Hugle Posted July 2, 2003 Posted July 2, 2003 Zdravstvujte dorogije grazhdani:) vot problemka u menia takaja: est' route ( A ) pod FreeBSD 5.0 u nego ip 192.168.254.254, on podkliuchen k seti cherez rl0 i k internetu rl1 - 212.168.68.150 pravila firewall'a: 00099 divert 8668 ip from any to any via rl1 00100 allow ip from any to any i zapusehn NAT na rl1: natd -n rl1 tut vrode vsio horosho raspisano:) teper est' router ( B ) pod FreeBSD 5.1 2 setevuhi : xl0 - imeet IP 192.168.254.2 255.255.255.0 i xl1 - ip 192.168.1.2/255.255.255.0 i 192.168.2.2/255.255.255.0 tak vot nado zdelat' tak shtob, router B bral internet u router'a A i rabotal kak GW. tolko kogda ja gateway vystavliaju 192.168.1.2 u meani internet nerabotaet rabotaet tolko HTTP ( zdelal forward na squid) pravila na routere B: 00300 fwd 127.0.0.1,80 tcp from any to me dst-port 80 in via xl1 00310 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 in via xl1 00410 divert 8860 ip from 192.168.1.0/24 to any out xmit 192.168.254.254 00420 divert 8860 ip from 192.168.254.254 to 192.168.1.0/24 65535 allow ip from any to any i nat deamon: natd -a 192.168.254.2 -p 8860 tolko vot nepingujutsa hossty, rabotaet tolko HTTP , blagodoria squid'u pomogite dobromu cheloveku :) spasibo Вставить ник Quote
Hugle Posted July 4, 2003 Author Posted July 4, 2003 narod pomogite ;)) ja zhe znaju shto tut est' liudi namnogo umnee menia ili posovetujte sajty... potamushto googlit' neznaju na kakuju temu.. a shto nahoditl to nepomogalo.. na opennete iskal.. tozhe nichego konkretnogo nashol Вставить ник Quote
viko Posted July 4, 2003 Posted July 4, 2003 ipfw add 700 divert natd ip from 192.168.254.0/24 to any out via rl1 ipfw add 1005 divert natd ip from any to 212.168.68.150 in via rl1 ipfw add 60000 allow ip from any to any natd -n rl1 Eto dlya servera A Dlya servera B ipfw add 700 divert 8860 ip from 192.168.1.0/24 to any out via xl1 ipfw add 800 divert 8860 ip from 192.168.2.0/24 to any out via xl1 ipfw add 1005 divert 8860 ip from any to 192.168.254.2 in via xl1 ipfw add 60000 allow ip from any to any natd -a 192.168.254.2 -p 8860 Dlya servera B ukazuvaesh shlyuz 192.168.254.254 i v /etc/rc.conf dobavlyaem router_enable="YES" Na server A veshaesh proxy a potov divertim kak hotim :-) Вставить ник Quote
Hugle Posted July 5, 2003 Author Posted July 5, 2003 vo;) rabotat' nachialo:) spasibo viko, boslhoje boslhoje! :) a teper.. esli mne naprimer nado pop3/smth kinut' cherez drugoj link, eto delaetsa za pomoshju: # staryje pravila ipfw add 700 divert 8860 ip from 192.168.1.0/24 to any out via xl1 ipfw add 800 divert 8860 ip from 192.168.2.0/24 to any out via xl1 ipfw add 1005 divert 8860 ip from any to 192.168.254.2 in via xl1 ipfw add 60000 allow ip from any to any natd -a 192.168.254.2 -p 8860 ########### # plius eti? ipfw add 600 divert 8852 tcp from 192.168.0.0/16 to any dst-port 25,110 out via 213.190.37.13 ipfw add 601 divert 8852 tcp from any to 213.190.37.13 dst-port 25,110 in natd -a 213.190.37.13 -p 8882 # ili eshio shtoto dobolnitelnoje nado? kakojnibut' forward mozhet ? Вставить ник Quote
Hugle Posted July 5, 2003 Author Posted July 5, 2003 prosto ja tozhe samoe progoval delat' tolko puskaja viso cherez totzhe interface (192.168.254.2) ipfw show pokazyvaet shto packety kakijeto proshli no vykidyvaet could not conenct to server :/ Вставить ник Quote
viko Posted July 5, 2003 Posted July 5, 2003 Davay lutshe po muly obschatcya viko@online.com.ua Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.