-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Доколкото съм запознат с Homelan те май нагласяха TTL=1. Почти съм сигурен,че това е проблема.
Peter wrote: > Здравейте, Опитвам се да подкарам FreeBSD router, който да изпозлва > връзка на Хоумлан, но за сега без успех. > > Конфигурации: > > Router: > > FreeBSD 5.4 Pub interface: fxp0 private ineterface: rl0 PPPoE > interface: tun0 > > Client: > > Laptop - Windows XP Pro > > Без проблеми подкарах, PPPoE връзка под FreeBSD, също без проблеми > се свързвам от Уиндоуса към рутера по SSH. Опитах със PPP_NAT и > със NATD - но без успех да накарам NAT-a да заработи. > > Като слушам с tcpdump na tun0 вижда странни неша от типа: > > 12:51:33.240233 IP rtr-lulin.data.bg.domain > > unknown.ddns.HomeLan.BG.1065: 42640 2/2/2 CNAME[|domain] > 12:51:33.241378 IP mail.data.bg.domain > > unknown.ddns.HomeLan.BG.1065: 42640 2/2/2 CNAME[|domain] > 12:51:33.242773 IP unknown.ddns.HomeLan.BG > rtr-lulin.data.bg: > icmp 36: time exceeded in-transit 12:51:33.243076 IP > unknown.ddns.HomeLan.BG > mail.data.bg: icmp 36: time exceeded > in-transit > > Ето и ipfw правилата: > > f# ipfw list 00002 allow ip from any to any via rl0 00003 allow ip > from any to any via lo0 00100 divert 8668 ip from any to any in via > tun0 00101 check-state 00120 skipto 500 udp from any to > 195.149.255.139 dst-port 53 out via tun0 keep-s > tate 00121 skipto 500 udp from any to 195.149.248.177 dst-port 53 > out via tun0 keep-s > tate 00125 skipto 500 tcp from any to any via tun0 setup keep-state > 00130 skipto 500 icmp from any to any out via tun0 keep-state > 00400 allow udp from 195.149.248.177 to any in keep-state 00420 > allow tcp from any to me dst-port 80 in via tun0 setup limit > src-addr 1 00500 divert 8668 ip from any to any out via tun0 00510 > allow ip from any to any 65535 deny ip from any to any > > От това по отворено не мога да си го представя. > > > Етои мрежовата конфигурация: > > f# ifconfig fxp0: > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > options=8<VLAN_MTU> inet6 fe80::20a:e4ff:fe41:adea%fxp0 prefixlen > 64 scopeid 0x1 ether xx:xx:xx:xx:xx media: Ethernet autoselect > (100baseTX <full-duplex>) status: active rl0: > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > options=8<VLAN_MTU> inet 10.30.12.1 netmask 0xffffff00 broadcast > 10.30.12.255 inet6 fe80::2c0:26ff:fe79:7d98%rl0 prefixlen 64 > scopeid 0x2 ether 00:c0:26:79:7d:98 media: Ethernet autoselect > (100baseTX <full-duplex>) status: active plip0: > flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 lo0: > flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 > netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 > prefixlen 64 scopeid 0x4 tun0: > flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492 inet > 83.97.XX.XXX --> 195.149.255.142 netmask 0xffffff00 Opened by PID > 195 > > Routing table: > > f# netstat -r Routing tables > > Internet: Destination Gateway Flags Refs > Use Netif Expire default rtr3-lulin.data.bg UGS > 0 168 tun0 10.30.12/24 link#2 UC > 0 0 rl0 10.30.12.3 00:0a:e4:41:ae:0b UHLW > 0 108 rl0 1091 localhost localhost UH > 0 0 lo0 rtr3-lulin.data.bg unknown UH > 1 36 tun0 > > > f# cat /etc/rc.conf > > # -- sysinstall generated deltas -- # Wed Jun 15 23:11:25 2005 # > Created: Wed Jun 15 23:11:25 2005 # Enable network daemons for user > convenience. # Please make all changes to this file, not to > /etc/defaults/rc.conf. # This file now contains just the overrides > from /etc/defaults/rc.conf. #REMOVED: ifconfig_fxp0="inet > 192.168.0.35 netmask 255.255.255.0" #REMOVED: usbd_enable="YES" > #defaultrouter="192.168.0.1" gateway_enable="YES" > hostname="bivol.ddns.homelan.bg" ifconfig_fxp0="inet 192.168.x.xx > netmask 255.255.255.0" ifconfig_rl0="inet 10.30.12.1 netmask > 255.255.255.0" linux_enable="YES" sshd_enable="YES" > usbd_enable="NO" ppp_enable="YES" ppp_mode="ddial" #ppp_nat="YES" > ppp_profile="hl1" firewall_enable="YES" firewall_type="open" > natd_enable="YES" natd_interface="tun0" natd_flags="-dynamic -m" > > > TCPDUMP: > > 12:51:26.240092 IP unknown.ddns.HomeLan.BG > mail.data.bg: icmp 36: > time exceeded in-transit 12:51:27.116457 IP > rtr-lulin.data.bg.domain > unknown.ddns.HomeLan.BG.1066: 22679 > NXDomain 0/1/0 (122) 12:51:27.117588 IP mail.data.bg.domain > > unknown.ddns.HomeLan.BG.1066: 22679 NXDomain 0/1/0 (122) > 12:51:27.118985 IP unknown.ddns.HomeLan.BG > rtr-lulin.data.bg: > icmp 36: time exceeded in-transit 12:51:27.119299 IP > unknown.ddns.HomeLan.BG > mail.data.bg: icmp 36: time exceeded > in-transit 12:51:27.233741 IP unknown.ddns.HomeLan.BG.1065 > > rtr-lulin.data.bg.domain: 42640+ A? newsrss.bbc.co.uk. (35) > 12:51:27.238243 IP rtr-lulin.data.bg.domain > > unknown.ddns.HomeLan.BG.1065: 42640 2/2/2 CNAME[|domain] > 12:51:27.239554 IP unknown.ddns.HomeLan.BG > rtr-lulin.data.bg: > icmp 36: time exceeded in-transit 12:51:29.234803 IP > unknown.ddns.HomeLan.BG.1065 > rtr-lulin.data.bg.domain: 42640+ A? > newsrss.bbc.co.uk. (35) 12:51:29.235163 IP > unknown.ddns.HomeLan.BG.1065 > mail.data.bg.domain: 42640+ A? > newsrss.bbc.co.uk. (35) 12:51:29.243392 IP rtr-lulin.data.bg.domain > > unknown.ddns.HomeLan.BG.1065: 42640 2/2/2 CNAME[|domain] > 12:51:29.244190 IP mail.data.bg.domain > > unknown.ddns.HomeLan.BG.1065: 42640 2/2/2 CNAME[|domain] > 12:51:29.245603 IP unknown.ddns.HomeLan.BG > rtr-lulin.data.bg: > icmp 36: time exceeded in-transit 12:51:29.245905 IP > unknown.ddns.HomeLan.BG > mail.data.bg: icmp 36: time exceeded > in-transit 12:51:33.235947 IP unknown.ddns.HomeLan.BG.1065 > > rtr-lulin.data.bg.domain: 42640+ A? newsrss.bbc.co.uk. (35) > 12:51:33.237839 IP unknown.ddns.HomeLan.BG.1065 > > mail.data.bg.domain: 42640+ A? newsrss.bbc.co.uk. (35) > 12:51:33.240233 IP rtr-lulin.data.bg.domain > > unknown.ddns.HomeLan.BG.1065: 42640 2/2/2 CNAME[|domain] > 12:51:33.241378 IP mail.data.bg.domain > > unknown.ddns.HomeLan.BG.1065: 42640 2/2/2 CNAME[|domain] > 12:51:33.242773 IP unknown.ddns.HomeLan.BG > rtr-lulin.data.bg: > icmp 36: time exceeded in-transit 12:51:33.243076 IP > unknown.ddns.HomeLan.BG > mail.data.bg: icmp 36: time exceeded > in-transit ^C 79 packets captured 79 packets received by filter 0 > packets dropped by kernel f# tcpdump -i tun0 tcpdump: verbose > output suppressed, use -v or -vv for full protocol decode listening > on tun0, link-type NULL (BSD loopback), capture size 96 bytes > 12:53:45.129486 IP unknown.ddns.HomeLan.BG.1066 > > rtr-lulin.data.bg.domain: 39058+ A? it.slashdot.org. (33) > 12:53:45.129854 IP unknown.ddns.HomeLan.BG.1066 > > mail.data.bg.domain: 39058+ A? it.slashdot.org. (33) > 12:53:45.135620 IP rtr-lulin.data.bg.domain > > unknown.ddns.HomeLan.BG.1066: 39058 1/5/5 A star.slashdot.org > (238) 12:53:45.136805 IP mail.data.bg.domain > > unknown.ddns.HomeLan.BG.1066: 39058 1/5/5 A star.slashdot.org > (238) 12:53:45.139168 IP unknown.ddns.HomeLan.BG > > rtr-lulin.data.bg: icmp 36: time exceeded in-transit > 12:53:45.139502 IP unknown.ddns.HomeLan.BG > mail.data.bg: icmp 36: > time exceeded in-transit 12:53:45.321043 IP > unknown.ddns.HomeLan.BG.51985 > rtr-lulin.data.bg.domain: 44355+ > PTR? 139.255.149.195.in-addr.arpa. (46) 12:53:45.325618 IP > rtr-lulin.data.bg.domain > unknown.ddns.HomeLan.BG.51985: 44355 > 1/7/11 PTR[|domain] 12:53:45.330726 IP > unknown.ddns.HomeLan.BG.50079 > rtr-lulin.data.bg.domain: 44356+ > PTR? 141.31.97.83.in-addr.arpa. (43) 12:53:45.337158 IP > rtr-lulin.data.bg.domain > unknown.ddns.HomeLan.BG.50079: 44356 > 1/2/2 (177) 12:53:45.341953 IP unknown.ddns.HomeLan.BG.54720 > > rtr-lulin.data.bg.domain: 44357+ PTR? > 177.248.149.195.in-addr.arpa. (46) 12:53:45.346612 IP > rtr-lulin.data.bg.domain > unknown.ddns.HomeLan.BG.54720: 44357 > 1/3/3 PTR[|domain] 12:53:45.351294 IP unknown.ddns.HomeLan.BG.65222 > > rtr-lulin.data.bg.domain: 44358+ PTR? > 151.250.35.66.in-addr.arpa. (44) 12:53:45.710193 IP > rtr-lulin.data.bg.domain > unknown.ddns.HomeLan.BG.65222: 44358 > 2/2/2[|domain] 12:54:01.087425 IP unknown.ddns.HomeLan.BG.1066 > > rtr-lulin.data.bg.domain: 12946+ A? it.slashdot.org. (33) > 12:54:01.092699 IP rtr-lulin.data.bg.domain > > unknown.ddns.HomeLan.BG.1066: 12946 1/5/5 A star.slashdot.org > (238) 12:54:01.094003 IP unknown.ddns.HomeLan.BG > > rtr-lulin.data.bg: icmp 36: time exceeded in-transit > 12:54:02.087348 IP unknown.ddns.HomeLan.BG.1066 > > mail.data.bg.domain: 12946+ A? it.slashdot.org. (33) > 12:54:02.092405 IP mail.data.bg.domain > > unknown.ddns.HomeLan.BG.1066: 12946 1/5/5 A star.slashdot.org > (238) 12:54:02.093743 IP unknown.ddns.HomeLan.BG > mail.data.bg: > icmp 36: time exceeded in-transit 12:54:03.087550 IP > unknown.ddns.HomeLan.BG.1066 > rtr-lulin.data.bg.domain: 12946+ A? > it.slashdot.org. (33) 12:54:03.092805 IP rtr-lulin.data.bg.domain > > unknown.ddns.HomeLan.BG.1066: 12946 1/5/5 A star.slashdot.org > (238) 12:54:03.094087 IP unknown.ddns.HomeLan.BG > > rtr-lulin.data.bg: icmp 36: time exceeded in-transit > > Надявам се някой да помогне. > > Мерси предварително. > > Поздрави, > > Петър > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iQIVAwUBQr6y6bd636dQBaA0AQL4Eg//aqau/NV31HY7pFFLTSZc/ECHhvggAaTn L6dVSGjumWRXfjx5HwBqFYjR+HSADtn6iO3EsRxGAbXb3+BQWLpPP0e6p2qK6d93 i2BQKX4Tvs+Ju6enN4W6UWJW/yF42feMbsovi6MxDYvnbCp3aesyfzZkbGoxLLtX jwLtOXhc14WSAwJN6bFCJt0HqOC5ieeHk9j97GQR5nkfd9PtcQFu6+Z3C4Z6Fzht xLWw7Qz0WezkJrvlww+y8p7HP8nhG+VkUgEhVAmnQDZvPFlwbq4aiQGjMGvtdzH+ YZsly8J7zEBYjfBo9BKPUJAgSAoFFbwVgGdEHB+/8mCgHHH0aoT0TPThRQmhVaA6 cXpEG7vCQAAs9t4oPBNg7IcGW0/791a0UlZ+geBj106uEollOKMex39wsz5avy1/ t3gBM8LYhkynjLwPicK1Gu2f+qZDqGX5MEVNE+zu7vh4ruO7dXK+0itdq+NDR2x6 r3bzDowNzlHJbAntc5B/YwKGEZhAcXiqaEJxSTKgGt1LD2Y9KKSPYLk7viaNkmyA 4kDO+QR857vJ+kRrmYc+hpvqODgutIelozFR6QF+xyGoiUZsZ5j+hyJWVgYgDpG2 A8vysSiou3m02E0H9InEYosHM7ivq4BSFrMtDW2ECtBbF31YoEUzJMR7RqX4Dybf BGqwynNWwro= =Zjbt -----END PGP SIGNATURE-----
begin:vcard fn:Rosen Nedialkov n:Nedialkov;Rosen org:Atia Ltd.;Software adr:;;;Sofia;;;Bulgaria email;internet:[EMAIL PROTECTED] title:Q/A tel;cell:+359888795365 note;quoted-printable:ICQ: 38412555=0D=0A= home: www.izrod.com x-mozilla-html:FALSE url:http://soft.atia.com version:2.1 end:vcard
