|
Huzeyfe bey, cok tesekkurler elinize kolunuza saglik ,sizin
sayenizde sorun cozuldu mail server in baska bir (GW) adresi ile disariya
cikmasindan kaynaklaniyormus geri donus gostermedigi icin port yonlendirmesi
olmamis gibi gozukiyordu…. Selamlar Abdullah From: Huzeyfe Onal
[mailto:[EMAIL PROTECTED] Merhaba, 2006/2/23, Abdullah OZTURK <[EMAIL PROTECTED]>: Pf ornek configurasyondan duzenlemey calistim
<foo> degistirmeyi unutmusum oyle kalmis… configurasyonu da ekte
gonderiyorum.. From: Huzeyfe Onal [mailto:[EMAIL PROTECTED]]
Merhaba, pass in on fxp0 proto tcp from any to <foo> port = http
keep state pass in on fxp0 proto udp from any to <foo> port = http
keep state kurallarindaki foo'lar nedir? tum kural aileniz bu mu? ek
olarak pass/block li kurallara mutlaka log ekeyin ki problem ciktiginde
hangi kuraldan dolayi cikiyor gorebiliriz. 2006/2/23,
Abdullah OZTURK < [EMAIL PROTECTED]>: Huzeyfe bey, Sozunuzu tutup PF kurdum nat ve transparan squid gayet
guzel calismakta RDR yonlendirme calismiyor… lutfen yardim…. pfctl –sa kismi sonucu asagidaki gibidir.. nat on fxp0 inet from 192.0.0.0/8 to any -> (fxp0) round-robin rdr on fxp0 inet proto tcp from any to x.x.x.x port = smtp
-> 192.168.1.2 port 25 rdr on fxp0 inet proto tcp from any to x.x.x.x port = pop3
-> 192.168.1.2 port 110 rdr on rl0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3128 FILTER RULES: pass in on rl0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state pass out on fxp0 inet proto tcp from any to any port = http
keep state pass in on fxp0 inet proto tcp from any to any port = smtp
keep state pass in on fxp0 proto tcp from any to <foo> port = http
keep state pass in on fxp0 proto udp from any to <foo> port = http
keep state From: Huzeyfe Onal [mailto: [EMAIL PROTECTED]]
Merhaba, 2006/2/7,
Abdullah OZTURK < [EMAIL PROTECTED]>: Arkadaslar
frebsd gonuldaslari mail server a yonlendirme isini bir turlu
cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi
nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f
/etc/ipfw/natd.conf" ….. ipfw.conf add
00020 divert 8668 ip from any to any via fxp0 add
00021 pipe 1 ip from any to 192.168.1.128/25
out via rl0 pipe
1 config bw 200kbit/s add
00022 fwd 192.168.1.2,25
tcp from any to any 25 in recv fxp0 add
00023 fwd 192.168.1.2,110
tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface
fxp0 redirect_port
tcp 192.168.1.2:25 25 redirect_port
tcp 192.168.1.2:110 110 dynamic
|
