Re: [freebsd] IP FILTER PROBLEM
Rica ederim, sevindim düzelmesine. Sizin bu IP adresini kullanan bir LAN da oldugunuzu dusunursek, Spoof onlemi bir önceki gatewayde, ya da daha dogrusu nat yapan cihazınızda olmalı. Eğer siz bu freebsd makinayı Internet -> router -> freebsd -> lan seklinde kullanmak istiyorsanız, 2 adet NIC kullanıp router tarafında spoof onlemelisiniz. Cisco routerlarda non routable ip ler icin blocklama ozelligi vardi sanirim. Bir sekilde aktive ediliyordu, bir ccna, ccnp ye sormak faydali olur. Iyi calismalar. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 9:18 AM Subject: RE: [freebsd] IP FILTER PROBLEM Evet bu sekilde oldu, Cok tsk ederim super spoofing icin bir problem olusturur mu acaba bu satirlari kaldirmam. Ekstra bir satir eklemem gerekir mi? saygilar -Original Message- From: M.Sinan BEYRIBEY [mailto:[EMAIL PROTECTED] Sent: 28 October 2004 09:27 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM Üstad afedersiniz ama rl0 üzerinde 192.168.0.0/16 yı blockluyorsunuz. Eğer sorununuz dışarıdan bağlantının kesilmesi ise (212 li IP ye yonelik soyluyorum), benim cevabım yanlış olacaktır, Ancak LAN'da yapmaya çalışıyorsanız, block in quick on rl0 from 192.168.0.0/16 to any satırını kaldırınız, hatta denemek için ipf.rules dosyanızdaki butun 192.168. blocklarını kaldırınız. Saygılar. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 6:29 AM Subject: RE: [freebsd] IP FILTER PROBLEM Slm list, Hala firewall'a bir cozum bulamadim, ipf.rules ve ipnat.rules dosyalarina kurallari girince makinanin butun baglantilari kesiliyor bakmadigim yer kalmadi ifconfig rl0: flags=8843 mtu 1500 inet 212.248.98.43 netmask 0xfff8 broadcast 212.248.98.47 inet 192.168.1.90 netmask 0xff00 broadcast 192.168.1.255 inet 192.168.1.91 netmask 0x broadcast 192.168.1.91 inet 192.168.1.92 netmask 0x broadcast 192.168.1.92 inet 192.168.1.93 netmask 0x broadcast 192.168.1.93 inet 192.168.1.94 netmask 0x broadcast 192.168.1.94 inet 192.168.1.95 netmask 0x broadcast 192.168.1.95 ether 00:50:ba:b2:79:e0 media: Ethernet autoselect (100baseTX ) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff00 ppp0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 faith0: flags=8002 mtu 1500 -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 14:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM ifconfig dediginizde ethernetiniz nedir loopbackniz nedir fxp0 ethernet , rl0 loopback gibi bunlari netlestirin ve en basitten zora dogru gidin.. yasaklardan once calisiyormuya bakin.. ayrica tum bloklariniza log ekleyin.. log eklediginizde /var/log/messages e hangi portla ilgili hata dusuyor bakin.. gibi.. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 12:54 PM Subject: RE: [freebsd] IP FILTER PROBLEM Oncelikle cevap verdiginiz icin tsk ederim, Sizin gondermis oldugunuz konf. U da hazirladim calistirdim ondan sonra yine ayni problem butun baglantilar kesildi Tekrar file ini icini bosaltarak yeniden baslattim hala sorunu gideremedim. -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp
RE: [freebsd] IP FILTER PROBLEM
Evet bu sekilde oldu, Cok tsk ederim super spoofing icin bir problem olusturur mu acaba bu satirlari kaldirmam. Ekstra bir satir eklemem gerekir mi? saygilar -Original Message- From: M.Sinan BEYRIBEY [mailto:[EMAIL PROTECTED] Sent: 28 October 2004 09:27 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM Üstad afedersiniz ama rl0 üzerinde 192.168.0.0/16 yı blockluyorsunuz. Eğer sorununuz dışarıdan bağlantının kesilmesi ise (212 li IP ye yonelik soyluyorum), benim cevabım yanlış olacaktır, Ancak LAN'da yapmaya çalışıyorsanız, block in quick on rl0 from 192.168.0.0/16 to any satırını kaldırınız, hatta denemek için ipf.rules dosyanızdaki butun 192.168. blocklarını kaldırınız. Saygılar. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 6:29 AM Subject: RE: [freebsd] IP FILTER PROBLEM Slm list, Hala firewall'a bir cozum bulamadim, ipf.rules ve ipnat.rules dosyalarina kurallari girince makinanin butun baglantilari kesiliyor bakmadigim yer kalmadi ifconfig rl0: flags=8843 mtu 1500 inet 212.248.98.43 netmask 0xfff8 broadcast 212.248.98.47 inet 192.168.1.90 netmask 0xff00 broadcast 192.168.1.255 inet 192.168.1.91 netmask 0x broadcast 192.168.1.91 inet 192.168.1.92 netmask 0x broadcast 192.168.1.92 inet 192.168.1.93 netmask 0x broadcast 192.168.1.93 inet 192.168.1.94 netmask 0x broadcast 192.168.1.94 inet 192.168.1.95 netmask 0x broadcast 192.168.1.95 ether 00:50:ba:b2:79:e0 media: Ethernet autoselect (100baseTX ) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff00 ppp0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 faith0: flags=8002 mtu 1500 -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 14:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM ifconfig dediginizde ethernetiniz nedir loopbackniz nedir fxp0 ethernet , rl0 loopback gibi bunlari netlestirin ve en basitten zora dogru gidin.. yasaklardan once calisiyormuya bakin.. ayrica tum bloklariniza log ekleyin.. log eklediginizde /var/log/messages e hangi portla ilgili hata dusuyor bakin.. gibi.. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 12:54 PM Subject: RE: [freebsd] IP FILTER PROBLEM Oncelikle cevap verdiginiz icin tsk ederim, Sizin gondermis oldugunuz konf. U da hazirladim calistirdim ondan sonra yine ayni problem butun baglantilar kesildi Tekrar file ini icini bosaltarak yeniden baslattim hala sorunu gideremedim. -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.
Re: [freebsd] Ag Ayarlari Hakkinda
Ipuclarina goz atmalisiniz, orada bir hazine duruyor, sorunuzun cevabi: http://ipucu.enderunix.org/view.php?id=347&lang=tr :) Bu durumda ADSL IP'nizi modem yerine FreeBSD alacaktir, modem sadece bridge olarak calisacaktir. On Wed, Oct 27, 2004 at 08:55:07AM -0700, Bedreddin ÞAHBAZ wrote: > Merhaba, > > Sorunum su; > > FreeBSD makinama bir ethernet karti daha taktim. > Ethernet kartlarima farkli ip bloklarinda ip verdim. > dc0 10.34.0.200 dc1 ise 192.168.1.2 > > Internete router tipi bir modem ile cikiyorum. Derdim > su internet cikisinin onunda FreeBSD nin durmasini > istiyorum. HTTP icin sorun yasamiyorum. FreeBSD ye ag > gecidi olarak modemin ip sini verdim ve FreeBSD > internete cikiyor. Bu sayede Squid calisiyor ve > siteler proxy ile gezilebiliyor. Ama ben kendi makinam > icin mesela FreeBSD nin ag gecidi olmasini istiyorum. > Yani kendi makinam ile FreeBSD nin uzerinden gecip > proxy olmaksizin disari cikabilmek istiyorum. Bu nasil > olur? Kitabi okuyorum ama bir cozum metodu bulamadim. > > Bir de agda 10.34.0.200 olan dc0 ethernete gelen ve > dest ip si 180.10.100.33 olan paketleri 10.34.0.1 e > yonlendirmek istiyorum. Modemde basit bir menu ile > oluyor bu FreeBSD de acep nasil? > > Saygilarimla.. > > > > __ > Do you Yahoo!? > Read only the mail you want - Yahoo! Mail SpamGuard. > http://promotions.yahoo.com/new_mail > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL > PROTECTED] > > -- Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
[freebsd] Multiport NIC
Herkese günaydın, Şu 2-4 portlu ethernet kartlarından kullanmış olan veyahut ilgilenip araştırmış olan var mı acaba listede? Merak ediyorum kaç adet takabiliriz acaba FreeBSD yuklu bir pc uzerine.. Linux ile ilgili araştırırken eth0'dan eth15 e kadar yapmış olanını gördüm ama limitle ilgili birşeyden bahsetmiyordu.. Benim istediğim 6 PCI slotlu bir makinaya 24 Ethernet kartı takmak :) 22 diyelim, Gigabit olanlardan 4 lü alamam heralde,o da 2 li olur, param yetmez :) Bu pci olanlar dışında başka çözüm bilen var mıdır acep? Misal USB den 16'lık blok ethernet takılıyordur belki (felsefe dersindeki ütopya kelimesini çözmüş oldum böylece.. ) Biraz geyik oldu mesaj, ama yeni uyandım, mazur görelim mümkünse :) Saygılarımla, -- Sinan - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] IP FILTER PROBLEM
Üstad afedersiniz ama rl0 üzerinde 192.168.0.0/16 yı blockluyorsunuz. Eğer sorununuz dışarıdan bağlantının kesilmesi ise (212 li IP ye yonelik soyluyorum), benim cevabım yanlış olacaktır, Ancak LAN'da yapmaya çalışıyorsanız, block in quick on rl0 from 192.168.0.0/16 to any satırını kaldırınız, hatta denemek için ipf.rules dosyanızdaki butun 192.168. blocklarını kaldırınız. Saygılar. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 6:29 AM Subject: RE: [freebsd] IP FILTER PROBLEM Slm list, Hala firewall'a bir cozum bulamadim, ipf.rules ve ipnat.rules dosyalarina kurallari girince makinanin butun baglantilari kesiliyor bakmadigim yer kalmadi ifconfig rl0: flags=8843 mtu 1500 inet 212.248.98.43 netmask 0xfff8 broadcast 212.248.98.47 inet 192.168.1.90 netmask 0xff00 broadcast 192.168.1.255 inet 192.168.1.91 netmask 0x broadcast 192.168.1.91 inet 192.168.1.92 netmask 0x broadcast 192.168.1.92 inet 192.168.1.93 netmask 0x broadcast 192.168.1.93 inet 192.168.1.94 netmask 0x broadcast 192.168.1.94 inet 192.168.1.95 netmask 0x broadcast 192.168.1.95 ether 00:50:ba:b2:79:e0 media: Ethernet autoselect (100baseTX ) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff00 ppp0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 faith0: flags=8002 mtu 1500 -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 14:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM ifconfig dediginizde ethernetiniz nedir loopbackniz nedir fxp0 ethernet , rl0 loopback gibi bunlari netlestirin ve en basitten zora dogru gidin.. yasaklardan once calisiyormuya bakin.. ayrica tum bloklariniza log ekleyin.. log eklediginizde /var/log/messages e hangi portla ilgili hata dusuyor bakin.. gibi.. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 12:54 PM Subject: RE: [freebsd] IP FILTER PROBLEM Oncelikle cevap verdiginiz icin tsk ederim, Sizin gondermis oldugunuz konf. U da hazirladim calistirdim ondan sonra yine ayni problem butun baglantilar kesildi Tekrar file ini icini bosaltarak yeniden baslattim hala sorunu gideremedim. -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 1 block in log quick on xl0 proto tcp from any to any port = 1 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 3306 block in log quick on xl0 proto tcp from any to any port = 3306 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 22 block in log quick on xl0 proto tcp from any to any port = 22 pass in quick on xl0
RE: [freebsd] IP FILTER PROBLEM
Slm list, Hala firewall'a bir cozum bulamadim, ipf.rules ve ipnat.rules dosyalarina kurallari girince makinanin butun baglantilari kesiliyor bakmadigim yer kalmadi ifconfig rl0: flags=8843 mtu 1500 inet 212.248.98.43 netmask 0xfff8 broadcast 212.248.98.47 inet 192.168.1.90 netmask 0xff00 broadcast 192.168.1.255 inet 192.168.1.91 netmask 0x broadcast 192.168.1.91 inet 192.168.1.92 netmask 0x broadcast 192.168.1.92 inet 192.168.1.93 netmask 0x broadcast 192.168.1.93 inet 192.168.1.94 netmask 0x broadcast 192.168.1.94 inet 192.168.1.95 netmask 0x broadcast 192.168.1.95 ether 00:50:ba:b2:79:e0 media: Ethernet autoselect (100baseTX ) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff00 ppp0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 faith0: flags=8002 mtu 1500 -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 14:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM ifconfig dediginizde ethernetiniz nedir loopbackniz nedir fxp0 ethernet , rl0 loopback gibi bunlari netlestirin ve en basitten zora dogru gidin.. yasaklardan once calisiyormuya bakin.. ayrica tum bloklariniza log ekleyin.. log eklediginizde /var/log/messages e hangi portla ilgili hata dusuyor bakin.. gibi.. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 12:54 PM Subject: RE: [freebsd] IP FILTER PROBLEM Oncelikle cevap verdiginiz icin tsk ederim, Sizin gondermis oldugunuz konf. U da hazirladim calistirdim ondan sonra yine ayni problem butun baglantilar kesildi Tekrar file ini icini bosaltarak yeniden baslattim hala sorunu gideremedim. -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 1 block in log quick on xl0 proto tcp from any to any port = 1 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 3306 block in log quick on xl0 proto tcp from any to any port = 3306 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 22 block in log quick on xl0 proto tcp from any to any port = 22 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 21 block in log quick on xl0 proto tcp from any to any port = 21 pass in quick on xl0 proto tcp from 213.194.65.15/32 to any port = 53 pass in quick on xl0 proto tcp from 213.194.65.36/32 to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 53 block in log quick on xl0 proto tcp from any to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 3128 block in log quick on xl0 proto tcp from any to any
[freebsd] Ag Ayarlari Hakkinda
Merhaba, Sorunum su; FreeBSD makinama bir ethernet karti daha taktim. Ethernet kartlarima farkli ip bloklarinda ip verdim. dc0 10.34.0.200 dc1 ise 192.168.1.2 Internete router tipi bir modem ile cikiyorum. Derdim su internet cikisinin onunda FreeBSD nin durmasini istiyorum. HTTP icin sorun yasamiyorum. FreeBSD ye ag gecidi olarak modemin ip sini verdim ve FreeBSD internete cikiyor. Bu sayede Squid calisiyor ve siteler proxy ile gezilebiliyor. Ama ben kendi makinam icin mesela FreeBSD nin ag gecidi olmasini istiyorum. Yani kendi makinam ile FreeBSD nin uzerinden gecip proxy olmaksizin disari cikabilmek istiyorum. Bu nasil olur? Kitabi okuyorum ama bir cozum metodu bulamadim. Bir de agda 10.34.0.200 olan dc0 ethernete gelen ve dest ip si 180.10.100.33 olan paketleri 10.34.0.1 e yonlendirmek istiyorum. Modemde basit bir menu ile oluyor bu FreeBSD de acep nasil? Saygilarimla.. __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] iptables ve media player
Merhaba, AslÄna bakarsanÄz port ve useragent a gÃre yasaklamayapmak pek iÅe yaramayacaktÄr. Bunu iÃin http://l7-filter.sourceforge.net/ adresindeki uygulama bazlÄ (adÄ Ãzerinde layer 7) gÃvenlik duvarÄnÄ deneyebilirsiniz. Hià denemedim ancak denemeye can atÄyorum doÄrusu. On Mon, 25 Oct 2004 13:14:17 +0300, Umut Demirhan <[EMAIL PROTECTED]> wrote: > port 80'den yayin yaapan radyolara iptables sanirim birsey yapamaz. > firewall engeli olmasin diye port 80 kullanan cok radyo var (mp3 streams mesela) > squid varsa belki useragent'a dayali bir engelleme olabnilir > > SkyMind> Asagidaki gibi bir kural yazdim ama olmadÄ acaba port 1755 den baksa bisi > SkyMind> olabilirmi? > SkyMind> > SkyMind> iptables -A INPUT -s 0.0.0.0 -p udp --destination-port 1755 -i ppp0 -j DROP > SkyMind> iptables -A INPUT -s 0.0.0.0 -p tcp --destination-port 1755 -i ppp0 -j DROP > SkyMind> > SkyMind> -Original Message- > SkyMind> From: Afsin Taskiran [mailto:[EMAIL PROTECTED] > SkyMind> Sent: Monday, October 25, 2004 12:48 PM > SkyMind> To: [EMAIL PROTECTED] > SkyMind> Subject: Re: [freebsd] iptables ve media player > SkyMind> > SkyMind> mms ile yayin yapan radyolari engellemek icin (ontanimli) 1755 TCP portunu > SkyMind> kapatabilirsin. > SkyMind> > SkyMind> AfÅin TaÅkÄran > SkyMind> www.taskiran.org > SkyMind> > SkyMind> > SkyMind> - Original Message - > SkyMind> From: "SkyMind" <[EMAIL PROTECTED]> > SkyMind> To: <[EMAIL PROTECTED]> > SkyMind> Sent: Monday, October 25, 2004 12:38 PM > SkyMind> Subject: [freebsd] iptables ve media player > SkyMind> > SkyMind> > SkyMind> > Merhaba > SkyMind> > > SkyMind> > windoz client'larin media player ile radyo dinlemelerini engelleyebilecek > SkyMind> > nasil bir iptables kurali yazabilirim. > SkyMind> > > SkyMind> > Äyi calismalar > SkyMind> > > SkyMind> > SkyMind> > SkyMind> > SkyMind> - > SkyMind> Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > SkyMind> http://www.acikkod.com/freebsd.php > SkyMind> > SkyMind> To unsubscribe, e-mail: [EMAIL PROTECTED] > SkyMind> Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] > SkyMind> > SkyMind> > SkyMind> > > > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL > PROTECTED] > > -- Onur YALAZI IT Bilimleri UzmanÄ - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Squid Performans
en iyi persormans derken squid in conf u üzerinde yapılabilecek ayarlar örn cache dizinleri 1. 2. level dir. maximum request object size vss. - Original Message - From: "Devrim Sipahi" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 4:37 PM Subject: Re: [freebsd] Squid Performans donanım yeterli gözüküyor. squid'in kullanacağı belleği arttırabilirsiniz. Çar 27 Eki 2004 16:11 tarihinde, Oguz KURT şunları yazmıştı: > pardon taksit taksit oldu 512 LL > > - Original Message - > From: "Devrim Sipahi" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, October 27, 2004 4:08 PM > Subject: Re: [freebsd] Squid Performans > > > Bantgenişliği ve bellek? > > Çar 27 Eki 2004 16:01 tarihinde, Oguz KURT şunları yazmıştı: > > 100 user > > P3 500 CPU > > 20 GB IDE DISK > > sadece Squid > > > > > > - Original Message - > > From: "Gokhan" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, October 27, 2004 3:53 PM > > Subject: Re: [freebsd] Squid Performans > > > > > Selamlar, > > > > > > Bize ÅYu bilgileri verir misiniz? > > > 1. KUllanıcı sayısı > > > 2. Squid çalıÅYacak makina ya da makinaların donanım özellikleri. > > > CPU, RAM, > > > > Disk türü (IDE, SCSI), Disk boyutu, Raid Kartı var mı? > > > > > 3. Kullanılacak FreeBSD sürümü? > > > 4. Aynı sistemde baÅYka servisler çalıÅYacak mı? Varsa hangileri? > > > > > > > > > Kolay gelsin, > > > > > > Gokhan > > > > > > Oguz KURT wrote: > > > >Squid de en iyi performansi almak için default gelen ayarlarin > > > > hangilerinde > > > > > >ne gibi degisiklikler yapmak gerekir > > > >ne gibi kriterleri degerlendirmek lazim örn. user sayisi, band > > > > genisligi vss. > > > > > > > > > > > >- > > > >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > > >http://www.acikkod.com/freebsd.php > > > > > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >Liste arsivi: http://lists.enderunix.org ve > > > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > - > > > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > > http://www.acikkod.com/freebsd.php > > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > Liste arsivi: http://lists.enderunix.org ve > > > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > > > > > > > - > > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > http://www.acikkod.com/freebsd.php > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > Liste arsivi: http://lists.enderunix.org ve > > http://www.mail-archive.com/[EMAIL PROTECTED] > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Squid Performans
donanım yeterli gözüküyor. squid'in kullanacağı belleği arttırabilirsiniz. Çar 27 Eki 2004 16:11 tarihinde, Oguz KURT şunları yazmıştı: > pardon taksit taksit oldu 512 LL > > - Original Message - > From: "Devrim Sipahi" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, October 27, 2004 4:08 PM > Subject: Re: [freebsd] Squid Performans > > > Bantgenişliği ve bellek? > > Çar 27 Eki 2004 16:01 tarihinde, Oguz KURT şunları yazmıştı: > > 100 user > > P3 500 CPU > > 20 GB IDE DISK > > sadece Squid > > > > > > - Original Message - > > From: "Gokhan" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, October 27, 2004 3:53 PM > > Subject: Re: [freebsd] Squid Performans > > > > > Selamlar, > > > > > > Bize ÅYu bilgileri verir misiniz? > > > 1. KUllanıcı sayısı > > > 2. Squid çalıÅYacak makina ya da makinaların donanım özellikleri. > > > CPU, RAM, > > > > Disk türü (IDE, SCSI), Disk boyutu, Raid Kartı var mı? > > > > > 3. Kullanılacak FreeBSD sürümü? > > > 4. Aynı sistemde baÅYka servisler çalıÅYacak mı? Varsa hangileri? > > > > > > > > > Kolay gelsin, > > > > > > Gokhan > > > > > > Oguz KURT wrote: > > > >Squid de en iyi performansi almak için default gelen ayarlarin > > > > hangilerinde > > > > > >ne gibi degisiklikler yapmak gerekir > > > >ne gibi kriterleri degerlendirmek lazim örn. user sayisi, band > > > > genisligi vss. > > > > > > > > > > > >- > > > >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > > >http://www.acikkod.com/freebsd.php > > > > > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >Liste arsivi: http://lists.enderunix.org ve > > > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > - > > > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > > http://www.acikkod.com/freebsd.php > > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > Liste arsivi: http://lists.enderunix.org ve > > > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > > > > > > > - > > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > http://www.acikkod.com/freebsd.php > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > Liste arsivi: http://lists.enderunix.org ve > > http://www.mail-archive.com/[EMAIL PROTECTED] > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Squid Performans
pardon taksit taksit oldu 512 LL - Original Message - From: "Devrim Sipahi" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 4:08 PM Subject: Re: [freebsd] Squid Performans Bantgenişliği ve bellek? Çar 27 Eki 2004 16:01 tarihinde, Oguz KURT şunları yazmıştı: > 100 user > P3 500 CPU > 20 GB IDE DISK > sadece Squid > > > - Original Message - > From: "Gokhan" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, October 27, 2004 3:53 PM > Subject: Re: [freebsd] Squid Performans > > > Selamlar, > > > > Bize ÅYu bilgileri verir misiniz? > > 1. KUllanıcı sayısı > > 2. Squid çalıÅYacak makina ya da makinaların donanım özellikleri. > > CPU, RAM, > > Disk türü (IDE, SCSI), Disk boyutu, Raid Kartı var mı? > > > 3. Kullanılacak FreeBSD sürümü? > > 4. Aynı sistemde baÅYka servisler çalıÅYacak mı? Varsa hangileri? > > > > > > Kolay gelsin, > > > > Gokhan > > > > Oguz KURT wrote: > > >Squid de en iyi performansi almak için default gelen ayarlarin > > hangilerinde > > > >ne gibi degisiklikler yapmak gerekir > > >ne gibi kriterleri degerlendirmek lazim örn. user sayisi, band > > > genisligi vss. > > > > > > > > >- > > >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > >http://www.acikkod.com/freebsd.php > > > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >Liste arsivi: http://lists.enderunix.org ve > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > - > > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > http://www.acikkod.com/freebsd.php > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > Liste arsivi: http://lists.enderunix.org ve > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Squid Performans
Bantgenişliği ve bellek? Çar 27 Eki 2004 16:01 tarihinde, Oguz KURT şunları yazmıştı: > 100 user > P3 500 CPU > 20 GB IDE DISK > sadece Squid > > > - Original Message - > From: "Gokhan" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, October 27, 2004 3:53 PM > Subject: Re: [freebsd] Squid Performans > > > Selamlar, > > > > Bize Å?u bilgileri verir misiniz? > > 1. KUllanıcı sayısı > > 2. Squid çalıÅ?acak makina ya da makinaların donanım özellikleri. > > CPU, RAM, > > Disk türü (IDE, SCSI), Disk boyutu, Raid Kartı var mı? > > > 3. Kullanılacak FreeBSD sürümü? > > 4. Aynı sistemde baÅ?ka servisler çalıÅ?acak mı? Varsa hangileri? > > > > > > Kolay gelsin, > > > > Gokhan > > > > Oguz KURT wrote: > > >Squid de en iyi performansi almak için default gelen ayarlarin > > hangilerinde > > > >ne gibi degisiklikler yapmak gerekir > > >ne gibi kriterleri degerlendirmek lazim örn. user sayisi, band > > > genisligi vss. > > > > > > > > >- > > >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > >http://www.acikkod.com/freebsd.php > > > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >Liste arsivi: http://lists.enderunix.org ve > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > - > > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > http://www.acikkod.com/freebsd.php > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > Liste arsivi: http://lists.enderunix.org ve > > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Squid Performans
+ ilave 256 MB ram - Original Message - From: "Oguz KURT" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 4:01 PM Subject: Re: [freebsd] Squid Performans > 100 user > P3 500 CPU > 20 GB IDE DISK > sadece Squid > > > - Original Message - > From: "Gokhan" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, October 27, 2004 3:53 PM > Subject: Re: [freebsd] Squid Performans > > > > Selamlar, > > > > Bize Åu bilgileri verir misiniz? > > 1. KUllanÄcÄ sayÄsÄ > > 2. Squid ÃalÄÅacak makina ya da makinalarÄn donanÄm Ãzellikleri. CPU, RAM, > Disk tÃrà (IDE, SCSI), Disk boyutu, Raid KartÄ var mÄ? > > 3. KullanÄlacak FreeBSD sÃrÃmÃ? > > 4. AynÄ sistemde baÅka servisler ÃalÄÅacak mÄ? Varsa hangileri? > > > > > > Kolay gelsin, > > > > Gokhan > > > > > > > > > > Oguz KURT wrote: > > > > >Squid de en iyi performansi almak iÃin default gelen ayarlarin > hangilerinde > > >ne gibi degisiklikler yapmak gerekir > > >ne gibi kriterleri degerlendirmek lazim Ãrn. user sayisi, band genisligi > > >vss. > > > > > > > > >- > > >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > >http://www.acikkod.com/freebsd.php > > > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > - > > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > > http://www.acikkod.com/freebsd.php > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > Liste arsivi: http://lists.enderunix.org ve > http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > > > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED] > > > - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Squid Performans
100 user P3 500 CPU 20 GB IDE DISK sadece Squid - Original Message - From: "Gokhan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 3:53 PM Subject: Re: [freebsd] Squid Performans > Selamlar, > > Bize Åu bilgileri verir misiniz? > 1. KUllanÄcÄ sayÄsÄ > 2. Squid ÃalÄÅacak makina ya da makinalarÄn donanÄm Ãzellikleri. CPU, RAM, Disk tÃrà (IDE, SCSI), Disk boyutu, Raid KartÄ var mÄ? > 3. KullanÄlacak FreeBSD sÃrÃmÃ? > 4. AynÄ sistemde baÅka servisler ÃalÄÅacak mÄ? Varsa hangileri? > > > Kolay gelsin, > > Gokhan > > > > > Oguz KURT wrote: > > >Squid de en iyi performansi almak iÃin default gelen ayarlarin hangilerinde > >ne gibi degisiklikler yapmak gerekir > >ne gibi kriterleri degerlendirmek lazim Ãrn. user sayisi, band genisligi > >vss. > > > > > >- > >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > >http://www.acikkod.com/freebsd.php > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > > > > > > > > - > Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. > http://www.acikkod.com/freebsd.php > > To unsubscribe, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED] > > > - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Squid Performans
Selamlar, Bize Åu bilgileri verir misiniz? 1. KUllanÄcÄ sayÄsÄ 2. Squid ÃalÄÅacak makina ya da makinalarÄn donanÄm Ãzellikleri. CPU, RAM, Disk tÃrà (IDE, SCSI), Disk boyutu, Raid KartÄ var mÄ? 3. KullanÄlacak FreeBSD sÃrÃmÃ? 4. AynÄ sistemde baÅka servisler ÃalÄÅacak mÄ? Varsa hangileri? Kolay gelsin, Gokhan Oguz KURT wrote: Squid de en iyi performansi almak iÃin default gelen ayarlarin hangilerinde ne gibi degisiklikler yapmak gerekir ne gibi kriterleri degerlendirmek lazim Ãrn. user sayisi, band genisligi vss. - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
[freebsd] Squid Performans
Squid de en iyi performansi almak için default gelen ayarlarin hangilerinde ne gibi degisiklikler yapmak gerekir ne gibi kriterleri degerlendirmek lazim örn. user sayisi, band genisligi vss. - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
[freebsd] spamassassin
Selamlar... Evolution la birlikte spamassassin kullaniyorum ~/.spamassassin/user_prefs dosyasinin içerisine report_safe 0 eklememe ragmen mesajin headerlarinda hiçbir sey gorunmuyor neden olabilir ? ayný zamanda bu ayar local.cf icinde de tanimli __ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
Re: [freebsd] Proftp kullanici haklari
Merhaba , Baris kardesimin onerisi uzerine anonymous farkli bir dizine upload yapiyor . Directory yapilandirmasiyla bu dizine cesitli kisitlamalar koymyi denedim ama olmuyor. conf dosyasinin anonymous bolumu asagida onerilerinizi bekliyorum -- User guest Group guest UserAlias anonymous guest DenyALL # Burada hem allow hemde Deny denedim -- M.Murat AKBAS Baris Simsek yazmış: Bu isteklerinizi karşılayabilecek konfigurasyon seçenekleri olduğunu zannetmiyorum. Proftpd.org daki dokumanlarda yapılandırmasına bakın. Ama iş görmez muhtemelen. Çünkü istekleriniz biraz 'mutual exclusion' yani birbirini reddeden şeyler. dizine yazma hakkı olan dizin açma hakkını elde etti demektir ama dizin açma hakkı olmasın istiyorsunuz upload yapabilecek yani yazma hakkı olan birine download etme yani read hakkı vermiyorsunuz. write olsun ama read olmasın diyorsunuz :) dolayısıyla istekleriniz çok özel. alternatif çözüm düşünün. yine de http://www.proftpd.org daki belgeleri okuyun. mesela anonymous farklı birdizine upload etsin. bir betik ile periyodik olarak bu dizindekileri kullanıcı1 in home'una taşıyın. yapmak istediğinz neyse ona farklı bir yaklaşımla çözüm getirilebilir. M.Murat AKBAŞ wrote: Merhaba, Proftpd kurulu FreeBSD 4.10 sunucumunuz var. Sunucuda 2 adet FTP kullanicisi var. Bu kullanicilar kendi home dizinlerine dosya upload ediyorlar. Bir de anonymous kullanici var. Anonymous kullanicida kullanicilardan birinin home dizinine dosya upload ediyor. Simdi istedigimiz ama beceremedigimiz su kullanici1 kendi home dizininde tum islemleri yapabilsin kullanici2 kendi home dizininde tum islemleri yapabilsin Anonymous kullanici kullanici1' in home dizinini gorsun buraya upload yapabilsin baska bir islem yapamasin. (download, dizin acma vs..) yardimlariniz icin simdiden tesekkurler. M.Murat AKBAS - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED] - Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. http://www.acikkod.com/freebsd.php To unsubscribe, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org ve http://www.mail-archive.com/[EMAIL PROTECTED]
RE: [freebsd] IP FILTER PROBLEM
Ifconfig in ciktisi soyle hook# ifconfig rl0: flags=8843 mtu 1500 inet 212.248.98.43 netmask 0xfff8 broadcast 212.248.98.47 inet 192.168.1.90 netmask 0xff00 broadcast 192.168.1.255 inet 192.168.1.91 netmask 0x broadcast 192.168.1.91 inet 192.168.1.92 netmask 0x broadcast 192.168.1.92 inet 192.168.1.93 netmask 0x broadcast 192.168.1.93 inet 192.168.1.94 netmask 0x broadcast 192.168.1.94 inet 192.168.1.95 netmask 0x broadcast 192.168.1.95 ether 00:50:ba:b2:79:e0 media: Ethernet autoselect (100baseTX ) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff00 ppp0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 faith0: flags=8002 mtu 1500 -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 14:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM ifconfig dediginizde ethernetiniz nedir loopbackniz nedir fxp0 ethernet , rl0 loopback gibi bunlari netlestirin ve en basitten zora dogru gidin.. yasaklardan once calisiyormuya bakin.. ayrica tum bloklariniza log ekleyin.. log eklediginizde /var/log/messages e hangi portla ilgili hata dusuyor bakin.. gibi.. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 12:54 PM Subject: RE: [freebsd] IP FILTER PROBLEM Oncelikle cevap verdiginiz icin tsk ederim, Sizin gondermis oldugunuz konf. U da hazirladim calistirdim ondan sonra yine ayni problem butun baglantilar kesildi Tekrar file ini icini bosaltarak yeniden baslattim hala sorunu gideremedim. -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 1 block in log quick on xl0 proto tcp from any to any port = 1 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 3306 block in log quick on xl0 proto tcp from any to any port = 3306 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 22 block in log quick on xl0 proto tcp from any to any port = 22 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 21 block in log quick on xl0 proto tcp from any to any port = 21 pass in quick on xl0 proto tcp from 213.194.65.15/32 to any port = 53 pass in quick on xl0 proto tcp from 213.194.65.36/32 to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 53 block in log quick on xl0 proto tcp from any to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 3128 block in log quick on xl0 proto tcp from any to any port = 3128 pass in quick on xl0 proto tcp from any to any port = 110 pass in quick on xl0 proto tcp from any to any port = 25 # blo
Re: [freebsd] IP FILTER PROBLEM
ifconfig dediginizde ethernetiniz nedir loopbackniz nedir fxp0 ethernet , rl0 loopback gibi bunlari netlestirin ve en basitten zora dogru gidin.. yasaklardan once calisiyormuya bakin.. ayrica tum bloklariniza log ekleyin.. log eklediginizde /var/log/messages e hangi portla ilgili hata dusuyor bakin.. gibi.. - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 12:54 PM Subject: RE: [freebsd] IP FILTER PROBLEM Oncelikle cevap verdiginiz icin tsk ederim, Sizin gondermis oldugunuz konf. U da hazirladim calistirdim ondan sonra yine ayni problem butun baglantilar kesildi Tekrar file ini icini bosaltarak yeniden baslattim hala sorunu gideremedim. -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 1 block in log quick on xl0 proto tcp from any to any port = 1 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 3306 block in log quick on xl0 proto tcp from any to any port = 3306 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 22 block in log quick on xl0 proto tcp from any to any port = 22 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 21 block in log quick on xl0 proto tcp from any to any port = 21 pass in quick on xl0 proto tcp from 213.194.65.15/32 to any port = 53 pass in quick on xl0 proto tcp from 213.194.65.36/32 to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 53 block in log quick on xl0 proto tcp from any to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 3128 block in log quick on xl0 proto tcp from any to any port = 3128 pass in quick on xl0 proto tcp from any to any port = 110 pass in quick on xl0 proto tcp from any to any port = 25 # block in quick on xl0 proto tcp from 80.58.0.0/16 to any port = 80 block in quick on xl0 proto tcp from 213.172.32.0/19 to any port = 80 block in quick on xl0 proto tcp from 62.174.0.0/15 to any port = 80 pass in quick on xl0 proto tcp from any to any port = 80 # block return-rst in quick on fxp0 proto tcp from any to any # block return-icmp-as-dest(port-unr) in quick on fxp0 proto udp from any to any # block in log quick on fxp0 proto icmp from any to any - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 9:53 AM Subject: RE: [freebsd] IP FILTER PROBLEM Son durum takip acisindan kolay olur diyerek dosyalari ekleyerek gonderiyorum. Simdiden tsk ler -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 10:24 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM tam gonderirmisiniz su anki durumunu - Original Message - From: "Abdu
RE: [freebsd] IP FILTER PROBLEM
Oncelikle cevap verdiginiz icin tsk ederim, Sizin gondermis oldugunuz konf. U da hazirladim calistirdim ondan sonra yine ayni problem butun baglantilar kesildi Tekrar file ini icini bosaltarak yeniden baslattim hala sorunu gideremedim. -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 1 block in log quick on xl0 proto tcp from any to any port = 1 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 3306 block in log quick on xl0 proto tcp from any to any port = 3306 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 22 block in log quick on xl0 proto tcp from any to any port = 22 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 21 block in log quick on xl0 proto tcp from any to any port = 21 pass in quick on xl0 proto tcp from 213.194.65.15/32 to any port = 53 pass in quick on xl0 proto tcp from 213.194.65.36/32 to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 53 block in log quick on xl0 proto tcp from any to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 3128 block in log quick on xl0 proto tcp from any to any port = 3128 pass in quick on xl0 proto tcp from any to any port = 110 pass in quick on xl0 proto tcp from any to any port = 25 # block in quick on xl0 proto tcp from 80.58.0.0/16 to any port = 80 block in quick on xl0 proto tcp from 213.172.32.0/19 to any port = 80 block in quick on xl0 proto tcp from 62.174.0.0/15 to any port = 80 pass in quick on xl0 proto tcp from any to any port = 80 # block return-rst in quick on fxp0 proto tcp from any to any # block return-icmp-as-dest(port-unr) in quick on fxp0 proto udp from any to any # block in log quick on fxp0 proto icmp from any to any - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 9:53 AM Subject: RE: [freebsd] IP FILTER PROBLEM Son durum takip acisindan kolay olur diyerek dosyalari ekleyerek gonderiyorum. Simdiden tsk ler -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 10:24 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM tam gonderirmisiniz su anki durumunu - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 9:19 AM Subject: RE: [freebsd] IP FILTER PROBLEM asagidaki kurali dediginiz gibi ekledim ama yine calismiyor. Ssh icin de ayni kurali uyguladim rule eklendi ve file degistirildi diyor ama calismiyor -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 09:40 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM Dogrudur ipfilter v3.4.31 on
[freebsd] Re: FreeBSD kurulum!
Bunlar root un cron jobları diger user'lardan birine ait bir cron job olabilir. crontab -l -u username bu sekilde diger userlara bakabilirsiniz. passworddeki userlari bir script ile yukarki komuta verin butun cron lari listeleyin. /var/spool/cron dizininde de cron job lar vardir. hersey /etc altinda degildir. tum bunlari da kontrol edin. kolay gelsin. Baris Simsek http://www.acikkod.org http://www.enderunix.org/simsek - Turkiye'nin ilk FreeBSD kitabi cikti: http://www.acikkod.com/freebsd.php [windows-1254] enginaar© writes: Siz FreeBSD'nin hangi versyonunu kurdunuz. VMware'in internet sitesinden inceledim en son sürümün bile FreeBSD 5.2.1 sürümüne desteği yokmuş sanırım o yüzden şu an 4.10 versyonunu çekiorum. FreeBSD'ye bi gün geçecem inşallah. Yalnız hala RedHat'la ilgili ilginç bir problemim var. Diğer mailgroup'lardan cevap alamadım belki siz yardımcı olabilirsiniz diye sormak istiyorum bilmiyorum kurallarınıza aykırı mı? Sistemde her dakka apache'yi start etmeye çalışan bir cron ya da ona benzer bişey var. Webmin'le de cron job'lara bakıyorum içlerinde öle bişeyler yok. /etc altındaki adı cron'la başlayan klasörlere baktım zaten pek bişey yok. Apache'yi start edecek bişey de yok. Bu iş başka yerden yapılabilir mi? Lazım olursa die crontab dosyası içeriğini de aşağıya kopyalıorum. SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly Apache'nin kendi kendini başlatmaya çalışma gibi özelliği yoktu sanırım. Ben de öyle bişey ayarlamadım. Bunu çalıştıran şeyin ne olduğunu bulabilir miyiz? -Original Message- From: Ismail YENIGUL [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 26, 2004 4:34 PM To: [EMAIL PROTECTED] Subject: Re: [freebsd] FreeBSD kurulum! selamlar Ben de Vmware 4.0.5 var ve FreeBSD'yi gormektedir.olmazsa bu versiyonu kurun. kolay gelsin On Tue, Oct 26, 2004 at 04:09:41PM +0300, Gokhan wrote: Bu arada ?unu yapmay? unutma.. Disk ay?r?rken ne kadar ay?rd?ysan ba?tan initialize et. Biraz uzun s?r?yor ama bu ?art Ve en ba?ta Other se?. FreeBSD gelmesi laz?m.. Gelmiyorsa vmware s?r?m?n? kontrol et.. Gidip vmwareden son s?r?m?n? indir. Ayr?ca vmware.com da l?tfen FreebSd kurmakla ilgili belge search. Gokhan enginaar? wrote: >S?ylediklerinizin hepsini yapt?m yine ayn? sorun ??k?yor. > >DEVICE SE?ENEKLER? >Guest OS : FreeBSD >Memory : 256MB >Hard Disk 1 (IDE 0:0) : Independent-persistent >CD-ROM 1 (IDE 1:0) : Auto Detect >Floppy 1 : Using Drive A >NIC 1: Bridged >USB Controller : Present >Audio: Default Adapter > > >A?ILI? EKRANINDAK? HATA MESAJI >F1 FreeBSD >Default: F1 > >No /boot/loader > >FreeBSD/i386 boot >Default: 0:ad(0,a)/kernel >boot: >No /kernel > > >Olay budur. >Sanki hi?bi?ey y?klememi?im gibi. > >-Original Message- >From: Gokhan [mailto:[EMAIL PROTECTED] >Sent: Tuesday, October 26, 2004 1:09 PM >To: [EMAIL PROTECTED] >Subject: Re: [freebsd] FreeBSD kurulum! > >Selamlar, > >VMware i?indeki device se?eneklerini yollay?n listeye. Hangi donan?m? >nas?l g?r?yor FreeBSD, bu ?nemli. >Sanal makina a?arken Custom/Other FreeBSD dediniz mi? >Sonra en son se?enekten bir ?nce Advanced deyip, ide disk i?in >persistence se?melisiniz. >Yani diske ne yaz?lacaksa hemen yaz demelisiniz. Diskinizin ide >oldugunu kabul ediyorum. Bu sorun ??kart?yor. >Kurulu?a ge?ince boot loader y?kledi?inize emin olun. Hepsi bu ba?ka >bir ?ey yok. >Ayn? sistem bende ?al???yor. >En son vmware s?r?m?n? kulland???n?za emin olun bu arada. > >Kolay gelsin >G?khan > > > > > > >enginaar? wrote: > > > >>Selamlar arkada?lar, >> >>?u RedHat da??t?mlar?n?n ??kard??? sorunlar beni FreeBSD kurmaya sevketti. >>Internetten 2 cd. 5.2.1 s?r?m?n?n iso'lar?n? ?ektim. vmware ile yeni >>a?t???m bi sanal pc'ye kurulumu felan yapt?m cd'yi ??kard?m sanal >>pc'im yeniden ba?lad? ve boot etmiyor. "/kernel" yokmu? galiba >>san?r?m ondan boot >> >> >etmiyor. > > >>Bootloader'da kurdum, kurmad?m bi?ey de?i?medi. Sonu?ta beceremedim >>ben bu i?i yard?mc? olabilecek kimse var m?? >> >>freebsd.org'da yazan kurulum d?k?manlar?n? okudum, ayn?lar?n? yapt?m. >>Gene a?m?o. >> >>Te?ekk?rler >>Ali Engin >> >> >> >> >> >> > > >- >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. >http://www.acikkod.com/freebsd.php > >To unsubscribe, e-mail: [EMAIL PROTECTED] >Liste arsivi: http://lists.enderunix.org ve >http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > > >- >Duydunuz mu! Turkiye'nin ilk FreeBSD kitabi cikti. >http://www.acikkod.com/freebsd.php > >To unsubscribe, e-mail: [EMAIL PROTECTED] >Liste arsivi: http://lists.enderunix.org ve >http://www.mail-archive.com/[EMAIL PROTECTED] > > > > > ---
RE: [freebsd] IP FILTER PROBLEM
Tam anliayamadim benim konfigurasyonda ne gibi bir hata var. Abdullah ÖZTÜRK Design Office Moscow city Tel:255-83-44/45/46 Fax:255-83-47 -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 11:05 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 1 block in log quick on xl0 proto tcp from any to any port = 1 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 3306 block in log quick on xl0 proto tcp from any to any port = 3306 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 22 block in log quick on xl0 proto tcp from any to any port = 22 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 21 block in log quick on xl0 proto tcp from any to any port = 21 pass in quick on xl0 proto tcp from 213.194.65.15/32 to any port = 53 pass in quick on xl0 proto tcp from 213.194.65.36/32 to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 53 block in log quick on xl0 proto tcp from any to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 3128 block in log quick on xl0 proto tcp from any to any port = 3128 pass in quick on xl0 proto tcp from any to any port = 110 pass in quick on xl0 proto tcp from any to any port = 25 # block in quick on xl0 proto tcp from 80.58.0.0/16 to any port = 80 block in quick on xl0 proto tcp from 213.172.32.0/19 to any port = 80 block in quick on xl0 proto tcp from 62.174.0.0/15 to any port = 80 pass in quick on xl0 proto tcp from any to any port = 80 # block return-rst in quick on fxp0 proto tcp from any to any # block return-icmp-as-dest(port-unr) in quick on fxp0 proto udp from any to any # block in log quick on fxp0 proto icmp from any to any - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 9:53 AM Subject: RE: [freebsd] IP FILTER PROBLEM Son durum takip acisindan kolay olur diyerek dosyalari ekleyerek gonderiyorum. Simdiden tsk ler -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 10:24 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM tam gonderirmisiniz su anki durumunu - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 9:19 AM Subject: RE: [freebsd] IP FILTER PROBLEM asagidaki kurali dediginiz gibi ekledim ama yine calismiyor. Ssh icin de ayni kurali uyguladim rule eklendi ve file degistirildi diyor ama calismiyor -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 09:40 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM Dogrudur ipfilter v3.4.31 onceki surum hangsisiydi animsamiyorum ama orada bu sizin 7.satir sorunsuz calisiyordu siz buyuk olasi
Re: [freebsd] IP FILTER PROBLEM
burada loopback hic yok hep ethernet sorun oncelikle burada basliyor inceleyip kendinize uyarlayin.. sonra gecmelisiniz her degisiklik sonrasi # ipf -Fa -f /etc/ipf.rules; ipnat -CF -f /etc/ipnat.rules; ipf -Fa -f /etc/ipf.rules -E pass out quick on lo0 pass in quick on lo0 #fxp0 -ethernet block in quick on fxp0 all with opt lsrr block in quick on fxp0 all with opt ssrr # block in quick on fxp0 proto tcp from any to any flags FUP block in quick proto tcp all flags FUP ## Default is block all, so i didn't specifically blocked icmp ## block non-routable for spoofing protection -- block in quick on fxp0 from 192.168.0.0/16 to any block in quick on fxp0 from 172.16.0.0/12 to any block in quick on fxp0 from 10.0.0.0/8 to any block in quick on fxp0 from 127.0.0.0/8 to any block in quick on fxp0 from any to 192.168.0.0/32 block in quick on fxp0 from any to 192.168.0.255/32 block in quick on fxp0 from any to 172.16.0.0/32 block in quick on fxp0 from any to 172.16.255.255/32 block out quick on fxp0 from any to 192.168.0.0/16 block out quick on fxp0 from any to 172.16.0.0/12 block out quick on fxp0 from any to 10.0.0.0/8 block out quick on fxp0 from any to 127.0.0.0/8 block in log quick on fxp0 proto icmp from any to any icmp-type 0 block in log quick on fxp0 proto icmp from any to any icmp-type 3 block in log quick on fxp0 proto icmp from any to any icmp-type 8 block in log quick on fxp0 proto icmp from any to any icmp-type 11 #block in log quick on fxp0 proto icmp from any to any icmp-type redir # izinler pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 25 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 110 flags S keep state pass in quick on fxp0 proto tcp from any to 192.168.0.248 port = 80 flags S keep state # pass out quick on fxp0 proto tcp from any to any keep state pass out quick on fxp0 proto udp from any to any keep state pass out quick on fxp0 proto icmp from any to any keep state #ilgili porta erisim pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 1 block in log quick on xl0 proto tcp from any to any port = 1 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 3306 block in log quick on xl0 proto tcp from any to any port = 3306 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 22 block in log quick on xl0 proto tcp from any to any port = 22 pass in quick on xl0 proto tcp from 192.168.0.224/32 to any port = 21 block in log quick on xl0 proto tcp from any to any port = 21 pass in quick on xl0 proto tcp from 213.194.65.15/32 to any port = 53 pass in quick on xl0 proto tcp from 213.194.65.36/32 to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 53 block in log quick on xl0 proto tcp from any to any port = 53 pass in quick on xl0 proto tcp from 192.168.0.0/24 to any port = 3128 block in log quick on xl0 proto tcp from any to any port = 3128 pass in quick on xl0 proto tcp from any to any port = 110 pass in quick on xl0 proto tcp from any to any port = 25 # block in quick on xl0 proto tcp from 80.58.0.0/16 to any port = 80 block in quick on xl0 proto tcp from 213.172.32.0/19 to any port = 80 block in quick on xl0 proto tcp from 62.174.0.0/15 to any port = 80 pass in quick on xl0 proto tcp from any to any port = 80 # block return-rst in quick on fxp0 proto tcp from any to any # block return-icmp-as-dest(port-unr) in quick on fxp0 proto udp from any to any # block in log quick on fxp0 proto icmp from any to any - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 9:53 AM Subject: RE: [freebsd] IP FILTER PROBLEM Son durum takip acisindan kolay olur diyerek dosyalari ekleyerek gonderiyorum. Simdiden tsk ler -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 10:24 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM tam gonderirmisiniz su anki durumunu - Original Message - From: "Abdullah ÖZTÜRK" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 9:19 AM Subject: RE: [freebsd] IP FILTER PROBLEM asagidaki kurali dediginiz gibi ekledim ama yine calismiyor. Ssh icin de ayni kurali uyguladim rule eklendi ve file degistirildi diyor ama calismiyor -Original Message- From: Engin ÖZTÜRK [mailto:[EMAIL PROTECTED] Sent: 27 October 2004 09:40 To: [EMAIL PROTECTED] Subject: Re: [freebsd] IP FILTER PROBLEM Dogrudur ipfilter v3.4.31 onceki surum hangsisiydi animsamiyorum ama orada bu sizin 7.satir sorunsuz calisiyordu siz buyuk olasilikla v3.4.31 ve/ya ustu kullaniyorsunuz pass in quick on rl0 proto tcp from 192.168.1.1/32 to any port = 3128 block in log quick on rl0 proto tcp from any to any port = 3128 satirlar cok kayik gelmis tam okuyamadim ama ustteki satiri yazin calisacaktir.. ve diger portlari da ayni sekilde.. ustte 192.1
