Re: [FreeBSD] firewall

Thu, 01 Sep 2005 08:02:16 -0700

Sanirim sorunum natin normal calismamasi dokumana bir bakayim sonucu paylasirim. 
Tesekkur ederim.
----- Original Message ----- From: "KEMAL FIRAT" <[EMAIL PROTECTED]> 
To: <freebsd@lists.enderunix.org>
Sent: 01 Eylül 2005 Perşembe 17:48
Subject: Re: [FreeBSD] firewall



Huzeyfe Beyin ip ucu olarak girdigi bilgiyi kullanarak kerneli derledim.

wall# uname -a
FreeBSD wall.firewall.com 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Wed Aug 31 20:56:55 EEST 2005 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/FWALL i386 


wall# pfctl -e
pfctl: pf already enabled
----- Original Message ----- From: "Halil Demirezen" <[EMAIL PROTECTED]> 
To: <freebsd@lists.enderunix.org>
Cc: "KEMAL FIRAT" <[EMAIL PROTECTED]>
Sent: 01 Eylül 2005 Perşembe 20:39
Subject: Re: [FreeBSD] firewall


Selam,

FreeBSD çekirdeğinde

IPFIREWALL
IPDIVERT
destegi olmasi gerekiyor. GENERIC bir çekirdek mi kullaniyorsunuz?(uname -a )? 

Bunun için aşağıdaki döküman işinize yarayacaktir:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html

iyi çalışmalar.


Perşembe 01 Eylül 2005 14:24 tarihinde, KEMAL FIRAT şunları yazmıştı:

Herkese Merhaba,
FreeBSD 5.4 yuklu makinama 2 ethernet karti takip internet baglantisini bu 
makinanin uzerine almaya calişiyorum.Fakat kendisi haric diger pc'leri
internete cikarmayi basaramadim.Calistiramayinca pf'i aktif hale getirdim
pf.conf dosyasinda pass in all ve pass out all sectim fakat degisen bir sey 
olmadi.Ayni makinaya (calistirabildikten sonra) squid proxy de kurmak
istiyorum.Bu isin bir puf noktasimi var, bir bilen yardimci olursa
sevinirim.

## rc.conf icerigi;

gateway_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
pflog_enable="YES"
pflog_logfile="/var/log/fpflog"
pflog_flags=""
natd_enable="YES"
natd_interface="re1"
ifconfig_re0="inet 192.168.1.99  netmask 255.255.255.0"
ifconfig_re1="DHCP"

## ifconfig icerigi;

re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=18<VLAN_MTU,VLAN_HWTAGGING>
        inet6 fe80::208:a1ff:fe89:6c23%re0 prefixlen 64 scopeid 0x1
        inet 192.168.1.99 netmask 0xffffff00 broadcast 192.168.1.255
        ether 00:08:a1:89:6c:23
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=18<VLAN_MTU,VLAN_HWTAGGING>
        inet6 fe80::208:a1ff:fe89:6c32%re1 prefixlen 64 scopeid 0x2
        inet 195.174.26.191 netmask 0xffff0000 broadcast 255.255.255.255
        ether 00:08:a1:89:6c:32
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208
pfsync0: flags=0<> mtu 2020
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
        inet 127.0.0.1 netmask 0xff000000

## netstat -r icerigi;

Routing tables

Internet:
Destination Gateway Flags Refs Use Netif Expire 
default            195.174.0.1        UGS         0      261    re1
localhost          localhost          UH          0        0    lo0
192.168.1          link#1             UC          0        0    re0
192.168.1.24 00:0d:61:3f:21:3b UHLW 0 296 re0 1133 
195.174.0/16       link#2             UC          0        0    re1
195.174.0.1 00:05:00:e5:ec:44 UHLW 1 0 re1 1200 cable2-99.avrupa.k 00:08:a1:7f:94:a8 UHLW 0 3 re1 411 
cable12-50.avrupa. 00:90:96:3d:bd:2b  UHLW        0        3    re1
cable26-191.avrupa 00:08:a1:89:6c:32  UHLW        0        0    lo0
cable29-25.avrupa. 00:00:21:db:cb:0c UHLW 0 3 re1 252 cable80-116.avrupa 00:90:96:40:5a:df UHLW 0 2 re1 826 cable87-118.avrupa 00:0e:a6:8c:b4:2f UHLW 0 6 re1 335 
cable88-182.anadol 00:05:00:e5:ec:44  UHLW        0        1    re1
cable88-235.anadol 00:05:00:e5:ec:44 UHLW 0 3 re1 554 
cable90-13.anadolu 00:05:00:e5:ec:44  UHLW        0        6    re1
195.174.106.251 00:05:00:e5:ec:44 UHLW 0 3 re1 778 195.174.108.22 00:05:00:e5:ec:44 UHLW 0 2 re1 259 195.174.117.190 00:05:00:e5:ec:44 UHLW 0 6 re1 661 195.174.119.173 00:05:00:e5:ec:44 UHLW 0 6 re1 369 195.174.125.109 00:05:00:e5:ec:44 UHLW 0 1 re1 682 
195.174.131.206    00:05:00:e5:ec:44  UHLW        0        3    re1
195.174.138.19     00:05:00:e5:ec:44  UHLW        0        2    re1
cable194-14.izmir. 00:05:00:e5:ec:44 UHLW 0 3 re1 835 cable203-39.izmir. 00:05:00:e5:ec:44 UHLW 0 3 re1 642 195.174.212.221 00:05:00:e5:ec:44 UHLW 0 3 re1 393 195.174.225.107 00:05:00:e5:ec:44 UHLW 0 3 re1 557 

---------------------------------------------------------------------
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php



---------------------------------------------------------------------
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php





---------------------------------------------------------------------
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php

Cevap