Тем более, оно [natd] говорит: natd[5339]: Aliasing to 172.31.249.1, mtu 16384 bytes
То, что и нужно. Но почему-то нет фактической трансляции. 8 декабря 2014 г., 15:17 пользователь Anton Sayetsky <[email protected]> написал: > Мне нужно, дабы пакеты из сети 172.17.5.0/24 натились на адрес > 172.31.249.1 и отправлялись дальше в сеть 192.168.137.0/24. Т.е. > приходит из tun1, натится на один из адресов lo1, идёт дальше по > таблице маршрутизации. > > 2014-12-08 15:07 GMT+02:00 Anton Sayetsky <[email protected]>: >> Приветствую, коллеги. >> >> Имеется сабж с natd. Выхлоп демона и конфиги: >> root@vpnc:~# natd -f /etc/natd.conf -v >> natd[5339]: Aliasing to 172.31.249.1, mtu 16384 bytes >> In {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to >> [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) >> In {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to >> [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) >> In {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to >> [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) >> In {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to >> [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) >> In {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to >> [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) >> In {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to >> [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) >> In {default}[ICMP] [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) aliased to >> [ICMP] 172.17.5.4 -> 192.168.137.51 8(0) >> >> 00010 1856 661896 allow ip from any to any via lo0 // allow local traffic >> 00020 0 0 deny ip from any to 127.0.0.0/8 >> 00030 0 0 deny ip from 127.0.0.0/8 to any >> 00040 0 0 deny ip from any to ::1 >> 00050 0 0 deny ip from ::1 to any >> 00060 0 0 deny ip from table(1) to any // fail2ban >> 00070 0 0 deny ip from any to table(1) >> 00080 0 0 deny ip from table(2) to any // blocked clients >> 00090 0 0 deny ip from any to table(2) >> 00100 0 0 deny ip from any to 0.0.0.0/8 // block source net >> 00110 0 0 deny ip from 0.0.0.0/8 to any >> 00120 0 0 deny ip from table(3) to any // block reserved networks >> 00130 0 0 deny ip from any to table(3) >> 00140 30318 3971601 reass ip4 from any to any in >> 00150 0 0 deny log ip4 from any to any frag in >> 00155 100 8400 divert 7777 ip from any to any via tun1 >> 65534 54914 7634273 allow log ip from any to any >> 65535 0 0 deny ip from any to any >> >> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 >> options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> >> inet 172.31.249.1 netmask 0xffffff00 >> inet 172.31.249.2 netmask 0xffffffff >> inet 172.31.249.3 netmask 0xffffffff >> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> >> >> root@vpnc:~# cat /etc/natd.conf >> # >> >> log >> #deny_incoming >> log_denied >> same_ports >> >> instance default >> port 7777 >> interface lo1 >> >> ЧЯДНТ?
