Re: [FreeBSD] IPFW-NAT-FWD
Merhaba,bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK <[EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL ---First Turkish Qmail book is out! Go check it.Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
RE: [FreeBSD] IPFW-NAT-FWD
Huzeyfe bey, Tekrar onu ogrenmem gerekecek onun icin fazla vaktim yok ama ona da bakacam….. simdi su andaki problemi cozmem lazim …. Selamlar Abdullah From: Huzeyfe Onal [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 08, 2006 10:31 AM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK <[EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
RE: [FreeBSD] IPFW-NAT-FWD
Huzeyfe bey, Sozunuzu tutup PF kurdum nat ve transparan squid gayet guzel calismakta RDR yonlendirme calismiyor… lutfen yardim…. pfctl –sa kismi sonucu asagidaki gibidir.. nat on fxp0 inet from 192.0.0.0/8 to any -> (fxp0) round-robin rdr on fxp0 inet proto tcp from any to x.x.x.x port = smtp -> 192.168.1.2 port 25 rdr on fxp0 inet proto tcp from any to x.x.x.x port = pop3 -> 192.168.1.2 port 110 rdr on rl0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3128 FILTER RULES: pass in on rl0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state pass out on fxp0 inet proto tcp from any to any port = http keep state pass in on fxp0 inet proto tcp from any to any port = smtp keep state pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state From: Huzeyfe Onal [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 08, 2006 10:31 AM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK <[EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
Re: [FreeBSD] IPFW-NAT-FWD
Merhaba,pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state kurallarindaki foo'lar nedir? tum kural aileniz bu mu? ek olarak pass/block li kurallara mutlaka log ekeyin ki problem ciktiginde hangi kuraldan dolayi cikiyor gorebiliriz. 2006/2/23, Abdullah OZTURK < [EMAIL PROTECTED]>: Huzeyfe bey, Sozunuzu tutup PF kurdum nat ve transparan squid gayet guzel calismakta RDR yonlendirme calismiyor… lutfen yardim…. pfctl –sa kismi sonucu asagidaki gibidir.. nat on fxp0 inet from 192.0.0.0/8 to any -> (fxp0) round-robin rdr on fxp0 inet proto tcp from any to x.x.x.x port = smtp -> 192.168.1.2 port 25 rdr on fxp0 inet proto tcp from any to x.x.x.x port = pop3 -> 192.168.1.2 port 110 rdr on rl0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3128 FILTER RULES: pass in on rl0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state pass out on fxp0 inet proto tcp from any to any port = http keep state pass in on fxp0 inet proto tcp from any to any port = smtp keep state pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state From: Huzeyfe Onal [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 08, 2006 10:31 AM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK < [EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ -- Huzeyfe ÖNAL ---First Turkish Qmail book is out! Go check it.Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
RE: [FreeBSD] IPFW-NAT-FWD
Pf ornek configurasyondan duzenlemey calistim degistirmeyi unutmusum oyle kalmis… configurasyonu da ekte gonderiyorum.. From: Huzeyfe Onal [mailto:[EMAIL PROTECTED] Sent: Thursday, February 23, 2006 2:23 PM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state kurallarindaki foo'lar nedir? tum kural aileniz bu mu? ek olarak pass/block li kurallara mutlaka log ekeyin ki problem ciktiginde hangi kuraldan dolayi cikiyor gorebiliriz. 2006/2/23, Abdullah OZTURK < [EMAIL PROTECTED]>: Huzeyfe bey, Sozunuzu tutup PF kurdum nat ve transparan squid gayet guzel calismakta RDR yonlendirme calismiyor… lutfen yardim…. pfctl –sa kismi sonucu asagidaki gibidir.. nat on fxp0 inet from 192.0.0.0/8 to any -> (fxp0) round-robin rdr on fxp0 inet proto tcp from any to x.x.x.x port = smtp -> 192.168.1.2 port 25 rdr on fxp0 inet proto tcp from any to x.x.x.x port = pop3 -> 192.168.1.2 port 110 rdr on rl0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3128 FILTER RULES: pass in on rl0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state pass out on fxp0 inet proto tcp from any to any port = http keep state pass in on fxp0 inet proto tcp from any to any port = smtp keep state pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state From: Huzeyfe Onal [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 08, 2006 10:31 AM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK < [EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ pf.conf Description: Binary data - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
Re: [FreeBSD] IPFW-NAT-FWD
Merhaba,kurallariniz gayet normal, gerci hicbir istek bloklanmamis ama beklediginiz calismanin olmasi gerekiyor. Acaba bu firewallun onunde baska filtreleme yapan bir cihaz var mi? Firewall'in dis bacagini dinlediginizde(tcpdump) SMTP vs isteklerini gorebiliyor musunuz? 2006/2/23, Abdullah OZTURK <[EMAIL PROTECTED]>: Pf ornek configurasyondan duzenlemey calistim degistirmeyi unutmusum oyle kalmis… configurasyonu da ekte gonderiyorum.. From: Huzeyfe Onal [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 23, 2006 2:23 PM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state kurallarindaki foo'lar nedir? tum kural aileniz bu mu? ek olarak pass/block li kurallara mutlaka log ekeyin ki problem ciktiginde hangi kuraldan dolayi cikiyor gorebiliriz. 2006/2/23, Abdullah OZTURK < [EMAIL PROTECTED]>: Huzeyfe bey, Sozunuzu tutup PF kurdum nat ve transparan squid gayet guzel calismakta RDR yonlendirme calismiyor… lutfen yardim…. pfctl –sa kismi sonucu asagidaki gibidir.. nat on fxp0 inet from 192.0.0.0/8 to any -> (fxp0) round-robin rdr on fxp0 inet proto tcp from any to x.x.x.x port = smtp -> 192.168.1.2 port 25 rdr on fxp0 inet proto tcp from any to x.x.x.x port = pop3 -> 192.168.1.2 port 110 rdr on rl0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3128 FILTER RULES: pass in on rl0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state pass out on fxp0 inet proto tcp from any to any port = http keep state pass in on fxp0 inet proto tcp from any to any port = smtp keep state pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state From: Huzeyfe Onal [mailto: [EMAIL PROTECTED]] Sent: Wednesday, February 08, 2006 10:31 AM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK < [EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ -Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.orgTurkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php-- Huzeyfe ÖNAL ---First Turkish Qmail book is out! Go check it.Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
RE: [FreeBSD] IPFW-NAT-FWD
Evet sorunun temelini anlayabilmek icin blocklama yapmadim.bende oyle dusunecem ama 22 numarali port acik olmazdi enteresan Dis tarama yapan bir siteden tarama yapiyorum ve makina dan 25 numarali portu dinliyorum goremiyorum 16:15:20.891211 IP gate.city.com > 0.0.0.0: pfsync 228 16:15:20.891216 IP gate.city.com > 0.0.0.0: pfsync 228 Boyle bir seyler cikiyor acaba alakasi olabilir mi? From: Huzeyfe Onal [mailto:[EMAIL PROTECTED] Sent: Thursday, February 23, 2006 3:07 PM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, kurallariniz gayet normal, gerci hicbir istek bloklanmamis ama beklediginiz calismanin olmasi gerekiyor. Acaba bu firewallun onunde baska filtreleme yapan bir cihaz var mi? Firewall'in dis bacagini dinlediginizde(tcpdump) SMTP vs isteklerini gorebiliyor musunuz? 2006/2/23, Abdullah OZTURK <[EMAIL PROTECTED]>: Pf ornek configurasyondan duzenlemey calistim degistirmeyi unutmusum oyle kalmis… configurasyonu da ekte gonderiyorum.. From: Huzeyfe Onal [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 23, 2006 2:23 PM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state kurallarindaki foo'lar nedir? tum kural aileniz bu mu? ek olarak pass/block li kurallara mutlaka log ekeyin ki problem ciktiginde hangi kuraldan dolayi cikiyor gorebiliriz. 2006/2/23, Abdullah OZTURK < [EMAIL PROTECTED]>: Huzeyfe bey, Sozunuzu tutup PF kurdum nat ve transparan squid gayet guzel calismakta RDR yonlendirme calismiyor… lutfen yardim…. pfctl –sa kismi sonucu asagidaki gibidir.. nat on fxp0 inet from 192.0.0.0/8 to any -> (fxp0) round-robin rdr on fxp0 inet proto tcp from any to x.x.x.x port = smtp -> 192.168.1.2 port 25 rdr on fxp0 inet proto tcp from any to x.x.x.x port = pop3 -> 192.168.1.2 port 110 rdr on rl0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3128 FILTER RULES: pass in on rl0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state pass out on fxp0 inet proto tcp from any to any port = http keep state pass in on fxp0 inet proto tcp from any to any port = smtp keep state pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state From: Huzeyfe Onal [mailto: [EMAIL PROTECTED]] Sent: Wednesday, February 08, 2006 10:31 AM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK < [EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
RE: [FreeBSD] IPFW-NAT-FWD
Huzeyfe bey, cok tesekkurler elinize kolunuza saglik ,sizin sayenizde sorun cozuldu mail server in baska bir (GW) adresi ile disariya cikmasindan kaynaklaniyormus geri donus gostermedigi icin port yonlendirmesi olmamis gibi gozukiyordu…. Selamlar Abdullah From: Huzeyfe Onal [mailto:[EMAIL PROTECTED] Sent: Thursday, February 23, 2006 3:07 PM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, kurallariniz gayet normal, gerci hicbir istek bloklanmamis ama beklediginiz calismanin olmasi gerekiyor. Acaba bu firewallun onunde baska filtreleme yapan bir cihaz var mi? Firewall'in dis bacagini dinlediginizde(tcpdump) SMTP vs isteklerini gorebiliyor musunuz? 2006/2/23, Abdullah OZTURK <[EMAIL PROTECTED]>: Pf ornek configurasyondan duzenlemey calistim degistirmeyi unutmusum oyle kalmis… configurasyonu da ekte gonderiyorum.. From: Huzeyfe Onal [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 23, 2006 2:23 PM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state kurallarindaki foo'lar nedir? tum kural aileniz bu mu? ek olarak pass/block li kurallara mutlaka log ekeyin ki problem ciktiginde hangi kuraldan dolayi cikiyor gorebiliriz. 2006/2/23, Abdullah OZTURK < [EMAIL PROTECTED]>: Huzeyfe bey, Sozunuzu tutup PF kurdum nat ve transparan squid gayet guzel calismakta RDR yonlendirme calismiyor… lutfen yardim…. pfctl –sa kismi sonucu asagidaki gibidir.. nat on fxp0 inet from 192.0.0.0/8 to any -> (fxp0) round-robin rdr on fxp0 inet proto tcp from any to x.x.x.x port = smtp -> 192.168.1.2 port 25 rdr on fxp0 inet proto tcp from any to x.x.x.x port = pop3 -> 192.168.1.2 port 110 rdr on rl0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3128 FILTER RULES: pass in on rl0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state pass out on fxp0 inet proto tcp from any to any port = http keep state pass in on fxp0 inet proto tcp from any to any port = smtp keep state pass in on fxp0 proto tcp from any to port = http keep state pass in on fxp0 proto udp from any to port = http keep state From: Huzeyfe Onal [mailto: [EMAIL PROTECTED]] Sent: Wednesday, February 08, 2006 10:31 AM To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] IPFW-NAT-FWD Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik ve uzun surmez 2006/2/7, Abdullah OZTURK < [EMAIL PROTECTED]>: Arkadaslar frebsd gonuldaslari mail server a yonlendirme isini bir turlu cozemedim 4.3 de normal calisan conf 6.0 da yukledim calismadi nat ve ipfwde conf larindan baska bir ayar mi var acaba Rc.conf ….. firewall_enable="YES" firewall_type="/etc/ipfw/ipfw.conf" #firewall_script="/etc/rc.firewall" firewall_quiet="NO" firewall_logging_enable="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/ipfw/natd.conf" ….. ipfw.conf add 00020 divert 8668 ip from any to any via fxp0 add 00021 pipe 1 ip from any to 192.168.1.128/25 out via rl0 pipe 1 config bw 200kbit/s add 00022 fwd 192.168.1.2,25 tcp from any to any 25 in recv fxp0 add 00023 fwd 192.168.1.2,110 tcp from any to any 110 in recv fxp0 ….. ….. natd.conf use_sockets same_ports interface fxp0 redirect_port tcp 192.168.1.2:25 25 redirect_port tcp 192.168.1.2:110 110 dynamic -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/ - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
[FreeBSD] [Spam] Re: [FreeBSD] IPFW-NAT-FWD
merhaba nat çalışması için tun0 device aktif ettinizmi kernelden? Şöyle yapın yada natı normal standartlarda çalıştırın tun0 olarak port yönlendirmelerinizde yine ipfw den yapın daha rahat olur. http://www.bilimsel.net/index.php?mode=viewid&post_id=37 adresede bir göz atın yardımcı olabilir. -Orjinal mesaj- From: Huzeyfe Onal [EMAIL PROTECTED] Date: Wed, 08 Feb 2006 16:35:39 +0200 To: freebsd@lists.enderunix.org Subject: [Spam] Re: [FreeBSD] IPFW-NAT-FWD > Merhaba, bence bu kadar ugrasi yerin bir adet PF(Packet > Filter ) kurun, hem siz rahat edin hem FreeBSD makineniz > rahat etsin ;-). Kurallarini yazmak da bu kadar karmasik > ve uzun surmez 2006/2/7, Abdullah OZTURK @enkamoscity.com>: > > Arkadaslar frebsd gonuldaslari > mail server a yonlendirme isini bir > turlu cozemedim 4.> 3 de normal calisan conf 6.0 da yukledim calismadi > na> t ve ipfwde conf larindan baska bir ayar mi var acaba > > > > > Rc.conf > > ?.. > > firewall_enable="YES" > > firew> all_type="/etc/ipfw/ipfw.conf" > > #firewall_script="/etc> /rc.firewall" > > firewall_quiet="NO" > > firewall_loggin> g_enable="YES" > > natd_enable="YES" > > natd_interface="> fxp0" > > natd_flags="-f /etc/ipfw/natd.conf" > > ?.. > >> > > ipfw.conf > > add 00020 divert 8668 ip from any to a> ny via fxp0 > > add 00021 pipe 1 ip from any to 192.168.1> .128/25 out via rl0 > > pipe 1 config bw 200kbit/s > > ad> d 00022 fwd 192.168.1.2,25 tcp from any to any 25 in rec> v fxp0 > > add 00023 fwd 192.168.1.2,110 tcp from any t> o any 110 in recv fxp0 > > ?.. > > ?.. > > > > natd.conf> > > > > use_sockets > > same_ports > > interface fxp0 > > > redirect_port tcp 192.168.1.2:25 25 > > redirect_port t> cp 192.168.1.2:110 110 > > dynamic > > > > > > > -- Hu> zeyfe ÖNAL --- First Turkish Qmail book is out! Go check > it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http> ://www.acikakademi.com/catalog/qmail/ - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
[FreeBSD] [Spam] Re: [FreeBSD] IPFW-NAT-FWD Düzeltme
Biraz önceki tun0 farklı bir ifadedir yani PPPOE ile baÄlantılı bir device burada makinanın internete baÄlı olmadıÄını varsayarak yazdım zaten direk internete çıkıyorsa tun0 ile ilgili bir Åey yoktur. yine natd.conf ta map kullanarak istedÄininiz bloÄu internete çıkarabilir ipfwd ayrıca yönlendirebilirsiniz. Yönlendirmelerin çakıÅmamasına dikkat edin -Orjinal mesaj- From: Deniz [EMAIL PROTECTED] Date: Wed, 08 Feb 2006 18:45:04 +0200 To: freebsd@lists.enderunix.org Subject: [FreeBSD] [Spam] Re: [FreeBSD] IPFW-NAT-FWD > merhaba nat çalıÅması için tun0 device aktif ettinizmi kernelden? > > Åöyle yapın yada natı normal standartlarda çalıÅtırın tun0 olarak port > yönlendirmelerinizde yine ipfw den yapın daha rahat olur. > > http://www.bilimsel.net/index.php?mode=viewid&post_id=37 adresede bir göz > atın yardımcı olabilir. > > > -Orjinal mesaj- > From: Huzeyfe Onal [EMAIL PROTECTED] > Date: Wed, 08 Feb 2006 16:35:39 +0200 > To: freebsd@lists.enderunix.org > Subject: [Spam] Re: [FreeBSD] IPFW-NAT-FWD > > > Merhaba, > > bence bu kadar ugrasi yerin bir adet PF(Packet > Filter ) kurun, hem siz rahat > edin hem FreeBSD makineniz > rahat etsin ;-). Kurallarini yazmak da bu kadar > karmasik > ve uzun surmez > > 2006/2/7, Abdullah OZTURK @enkamoscity.com>: > > > > Arkadaslar frebsd gonuldaslari > mail server a yonlendirme isini bir > > turlu cozemedim 4.> 3 de normal calisan conf 6.0 da yukledim calismadi > > na> t ve ipfwde conf larindan baska bir ayar mi var acaba > > > > > > > > > Rc.conf > > > > ?.. > > > > firewall_enable="YES" > > > > firew> all_type="/etc/ipfw/ipfw.conf" > > > > #firewall_script="/etc> /rc.firewall" > > > > firewall_quiet="NO" > > > > firewall_loggin> g_enable="YES" > > > > natd_enable="YES" > > > > natd_interface="> fxp0" > > > > natd_flags="-f /etc/ipfw/natd.conf" > > > > ?.. > > > >> > > > > ipfw.conf > > > > add 00020 divert 8668 ip from any to a> ny via fxp0 > > > > add 00021 pipe 1 ip from any to 192.168.1> .128/25 out via rl0 > > > > pipe 1 config bw 200kbit/s > > > > ad> d 00022 fwd 192.168.1.2,25 tcp from any to any 25 in rec> v fxp0 > > > > add 00023 fwd 192.168.1.2,110 tcp from any t> o any 110 in recv fxp0 > > > > ?.. > > > > ?.. > > > > > > > > natd.conf> > > > > > > > > use_sockets > > > > same_ports > > > > interface fxp0 > > > > > redirect_port tcp 192.168.1.2:25 25 > > > > redirect_port t> cp 192.168.1.2:110 110 > > > > dynamic > > > > > > > > > > > > > > > > > > -- > Hu> zeyfe ÃNAL > --- > First Turkish Qmail book is out! Go check > it. > Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. > http> ://www.acikakademi.com/catalog/qmail/ > > > - > Cikmak icin, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org > Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php > > - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
[FreeBSD] [Spam] Re: [FreeBSD] IPFW-NAT-FWD Düzeltme
Return Receipt Your [FreeBSD] [Spam] Re: [FreeBSD] IPFW-NAT-FWD Düzeltme document: wasHuseyin Celik/BilgiIslem/Istanbul/Pazarlama/Sanko/TR received by: at:08.02.2006 12:59:23 - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
