Merhaba, Neden Natd calistiriyorsunuz, pf.conf icinde nat ayari yapiliyor, natd pf ile kullanmayiz genelde.
Kolay gelsin Metin Pasaoglu -----Original Message----- From: KEMAL FIRAT [mailto:[EMAIL PROTECTED] Sent: Thursday, September 01, 2005 6:01 PM To: [email protected] Subject: Re: [FreeBSD] firewall Sanirim sorunum natin normal calismamasi dokumana bir bakayim sonucu paylasirim. Tesekkur ederim. ----- Original Message ----- From: "KEMAL FIRAT" <[EMAIL PROTECTED]> To: <[email protected]> Sent: 01 Eylül 2005 Perşembe 17:48 Subject: Re: [FreeBSD] firewall > Huzeyfe Beyin ip ucu olarak girdigi bilgiyi kullanarak kerneli derledim. > > wall# uname -a > FreeBSD wall.firewall.com 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Wed Aug 31 > 20:56:55 EEST 2005 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/FWALL > i386 > > > wall# pfctl -e > pfctl: pf already enabled > > > > ----- Original Message ----- > From: "Halil Demirezen" <[EMAIL PROTECTED]> > To: <[email protected]> > Cc: "KEMAL FIRAT" <[EMAIL PROTECTED]> > Sent: 01 Eylül 2005 Perşembe 20:39 > Subject: Re: [FreeBSD] firewall > > > Selam, > > FreeBSD çekirdeğinde > > IPFIREWALL > IPDIVERT > > destegi olmasi gerekiyor. GENERIC bir çekirdek mi > kullaniyorsunuz?(uname -a )? > > Bunun için aşağıdaki döküman işinize yarayacaktir: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html > > iyi çalışmalar. > > > Perşembe 01 Eylül 2005 14:24 tarihinde, KEMAL FIRAT şunları yazmıştı: >> Herkese Merhaba, >> >> FreeBSD 5.4 yuklu makinama 2 ethernet karti takip internet baglantisini >> bu >> makinanin uzerine almaya calişiyorum.Fakat kendisi haric diger pc'leri >> internete cikarmayi basaramadim.Calistiramayinca pf'i aktif hale getirdim >> pf.conf dosyasinda pass in all ve pass out all sectim fakat degisen bir >> sey >> olmadi.Ayni makinaya (calistirabildikten sonra) squid proxy de kurmak >> istiyorum.Bu isin bir puf noktasimi var, bir bilen yardimci olursa >> sevinirim. >> >> ## rc.conf icerigi; >> >> gateway_enable="YES" >> pf_enable="YES" >> pf_rules="/etc/pf.conf" >> pf_flags="" >> pflog_enable="YES" >> pflog_logfile="/var/log/fpflog" >> pflog_flags="" >> natd_enable="YES" >> natd_interface="re1" >> ifconfig_re0="inet 192.168.1.99 netmask 255.255.255.0" >> ifconfig_re1="DHCP" >> >> ## ifconfig icerigi; >> >> re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 >> options=18<VLAN_MTU,VLAN_HWTAGGING> >> inet6 fe80::208:a1ff:fe89:6c23%re0 prefixlen 64 scopeid 0x1 >> inet 192.168.1.99 netmask 0xffffff00 broadcast 192.168.1.255 >> ether 00:08:a1:89:6c:23 >> media: Ethernet autoselect (100baseTX <full-duplex>) >> status: active >> re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 >> options=18<VLAN_MTU,VLAN_HWTAGGING> >> inet6 fe80::208:a1ff:fe89:6c32%re1 prefixlen 64 scopeid 0x2 >> inet 195.174.26.191 netmask 0xffff0000 broadcast 255.255.255.255 >> ether 00:08:a1:89:6c:32 >> media: Ethernet autoselect (100baseTX <full-duplex>) >> status: active >> plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 >> pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208 >> pfsync0: flags=0<> mtu 2020 >> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 >> inet6 ::1 prefixlen 128 >> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 >> inet 127.0.0.1 netmask 0xff000000 >> >> ## netstat -r icerigi; >> >> Routing tables >> >> Internet: >> Destination Gateway Flags Refs Use Netif >> Expire >> default 195.174.0.1 UGS 0 261 re1 >> localhost localhost UH 0 0 lo0 >> 192.168.1 link#1 UC 0 0 re0 >> 192.168.1.24 00:0d:61:3f:21:3b UHLW 0 296 re0 >> 1133 >> 195.174.0/16 link#2 UC 0 0 re1 >> 195.174.0.1 00:05:00:e5:ec:44 UHLW 1 0 re1 >> 1200 >> cable2-99.avrupa.k 00:08:a1:7f:94:a8 UHLW 0 3 re1 >> 411 >> cable12-50.avrupa. 00:90:96:3d:bd:2b UHLW 0 3 re1 >> cable26-191.avrupa 00:08:a1:89:6c:32 UHLW 0 0 lo0 >> cable29-25.avrupa. 00:00:21:db:cb:0c UHLW 0 3 re1 >> 252 >> cable80-116.avrupa 00:90:96:40:5a:df UHLW 0 2 re1 >> 826 >> cable87-118.avrupa 00:0e:a6:8c:b4:2f UHLW 0 6 re1 >> 335 >> cable88-182.anadol 00:05:00:e5:ec:44 UHLW 0 1 re1 >> cable88-235.anadol 00:05:00:e5:ec:44 UHLW 0 3 re1 >> 554 >> cable90-13.anadolu 00:05:00:e5:ec:44 UHLW 0 6 re1 >> 195.174.106.251 00:05:00:e5:ec:44 UHLW 0 3 re1 >> 778 >> 195.174.108.22 00:05:00:e5:ec:44 UHLW 0 2 re1 >> 259 >> 195.174.117.190 00:05:00:e5:ec:44 UHLW 0 6 re1 >> 661 >> 195.174.119.173 00:05:00:e5:ec:44 UHLW 0 6 re1 >> 369 >> 195.174.125.109 00:05:00:e5:ec:44 UHLW 0 1 re1 >> 682 >> 195.174.131.206 00:05:00:e5:ec:44 UHLW 0 3 re1 >> 195.174.138.19 00:05:00:e5:ec:44 UHLW 0 2 re1 >> cable194-14.izmir. 00:05:00:e5:ec:44 UHLW 0 3 re1 >> 835 >> cable203-39.izmir. 00:05:00:e5:ec:44 UHLW 0 3 re1 >> 642 >> 195.174.212.221 00:05:00:e5:ec:44 UHLW 0 3 re1 >> 393 >> 195.174.225.107 00:05:00:e5:ec:44 UHLW 0 3 re1 >> 557 > > --------------------------------------------------------------------- > Cikmak icin, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org > Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php > > > > --------------------------------------------------------------------- > Cikmak icin, e-mail: [EMAIL PROTECTED] > Liste arsivi: http://lists.enderunix.org > Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php > > --------------------------------------------------------------------- Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php --------------------------------------------------------------------- Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
