Merhabalar, http://ipucu.enderunix.org/view.php?id=337&lang=tr ipucuna bir goz atin. PF de ise soyle bir ayar yapmaniz yeterli oluyor;
ext_if="bge0" int_if="xl0" nat on $ext_if from 100.0.0.0/24 to any -> ($ext_if) rdr on $int_if inet proto tcp from 100.0.0.0/24 to any port www -> 127.0.0.1 port 8080 Bu sekilde konfigure edilince ve ipucundaki ayarlari squid.conf'ta yapinca sorunsuz transparan olarak calisiyor squid. Saygilarimla.. --- KEMAL FIRAT <[EMAIL PROTECTED]> wrote: > Kusura bakmayin cevaplarim gec donuyor olabilir. > > Cevaplar icin cok tesekkur ederim......... > > pf.conf 'tan nat on satirini aktif hale getirip > ardindan #pfctl -f > /etc/pf.conf ve normal calisiyor. :-) > > Squid kuracagim ayni makinaya transparan calismasini > istiyorum kurmadan once > yapmam gereken bir sey varmi. > > Iyi calismalar. > > > > ----- Original Message ----- > From: "Metin Pasaoglu" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: 01 Eylül 2005 Perþembe 21:46 > Subject: RE: [FreeBSD] firewall > > > Merhaba, > > Neden Natd calistiriyorsunuz, pf.conf icinde nat > ayari yapiliyor, natd pf > ile kullanmayiz genelde. > > Kolay gelsin > Metin Pasaoglu > > > -----Original Message----- > From: KEMAL FIRAT [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 01, 2005 6:01 PM > To: [email protected] > Subject: Re: [FreeBSD] firewall > > Sanirim sorunum natin normal calismamasi dokumana > bir bakayim sonucu > paylasirim. > Tesekkur ederim. > > ----- Original Message ----- > From: "KEMAL FIRAT" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: 01 Eylül 2005 Perþembe 17:48 > Subject: Re: [FreeBSD] firewall > > > > Huzeyfe Beyin ip ucu olarak girdigi bilgiyi > kullanarak kerneli derledim. > > > > wall# uname -a > > FreeBSD wall.firewall.com 5.4-RELEASE FreeBSD > 5.4-RELEASE #0: Wed Aug 31 > > 20:56:55 EEST 2005 > [EMAIL PROTECTED]:/usr/src/sys/i386/compile/FWALL > > > i386 > > > > > > wall# pfctl -e > > pfctl: pf already enabled > > > > > > > > ----- Original Message ----- > > From: "Halil Demirezen" <[EMAIL PROTECTED]> > > To: <[email protected]> > > Cc: "KEMAL FIRAT" <[EMAIL PROTECTED]> > > Sent: 01 Eylül 2005 Perþembe 20:39 > > Subject: Re: [FreeBSD] firewall > > > > > > Selam, > > > > FreeBSD çekirdeðinde > > > > IPFIREWALL > > IPDIVERT > > > > destegi olmasi gerekiyor. GENERIC bir çekirdek mi > > kullaniyorsunuz?(uname -a )? > > > > Bunun için aþaðýdaki döküman iþinize yarayacaktir: > > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html > > > > iyi çalýþmalar. > > > > > > Perþembe 01 Eylül 2005 14:24 tarihinde, KEMAL > FIRAT þunlarý yazmýþtý: > >> Herkese Merhaba, > >> > >> FreeBSD 5.4 yuklu makinama 2 ethernet karti takip > internet baglantisini > >> bu > >> makinanin uzerine almaya caliþiyorum.Fakat > kendisi haric diger pc'leri > >> internete cikarmayi basaramadim.Calistiramayinca > pf'i aktif hale getirdim > >> pf.conf dosyasinda pass in all ve pass out all > sectim fakat degisen bir > >> sey > >> olmadi.Ayni makinaya (calistirabildikten sonra) > squid proxy de kurmak > >> istiyorum.Bu isin bir puf noktasimi var, bir > bilen yardimci olursa > >> sevinirim. > >> > >> ## rc.conf icerigi; > >> > >> gateway_enable="YES" > >> pf_enable="YES" > >> pf_rules="/etc/pf.conf" > >> pf_flags="" > >> pflog_enable="YES" > >> pflog_logfile="/var/log/fpflog" > >> pflog_flags="" > >> natd_enable="YES" > >> natd_interface="re1" > >> ifconfig_re0="inet 192.168.1.99 netmask > 255.255.255.0" > >> ifconfig_re1="DHCP" > >> > >> ## ifconfig icerigi; > >> > >> re0: > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> > mtu 1500 > >> options=18<VLAN_MTU,VLAN_HWTAGGING> > >> inet6 fe80::208:a1ff:fe89:6c23%re0 > prefixlen 64 scopeid 0x1 > >> inet 192.168.1.99 netmask 0xffffff00 > broadcast 192.168.1.255 > >> ether 00:08:a1:89:6c:23 > >> media: Ethernet autoselect (100baseTX > <full-duplex>) > >> status: active > >> re1: > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> > mtu 1500 > >> options=18<VLAN_MTU,VLAN_HWTAGGING> > >> inet6 fe80::208:a1ff:fe89:6c32%re1 > prefixlen 64 scopeid 0x2 > >> inet 195.174.26.191 netmask 0xffff0000 > broadcast 255.255.255.255 > >> ether 00:08:a1:89:6c:32 > >> media: Ethernet autoselect (100baseTX > <full-duplex>) > >> status: active > >> plip0: > flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 > >> pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208 > >> pfsync0: flags=0<> mtu 2020 > >> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> > mtu 16384 > >> inet6 ::1 prefixlen 128 > >> inet6 fe80::1%lo0 prefixlen 64 scopeid > 0x6 > >> inet 127.0.0.1 netmask 0xff000000 > >> > >> ## netstat -r icerigi; > >> > >> Routing tables > >> > >> Internet: > >> Destination Gateway Flags > Refs Use Netif > >> Expire > >> default 195.174.0.1 UGS > 0 261 re1 > >> localhost localhost UH > 0 0 lo0 > >> 192.168.1 link#1 UC > 0 0 re0 > >> 192.168.1.24 00:0d:61:3f:21:3b UHLW > 0 296 re0 > >> 1133 > >> 195.174.0/16 link#2 UC > 0 0 re1 > >> 195.174.0.1 00:05:00:e5:ec:44 UHLW > 1 0 re1 > >> 1200 > >> cable2-99.avrupa.k 00:08:a1:7f:94:a8 UHLW > 0 3 re1 > >> 411 > >> cable12-50.avrupa. 00:90:96:3d:bd:2b UHLW > 0 3 re1 > >> cable26-191.avrupa 00:08:a1:89:6c:32 UHLW > 0 0 lo0 > >> cable29-25.avrupa. 00:00:21:db:cb:0c UHLW > 0 3 re1 > >> 252 > >> cable80-116.avrupa 00:90:96:40:5a:df UHLW > 0 2 re1 > >> 826 > >> cable87-118.avrupa 00:0e:a6:8c:b4:2f UHLW > 0 === message truncated === __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
