ipfw, natd, ppp problem

Juraj Boldis Boldis at seznam.cz
Fri May 10 09:31:41 CEST 2002


Dobry den,

 potreboval bych poradit, mam FreeBSD 4.5 jako gateway  -  s
ipfw, natd a user-ppp. Z konzole vse(pripojeni ven) funguje OK,
nicmene z jineho PC v lokalni siti(w98) to uz nejde. 
Ping na gateway i nazpatek jde bez problemu.

tcpdump -i ed0 vraci:

 08:03:41.193558 192.168.1.5.netbios-ns >
192.168.1.255.netbios-ns: 
>>> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
08:03:41.944265 192.168.1.5.netbios-ns >
192.168.1.255.netbios-ns: 
>>> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
08:03:42.699328 192.168.1.5.netbios-ns >
192.168.1.255.netbios-ns: 
>>> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
08:04:19.611278 192.168.1.5.netbios-ns >
192.168.1.255.netbios-ns: 
>>> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
08:04:20.356490 192.168.1.5.netbios-ns >
192.168.1.255.netbios-ns: 
>>> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
08:04:21.111600 192.168.1.5.netbios-ns >
192.168.1.255.netbios-ns: 
>>> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST

v rc.conf je:

# -- sysinstall generated deltas -- # Fri May  3 09:54:00 2002
# Created: Fri May  3 09:54:00 2002
# Enable network daemons for user convenience.
# Please make all changes to this file, not to
/etc/defaults/rc.conf.
# This file now contains just the overrides from
/etc/defaults/rc.conf.
gateway_enable="YES"
hostname="drobek.stkat.cz"
network_interfaces="ed0 lo0"
ifconfig_lo="inet 127.0.0.1"
ifconfig_ed0="inet 192.168.1.1 netmask 255.255.255.0"
kern_securelevel_enable="NO"
moused_enable="NO"
moused_type="NO"
nfs_reserved_port_only="NO"
sendmail_enable="NO"
ppp_enable="YES"
ppp_mode="auto"
ppp_profile="quick"
ppp_nat="NO"
ppp_user="root"

sshd_enable="YES"
firewall_enable="YES"
firewall_type="open"
firewall_script="/etc/firewall/fwrules"
natd_enable="YES"
natd_interface="tun0"
natd_flags="-n tun0  -dynamic -l -log_ipfw_denied yes" 


a ipfw je nastaven:

00100  4 280 divert 8668 ip from any to any via tun0
00200  0   0 allow ip from any to any via lo0
00300 12 936 allow ip from any to any via ed0
00400  0   0 allow tcp from any to any out xmit tun0 setup
00500  0   0 allow tcp from any to any via tun0 established
00600  0   0 reset log logamount 100 tcp from any to any 113 in
recv tun0
00700  0   0 allow udp from any to any out xmit tun0
00800  0   0 allow udp from any to any in recv tun0
00900  0   0 allow icmp from any to any
65435  0   0 deny log logamount 100 ip from any to any
65535  0   0 deny ip from any to any

V alias.log neni nic

Dekuji predem za pomoc

                       Jura
 

______________________________________________________________________
Reklama:
Co davaji v TV? http://tv.seznam.cz



More information about the Users-l mailing list