Re: [FreeBSD] port bazli routing
merhaba, yapmak istediginiz tam olarak ney? Ic ag kullanicilarinin disaridaki smtp sunucuya baglantilarini mi baska interface uzerinden cikarmaya calisiyorsunuz yoksa mail sunucudan giden istekleri mi yonlendirmek istiyorsunuz? iyi calismalar... On 11/11/06, Veysi Gümüs [EMAIL PROTECTED] wrote: Mrb, PF port bazinda routing yapmak istiyorum.yazmis oldugum kurallarda ise hala default gw den cikmaya calisiyor. 25 port giden isteklerimi su interfaceden cikmasini istyorum.yazmis oldugum kurallarda nasil bir yanlislik yapmis olabilirim. ikinci bir sorun ise pflog da surekli bir blocklama var neyi blocklamaya calistigini bulamadim.kurallar ve logtaki block satirlariniasagi satirlarda yazdim Saygilar Veysi GUMUS Macros###lan_net = { 10.0.0.0/24, 10.0.2.0/24, 10.0.3.0/24, 10.0.4.0/24 }int_if = bge0ext_if = vr0ext_if2 = vr1 ext_gw1 = 192.168.100.213ext_gw2 = 192.168.110.25fwips = {127.0.0.1, 10.0.0.2, 192.168.100.212, 192.168.110.26}###Tanimlar##table msn persist file /usr/local/etc/fw/msntable kamera persist file /usr/local/etc/fw/kamera table ftp persist file /usr/local/etc/fw/ftptable sigorta persist file /usr/local/etc/fw/sigortatable banka persist file /usr/local/etc/fw/bankatable fbs persist file /usr/local/etc/fw/fbs Set Optimizations###set limit { frags 3, states 25000 }set loginterface $ext_ifscrub in all ###Nat Kurallari##nat on $ext_if from $lan_net to any - ($ext_if)nat on $ext_if2 from $lan_net to any - ($ext_if2) rdr on $int_if proto tcp from any to any port 80 - 10.0.0.2 port 8080 ###Firewall Kurallari## block in log all block out log allpass in quick on lo0 allpass out quick on lo0 all pass in log on $int_if route-to \ { ($ext_if $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto tcp from $fwips to any flags S/SA modulate state pass in log on $int_if route-to \ { ($ext_if $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto { udp, icmp } from $fwips to any keep state ###Port Bazli Routing## pass in quick log on $int_if route-to ($ext_if2 $ext_gw2) proto tcp from $fwips to any port 25 keep statepass out quick on $ext_if route-to ($ext_if2 $ext_gw2) proto tcp from $fwips to any port 25 keep state ###1.Adsl Uzerinden Gelisler##pass in quick log on $ext_if proto tcp from any to any port = 22 flags S/SA pass out quick on $ext_if proto { tcp, udp, icmp } from $ext_if to any keep statepass out on $ext_if2 route-to ($ext_if $ext_gw1) from $ext_if to any keep state ###2.Adsl Uzerinden Gelisler##pass in quick log on $ext_if2 proto tcp from any to any port {25,80,110} flags S/SA pass out quick on $ext_if2 proto { tcp, udp, icmp } from $ext_if2 to any keep statepass out on $ext_if route-to ($ext_if2 $ext_gw2) from $ext_if2 to any keep state## #Localden Firewall Gelisler##pass in quick log on $int_if proto tcp from $lan_net to any port { 22, 25, 80, 110, 8080, 3128, 12200 } flags S/SA keep statepass in quick log on $int_if proto tcp from msn to any port = 1863 flags S/SA keep state pass in quick log on $int_if proto tcp from kamera to any port = 18082 flags S/SA keep statepass in quick log on $int_if proto tcp from sigorta to any port = 12173 flags S/SA keep statepass in quick log on $int_if proto tcp from banka to any port = 443 flags S/SA keep state pass in quick log on $int_if proto tcp from fbs to any port = 33000 flags S/SA keep statepass in quick log on $int_if proto tcp from ftp to any port = 21 flags S/SA keep statepass in quick on $int_if proto { udp, icmp } from $lan_net to any keep state ###Firewalldan Gidisler##pass out quick log on $int_if proto tcp from $lan_net to any port { 22, 25, 80, 110, 8080, 12200 } flags S/SA keep state pass out quick log on $ext_if2 proto tcp from any to any port { 22, 25, 80, 110, 8080, 12200 } flags S/SA keep statepass out quick on $int_if proto { udp, icmp } from $lan_net to any keep state** log dosyasındaki blocklamalar sürekli tekrarliyor. tcpdump -eni pflog0 10:17:41.415182
Re: [FreeBSD] Re: rrdtool ile ilgili
Ne kullandığını tam bilmiyorum fakat... setenv PACKAGESITE ftp://ftp.freebsd.org/pub/FreeBSD setenv PACKAGEROOT ftp://ftp.freebsd.org/pub/FreeBSD kullanman gerekiyor sanırım.. export zsh ve bash te.. kabuk# env ile değişkenleri görebilirsin.. Bünyamin DEMIR - Original Message - From: Ali Çelik [mailto:[EMAIL PROTECTED] To: freebsd@lists.enderunix.org Subject: Re: [FreeBSD] Re: rrdtool ile ilgili Merhaba ipucu için teşekkür ederim fakat mail# source /etc/profile export: Command not found. export: Command not found. gibi bir hata alıyorum. Bu şekilde kullanabilmem için bash mı? Yüklemem gerekiyor. On 11/9/06, B�k�r@istanbul.enderunix.org B�k�r@istanbul.enderunix.org wrote: Merhabalar export PACKAGESITE=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/A ll/ export PACKAGEROOT=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/A ll/ degerlerini /etc/profile icerisine yazip source /etc/profile deyip yeniden denerseniz yazilimlarin freebsd icin son versiyonlarini elde edebilirsiniz... [ISO-8859-1] Ali Çelik writes:Merhaba mail# pkg_add -r rrdtool Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/Latest/r rdtool.tbz: File unavailable (e.g., file not found, no access) pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/Latest/ rrdtool.tbz' by URL hatası alıyorum url eski ve geçersiz. Url yi nasıl güncelleyebilirim. On 11/6/06, Destan YILANCI [EMAIL PROTECTED] wrote: Merhabalar, Şu aşamaları uygulayın: Öncelikle ports ağacını güncelleyin. #cd /usr/ports/net/rrdtool #make deinstall clean #make install Hala hata alıyorsanız bence binary kurmayı deneyin... #pkg_add -r rrdtool Aktarılıyor Ali Çelik [EMAIL PROTECTED]: Merhaba Daha önceden aşağıdaki sorun ile karşılaşan oldu mu? çok önceden [EMAIL PROTECTED] e rapor ettim fakat herhangib bir cevap gelmedi checking for zlibVersion in -lz... yes checking zlib.h usability... yeschecking zlib.h presence... yes checking for zlib.h... yeschecking for png_access_version_number in -lpng... yeschecking png.h usability... yeschecking png.h presence... yeschecking for png.h... yeschecking for FT_Init_FreeType in -lfreetype... yeschecking ft2build.h usability... yeschecking ft2build.h presence... yeschecking for ft2build.h... yesconfigure: error: Please fix the library issues listed above and try again.=== Script configure failed unexpectedly.Please report the problem to [EMAIL PROTECTED] [maintainer] and attach the /usr/ports/net/rrdtool/work/rrdtool-1.2.15/config.log including the outputof the failure of your make command. Also, it might be a good idea to providean overview of all packages installed on your system (e.g. an `ls/var/db/pkg`).*** Error code 1 Stop in /usr/ports/net/rrdtool.mail# -- Saygılarımla Destan YILANCI -- Süleyman Demirel Üniversitesi - ISPARTA 2006 - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php --- Bâkır EMRE http://www.EnderUNIX.ORG Software Development Team @ Turkey - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php - Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
Re: [FreeBSD] port bazli routing
mrb; evet iç ag kullanicilarini ve mail serverimdan disari giden smtp isteklerini istedigim interface den gecirmek. - Original Message - From: Huzeyfe Onal To: freebsd@lists.enderunix.org Sent: Sunday, November 12, 2006 1:35 PM Subject: Re: [FreeBSD] port bazli routing merhaba, yapmak istediginiz tam olarak ney? Ic ag kullanicilarinin disaridaki smtp sunucuya baglantilarini mi baska interface uzerinden cikarmaya calisiyorsunuz yoksa mail sunucudan giden istekleri mi yonlendirmek istiyorsunuz? iyi calismalar... On 11/11/06, Veysi Gümüs [EMAIL PROTECTED] wrote: Mrb, PF port bazinda routing yapmak istiyorum.yazmis oldugum kurallarda ise hala default gw den cikmaya calisiyor. 25 port giden isteklerimi su interfaceden cikmasini istyorum.yazmis oldugum kurallarda nasil bir yanlislik yapmis olabilirim. ikinci bir sorun ise pflog da surekli bir blocklama var neyi blocklamaya calistigini bulamadim.kurallar ve logtaki block satirlariniasagi satirlarda yazdim Saygilar Veysi GUMUS Macros###lan_net = "{ 10.0.0.0/24, 10.0.2.0/24, 10.0.3.0/24, 10.0.4.0/24 }"int_if = "bge0"ext_if = "vr0"ext_if2 = "vr1" ext_gw1 = "192.168.100.213"ext_gw2 = " 192.168.110.25"fwips = "{127.0.0.1, 10.0.0.2, 192.168.100.212, 192.168.110.26}"###Tanimlar##table msn persist file "/usr/local/etc/fw/msn"table kamera persist file "/usr/local/etc/fw/kamera" table ftp persist file "/usr/local/etc/fw/ftp"table sigorta persist file "/usr/local/etc/fw/sigorta"table banka persist file "/usr/local/etc/fw/banka"table fbs persist file "/usr/local/etc/fw/fbs" Set Optimizations###set limit { frags 3, states 25000 }set loginterface $ext_ifscrub in all ###Nat Kurallari##nat on $ext_if from $lan_net to any - ($ext_if)nat on $ext_if2 from $lan_net to any - ($ext_if2) rdr on $int_if proto tcp from any to any port 80 - 10.0.0.2 port 8080 ###Firewall Kurallari## block in log all block out log allpass in quick on lo0 allpass out quick on lo0 all pass in log on $int_if route-to \ { ($ext_if $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto tcp from $fwips to any flags S/SA modulate state pass in log on $int_if route-to \ { ($ext_if $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto { udp, icmp } from $fwips to any keep state ###Port Bazli Routing## pass in quick log on $int_if route-to ($ext_if2 $ext_gw2) proto tcp from $fwips to any port 25 keep statepass out quick on $ext_if route-to ($ext_if2 $ext_gw2) proto tcp from $fwips to any port 25 keep state ###1.Adsl Uzerinden Gelisler##pass in quick log on $ext_if proto tcp from any to any port = 22 flags S/SApass out quick on $ext_if proto { tcp, udp, icmp } from $ext_if to any keep statepass out on $ext_if2 route-to ($ext_if $ext_gw1) from $ext_if to any keep state ###2.Adsl Uzerinden Gelisler##pass in quick log on $ext_if2 proto tcp from any to any port {25,80,110} flags S/SA pass out quick on $ext_if2 proto { tcp, udp, icmp } from $ext_if2 to any keep statepass out on $ext_if route-to ($ext_if2 $ext_gw2) from $ext_if2 to any keep state## #Localden Firewall Gelisler##pass in quick log on $int_if proto tcp from $lan_net to any port { 22, 25, 80, 110, 8080, 3128, 12200 } flags S/SA keep statepass in quick log on $int_if proto tcp from msn to any port = 1863 flags S/SA keep state pass in quick log on $int_if proto tcp from kamera to any port = 18082 flags S/SA keep statepass in quick log on $int_if proto tcp from sigorta to any port = 12173 flags S/SA keep statepass in quick log on $int_if proto tcp from banka to any port = 443 flags S/SA keep state pass in quick log on $int_if proto tcp from fbs to any port = 33000 flags S/SA keep statepass in quick log on