Е това не го разбрах, всички конфиг файлове използвани от pptpd съм ги предоставил в първия мейл.
----- Original Message ----- From: "Yordan Boikov" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, September 30, 2008 2:35 PM Subject: Re: [Lug-bg] Проблем с pptpd. > дай и конфа да фтп-то > смисъл че не изглежда route или fw > > > -- > поздрави > Y.Boikov > :wq > > > Quoting [EMAIL PROTECTED]: > >> Проблем с pptpd, с описаната по - долу конфигурация след като се >> вържа на впн-а ( от Windows машина и съм избрал, vpn-a да ми е >> default gateway ) имам интернет, имам пинг до 192.168.0.1 и само >> това, т.е. впн-а в момента работи като прокси :), ако се опитам да >> се вържа през вътрешното ип към хоста на който е стартиран впн >> сървъра резултата е time out. Вижте по - долните редове. >> >> system - Debian GNU/Linux 4.0 \n \l >> pptpd version - pptpd_1.3.0-2etch2_i386.deb >> >> installed: apt-get install pptpd >> config: >> >> [EMAIL PROTECTED]:~# egrep -v '#' /etc/pptpd.conf >> option /etc/ppp/pptpd-options >> logwtmp >> localip 192.168.0.1 >> remoteip 192.168.0.100-200 >> >> [EMAIL PROTECTED]:~# egrep -v '#' /etc/ppp/pptpd-options >> name pptpd >> refuse-pap >> refuse-chap >> refuse-mschap >> require-mschap-v2 >> require-mppe-128 >> ms-dns 192.168.0.1 >> ms-dns 77.70.5.1 >> proxyarp >> nodefaultroute >> lock >> nobsdcomp >> [EMAIL PROTECTED]:~# >> >> [EMAIL PROTECTED]:~# egrep -v '#' /etc/init.d/firewall >> iptables -P INPUT DROP >> iptables -P FORWARD DROP >> iptables -P OUTPUT ACCEPT >> >> iptables -F INPUT >> iptables -F FORWARD >> iptables -F OUTPUT >> iptables -F -t nat >> >> iptables -A INPUT -p icmp -j ACCEPT >> iptables -A OUTPUT -p icmp -j ACCEPT >> >> iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT >> >> iptables -A FORWARD -i eth0 -o eth1 -m state --state >> ESTABLISHED,RELATED -j ACCEPT >> iptables -A INPUT -i eth0 -m state --state >> ESTABLISHED,RELATED -j ACCEPT >> >> iptables -A INPUT -i eth1 -s 0/0 -d 0/0 -j ACCEPT >> iptables -A INPUT -i lo -s 0/0 -d 0/0 -j ACCEPT >> >> iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -o eth0 -j >> SNAT --to-source 77.70.5.130 >> >> iptables -A INPUT -i eth0 -s 192.168.0.0/24 -j DROP >> iptables -A INPUT -i eth0 -s 127.0.0.0/8 -j DROP >> >> iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port >> 1723 --syn -j ACCEPT >> iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT >> iptables -A FORWARD -i eth0 -o ppp+ -m state --state >> ESTABLISHED,RELATED -j ACCEPT >> >> modprobe ip_gre >> modprobe ip_nat_pptp >> modprobe ip_conntrack_pptp >> iptables -A INPUT -s 0/0 -d 0/0 -p udp -j DROP >> iptables -A INPUT -s 0/0 -d 0/0 -p tcp --syn -j DROP >> >> echo 1 > /proc/sys/net/ipv4/tcp_syncookies >> echo 1 > /proc/sys/net/ipv4/ip_forward >> echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts >> echo 1 > /proc/sys/net/ipv4/conf/all/log_martians >> echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses >> echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter >> echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects >> echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route >> >> >> Linux: >> >> ppp0 Link encap:Point-to-Point Protocol >> inet addr:192.168.0.1 P-t-P:192.168.0.100 >> Mask:255.255.255.255 >> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1 >> RX packets:31 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:9 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:3 >> RX bytes:4083 (3.9 KiB) TX bytes:160 (160.0 b) >> >> [EMAIL PROTECTED]:~# route -n >> Kernel IP routing table >> Destination Gateway Genmask Flags Metric Ref Use >> Iface >> 192.168.0.100 0.0.0.0 255.255.255.255 UH 0 0 0 >> ppp0 >> 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 >> eth1 >> 77.70.5.0 0.0.0.0 255.255.255.0 U 0 0 0 >> eth0 >> 0.0.0.0 77.70.5.1 0.0.0.0 UG 0 0 0 >> eth0 >> [EMAIL PROTECTED]:~# >> >> Windows: >> >> PPP adapter d3v1ous.info VPN Server: >> >> Connection-specific DNS Suffix . : >> Description . . . . . . . . . . . : d3v1ous.info VPN Server >> Physical Address. . . . . . . . . : >> DHCP Enabled. . . . . . . . . . . : No >> Autoconfiguration Enabled . . . . : Yes >> IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred) >> Subnet Mask . . . . . . . . . . . : 255.255.255.255 >> Default Gateway . . . . . . . . . : 0.0.0.0 >> DNS Servers . . . . . . . . . . . : 192.168.0.1 >> 77.70.5.1 >> NetBIOS over Tcpip. . . . . . . . : Enabled >> >> C:\>ping abv.bg >> >> Pinging abv.bg [194.153.145.104] with 32 bytes of data: >> >> Reply from 194.153.145.104: bytes=32 time=3ms TTL=59 >> Reply from 194.153.145.104: bytes=32 time=4ms TTL=59 >> Reply from 194.153.145.104: bytes=32 time=3ms TTL=59 >> Reply from 194.153.145.104: bytes=32 time=4ms TTL=59 >> >> Ping statistics for 194.153.145.104: >> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), >> Approximate round trip times in milli-seconds: >> Minimum = 3ms, Maximum = 4ms, Average = 3ms >> >> C:\>ping d3v1ous.info >> >> Pinging d3v1ous.info [77.70.5.130] with 32 bytes of data: >> >> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59 >> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59 >> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59 >> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59 >> >> Ping statistics for 77.70.5.130: >> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), >> Approximate round trip times in milli-seconds: >> Minimum = 2ms, Maximum = 2ms, Average = 2ms >> >> C:\>ping 192.168.0.1 >> >> Pinging 192.168.0.1 with 32 bytes of data: >> >> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64 >> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64 >> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64 >> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64 >> >> Ping statistics for 192.168.0.1: >> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), >> Approximate round trip times in milli-seconds: >> Minimum = 3ms, Maximum = 3ms, Average = 3ms >> >> >> C:\>ftp d3v1ous.info >> Connected to d3v1ous.info. >> 220 77.70.5.130 FTP server ready >> User (d3v1ous.info:(none)): ^C >> C:\> >> C:\>ftp 192.168.0.1 >> Connected to 192.168.0.1. >> Connection closed by remote host. >> >> C:\> >> >> Linux: >> [EMAIL PROTECTED]:~# netstat -ntap | grep 21 >> tcp 0 0 0.0.0.0:21 0.0.0.0:* >> LISTEN 4957/inetd >> >> >> > > > > _______________________________________________ > Lug-bg mailing list > [email protected] > http://linux-bulgaria.org/mailman/listinfo/lug-bg > _______________________________________________ Lug-bg mailing list [email protected] http://linux-bulgaria.org/mailman/listinfo/lug-bg
