные порты позакрывать.
-
200 статических записей можно вроде бы на любом из перечисленных устройств делать, а вот 300 -- боюсь только 2*DES-3526.
Почитал мануалы от 3526 и 3828 - там на обоих написано до 255 статических АРП записей :(
Поясните плиз - это на всё устройство? Могу ли я 100 штук на один из портов прописать а на остальные по 1-2?
Не понятно если я включаю статик МАК то я должен указать все маки которые будут ходить или только нужные мне связки?
могу ли я запретить всё кроме прописаных МАКов?
Могу ли я запретить конкретный МАК ходить через этот свитчик?
Еще, наверное, стоит на DES-3828 посмотреть -- из бюджета немного выходит, зато 4 гигабитных порта, 3-й уровень, количество ACL побольшеНаверно невнимательно читал - но не увидил ограничение на кол-во ACL. Подкажите?
-
Но с требуемыми функциями управления -- только DGS-34xx, которые втрое дороже заявленного бюджета.
а ACL это третий или второй уровень?
Хотелось бы как минимум на нём "закрывать" нарушителей и на каждый порт по несколько МАКов статических в сумме на 200-300 штук.
посоветуйте конкретно модельку.
склоняюсь в принципе к DES-3326SR или 2*DES-3526 или DES-3550
Толком не могу понять какой мне уровень нужен....
-
Ни на сколько - и тот и другой неблокируемые, значит 100 мегабит в любом случае. :)
А хотелось бы что-то производительнее.....
Как быть если нужно будет 6-10*1Гбит? менять железку?
-
два D-Link DES-3526. Как раз получится $600. У одного таблица IP-MAC-port только на 200. Оптику конвертерами.
Но шейпинг абонентов на центральном свиче по IP не получится -- его нужно на абонентских свичах делать. Либо каждый луч звезды в отдельный vlan и между ними PC-маршрутизатор.
Спасибо за ответ
Сейчас стоит DES-1026G. На сколько DES-3526 проводительнее если не учитывать вообще управляемость?
-
Есть сетка к примеру на 300 абонентов.
Подтянули оптику к некой центральной точке.
Почти звезда с 6 лучами(планируем позже 10 лучей)
На каждом луче от 1 до 3 домов (пока витой включены)
Нужно что-то в центр ставить более менее серьезное.
Хотелось бы как минимум:
1. На каждый луч заданые МАС адреса. Т.е. что бы кроме прописаных адресов не ходило ничего через центр.
2. Роутить не хотелось бы пока.
3. Шейп по ip на порту (что бы можно было в конкретном луче пошейпать конкретного абонента.... хотябы 10/100)
4. Ну и естественно что бы железка справилась с нагрузкой.
Не знаю как лучше организовать: то ли ставить 6 конверторов и тыкать их медью в железку, толи железку с оптическими портами брать?
Пока нужно 100Мбит на каждый луч. Позже скорее всего 1 Гбит.
В идеале хотелось бы - 24-48 портов медь 100 Мбит, 6-10 оптических 100 Мбит, 1-4 медь 1 Гбит...... Можно и без 24-48 портов меди, но гигабитные нужно полюбому т.к. там же стоят файловы сервера.
По цене хотелось бы вложиться до 600 у.е. может чуток больше.....
Заранее спасибо.
Выбор свича на доступ
в Активное оборудование Ethernet, IP, MPLS, SDN/NFV...
Опубликовано · Жалоба на ответ