[freebsd] [freebsd] natd не натит

Mon, 08 Dec 2014 05:08:10 -0800 

Приветствую, коллеги.

Имеется сабж с natd. Выхлоп демона и конфиги:
root@vpnc:~# natd -f /etc/natd.conf -v
natd[5339]: Aliasing to 172.31.249.1, mtu 16384 bytes
In  {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to
           [ICMP] 172.17.5.4 -> 192.168.137.51 8(0)
In  {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to
           [ICMP] 172.17.5.4 -> 192.168.137.51 8(0)
In  {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to
           [ICMP] 172.17.5.4 -> 192.168.137.51 8(0)
In  {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to
           [ICMP] 172.17.5.4 -> 192.168.137.51 8(0)
In  {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to
           [ICMP] 172.17.5.4 -> 192.168.137.51 8(0)
In  {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to
           [ICMP] 172.17.5.4 -> 192.168.137.51 8(0)
In  {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to
           [ICMP] 172.17.5.4 -> 192.168.137.51 8(0)

00010  1856  661896 allow ip from any to any via lo0 // allow local traffic
00020     0       0 deny ip from any to 127.0.0.0/8
00030     0       0 deny ip from 127.0.0.0/8 to any
00040     0       0 deny ip from any to ::1
00050     0       0 deny ip from ::1 to any
00060     0       0 deny ip from table(1) to any // fail2ban
00070     0       0 deny ip from any to table(1)
00080     0       0 deny ip from table(2) to any // blocked clients
00090     0       0 deny ip from any to table(2)
00100     0       0 deny ip from any to 0.0.0.0/8 // block source net
00110     0       0 deny ip from 0.0.0.0/8 to any
00120     0       0 deny ip from table(3) to any // block reserved networks
00130     0       0 deny ip from any to table(3)
00140 30318 3971601 reass ip4 from any to any in
00150     0       0 deny log ip4 from any to any frag in
00155   100    8400 divert 7777 ip from any to any via tun1
65534 54914 7634273 allow log ip from any to any
65535     0       0 deny ip from any to any

lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet 172.31.249.1 netmask 0xffffff00
        inet 172.31.249.2 netmask 0xffffffff
        inet 172.31.249.3 netmask 0xffffffff
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

root@vpnc:~# cat /etc/natd.conf
#

log
#deny_incoming
log_denied
same_ports

instance default
port 7777
interface lo1

ЧЯДНТ?

Ответить