date:20061112

Re: [FreeBSD] port bazli routing

2006-11-12 Başlik Huzeyfe Onal

merhaba,
yapmak istediginiz tam olarak ney? Ic ag kullanicilarinin disaridaki smtp sunucuya baglantilarini mi baska interface uzerinden cikarmaya calisiyorsunuz yoksa mail sunucudan giden istekleri mi yonlendirmek istiyorsunuz?



iyi calismalar...
On 11/11/06, Veysi Gümüs [EMAIL PROTECTED] wrote:



Mrb,

PF port bazinda routing yapmak istiyorum.yazmis oldugum kurallarda ise hala default gw den cikmaya calisiyor. 25 port giden isteklerimi su interfaceden cikmasini istyorum.yazmis oldugum kurallarda nasil bir yanlislik yapmis olabilirim.


ikinci bir sorun ise pflog da surekli bir blocklama var neyi blocklamaya calistigini bulamadim.kurallar ve logtaki block satirlariniasagi satirlarda yazdim

Saygilar
Veysi GUMUS

 Macros###lan_net = { 
10.0.0.0/24, 10.0.2.0/24, 
10.0.3.0/24, 10.0.4.0/24 }int_if = bge0ext_if = vr0ext_if2 = vr1
ext_gw1 = 192.168.100.213ext_gw2 = 
192.168.110.25fwips = {127.0.0.1, 
10.0.0.2, 192.168.100.212, 
192.168.110.26}###Tanimlar##table msn persist file /usr/local/etc/fw/msntable kamera persist file /usr/local/etc/fw/kamera
table ftp persist file /usr/local/etc/fw/ftptable sigorta persist file /usr/local/etc/fw/sigortatable banka persist file /usr/local/etc/fw/bankatable fbs persist file /usr/local/etc/fw/fbs


 Set Optimizations###set limit { frags 3, states 25000 }set loginterface $ext_ifscrub in all


###Nat Kurallari##nat on $ext_if from $lan_net to any - ($ext_if)nat on $ext_if2 from $lan_net to any - ($ext_if2)
rdr on $int_if proto tcp from any to any port 80 - 10.0.0.2 port 8080

###Firewall Kurallari##
block in log all
block out log allpass in quick on lo0 allpass out quick on lo0 all

pass in log on $int_if route-to \ { ($ext_if $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto tcp from $fwips to any flags S/SA modulate state

pass in log on $int_if route-to \ { ($ext_if $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto { udp, icmp } from $fwips to any keep state


###Port Bazli Routing##

pass in quick log on $int_if route-to ($ext_if2 $ext_gw2) proto tcp from $fwips to any port 25 keep statepass out quick on $ext_if route-to ($ext_if2 $ext_gw2) proto tcp from $fwips to any port 25 keep state

###1.Adsl Uzerinden Gelisler##pass in quick log on $ext_if proto tcp from any to any port = 22 flags S/SA
pass out quick on $ext_if proto { tcp, udp, icmp } from $ext_if to any keep statepass out on $ext_if2 route-to ($ext_if $ext_gw1) from $ext_if to any keep state

###2.Adsl Uzerinden Gelisler##pass in quick log on $ext_if2 proto tcp from any to any port {25,80,110} flags S/SA
pass out quick on $ext_if2 proto { tcp, udp, icmp } from $ext_if2 to any keep statepass out on $ext_if route-to ($ext_if2 $ext_gw2) from $ext_if2 to any keep state##
#Localden Firewall Gelisler##pass in quick log on $int_if proto tcp from $lan_net to any port { 22, 25, 80, 110, 8080, 3128, 12200 } flags S/SA keep statepass in quick log on $int_if proto tcp from msn to any port = 1863 flags S/SA keep state
pass in quick log on $int_if proto tcp from kamera to any port = 18082 flags S/SA keep statepass in quick log on $int_if proto tcp from sigorta to any port = 12173 flags S/SA keep statepass in quick log on $int_if proto tcp from banka to any port = 443 flags S/SA keep state

pass in quick log on $int_if proto tcp from fbs to any port = 33000 flags S/SA keep statepass in quick log on $int_if proto tcp from ftp to any port = 21 flags S/SA keep statepass in quick on $int_if proto { udp, icmp } from $lan_net to any keep state

###Firewalldan Gidisler##pass out quick log on $int_if proto tcp from $lan_net to any port { 22, 25, 80, 110, 8080, 12200 } flags S/SA keep state
pass out quick log on $ext_if2 proto tcp from any to any port { 22, 25, 80, 110, 8080, 12200 } flags S/SA keep statepass out quick on $int_if proto { udp, icmp } from $lan_net to any keep state**

log dosyasındaki blocklamalar sürekli tekrarliyor.

tcpdump -eni pflog0 

10:17:41.415182

Re: [FreeBSD] Re: rrdtool ile ilgili

2006-11-12 Başlik bunyamin

Ne kullandığını tam bilmiyorum fakat...


setenv PACKAGESITE ftp://ftp.freebsd.org/pub/FreeBSD
setenv PACKAGEROOT ftp://ftp.freebsd.org/pub/FreeBSD

kullanman gerekiyor sanırım..

export zsh ve bash te.. 

kabuk# env

ile değişkenleri görebilirsin..



Bünyamin DEMIR


- Original Message -
From: Ali Çelik [mailto:[EMAIL PROTECTED]
To: freebsd@lists.enderunix.org
Subject: Re: [FreeBSD] Re: rrdtool ile ilgili


 Merhaba  ipucu için teşekkür ederim fakat  mail# source
 /etc/profile export: Command not found. export: Command not found.  gibi 
 bir
 hata alıyorum. Bu şekilde kullanabilmem için bash mı? Yüklemem
 gerekiyor.  On 11/9/06,
 B�k�r@istanbul.enderunix.org B�k�r@istanbul.enderunix.org
 wrote:  Merhabalar   export 
 PACKAGESITE=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/A 
 
 ll/  export 
 PACKAGEROOT=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/A 
 
 ll/   degerlerini /etc/profile icerisine yazip   source /etc/profile 
 
 deyip yeniden denerseniz   yazilimlarin freebsd icin son versiyonlarini
 elde edebilirsiniz...   [ISO-8859-1] Ali Çelik writes:Merhaba 
mail# pkg_add -r rrdtool   Error: FTP Unable to get  
 ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/Latest/r 
  rdtool.tbz:   File unavailable (e.g., file not found, no access)  
 pkg_add: unable to fetch  
 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/Latest/ 
  rrdtool.tbz'   by URL   hatası alıyorum url eski ve
 geçersiz. Url yi nasıl güncelleyebilirim. On 11/6/06, Destan
 YILANCI [EMAIL PROTECTED] wrote:   Merhabalar, Şu
 aşamaları uygulayın: Öncelikle ports ağacını
 güncelleyin. #cd /usr/ports/net/rrdtool   #make deinstall
 clean   #make install Hala hata alıyorsanız bence binary
 kurmayı deneyin... #pkg_add -r rrdtool  
 
 Aktarılıyor Ali Çelik [EMAIL PROTECTED]:  Merhaba  
 Daha önceden aşağıdaki sorun ile karşılaşan oldu mu?   
 çok önceden [EMAIL PROTECTED] e rapor ettim fakat herhangib bir cevap  
 gelmedi   checking for zlibVersion in -lz... yes
 checking
 zlib.h usability... yeschecking zlib.h presence... yes   
 checking for zlib.h... yeschecking for png_access_version_number in
 -lpng... yeschecking png.h usability... yeschecking png.h
 presence... yeschecking for png.h... yeschecking for
 FT_Init_FreeType in -lfreetype... yeschecking ft2build.h
 usability... yeschecking ft2build.h presence... yeschecking
 for ft2build.h... yesconfigure: error: Please fix the library issues
 listed above and try   again.===  Script configure failed
 unexpectedly.Please report the problem to [EMAIL PROTECTED]
 [maintainer] and attach   the   
 /usr/ports/net/rrdtool/work/rrdtool-1.2.15/config.log including the  
 outputof the failure of your make command. Also, it might be a good
 idea to   providean overview of all packages installed on your
 system (e.g. an `ls/var/db/pkg`).*** Error code 1
   Stop in /usr/ports/net/rrdtool.mail#  
   -- 
  Saygılarımla   Destan YILANCI
 --   Süleyman Demirel
 Üniversitesi - ISPARTA 2006
 -  
 Cikmak icin, e-mail: [EMAIL PROTECTED]   Liste
 arsivi: http://lists.enderunix.org   Turkiye'nin ilk FreeBSD kitabi:
 http://www.acikakademi.com/freebsd.php   
 ---  Bâkır EMRE  http://www.EnderUNIX.ORG  Software
 Development Team @ Turkey
 - 
 Cikmak icin, e-mail: [EMAIL PROTECTED]  Liste arsivi:
 http://lists.enderunix.org  Turkiye'nin ilk FreeBSD kitabi:
 http://www.acikakademi.com/freebsd.php

-
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php

Re: [FreeBSD] port bazli routing

2006-11-12 Başlik Veysi Gümüs




mrb;

evet iç ag kullanicilarini ve mail serverimdan 
disari giden smtp isteklerini istedigim interface den gecirmek.




  - Original Message - 
  From: 
  Huzeyfe 
  Onal 
  To: freebsd@lists.enderunix.org 
  
  Sent: Sunday, November 12, 2006 1:35 
  PM
  Subject: Re: [FreeBSD] port bazli 
  routing
  
  merhaba,
  yapmak istediginiz tam olarak ney? Ic ag kullanicilarinin disaridaki smtp 
  sunucuya baglantilarini mi baska interface uzerinden cikarmaya calisiyorsunuz 
  yoksa mail sunucudan giden istekleri mi yonlendirmek istiyorsunuz? 
  
  
  iyi calismalar...
  On 11/11/06, Veysi 
  Gümüs [EMAIL PROTECTED] 
  wrote: 
  


Mrb,

PF port bazinda routing yapmak istiyorum.yazmis 
oldugum kurallarda ise hala default gw den cikmaya calisiyor. 25 port giden 
isteklerimi su interfaceden cikmasini istyorum.yazmis oldugum kurallarda 
nasil bir yanlislik yapmis olabilirim. 

ikinci bir sorun ise pflog da surekli bir 
blocklama var neyi blocklamaya calistigini bulamadim.kurallar ve logtaki 
block satirlariniasagi satirlarda yazdim

Saygilar
Veysi GUMUS

 
Macros###lan_net = 
"{ 10.0.0.0/24, 10.0.2.0/24, 10.0.3.0/24, 10.0.4.0/24 }"int_if = 
"bge0"ext_if = "vr0"ext_if2 = "vr1" ext_gw1 = "192.168.100.213"ext_gw2 
= " 192.168.110.25"fwips = 
"{127.0.0.1, 10.0.0.2, 192.168.100.212, 192.168.110.26}"###Tanimlar##table 
msn persist file "/usr/local/etc/fw/msn"table kamera 
persist file "/usr/local/etc/fw/kamera" table ftp persist file 
"/usr/local/etc/fw/ftp"table sigorta persist file 
"/usr/local/etc/fw/sigorta"table banka persist file 
"/usr/local/etc/fw/banka"table fbs persist file 
"/usr/local/etc/fw/fbs" 

 Set 
Optimizations###set 
limit { frags 3, states 25000 }set loginterface $ext_ifscrub in 
all 

###Nat 
Kurallari##nat on 
$ext_if from $lan_net to any - ($ext_if)nat on $ext_if2 from 
$lan_net to any - ($ext_if2) rdr on $int_if proto tcp from any to 
any port 80 - 10.0.0.2 port 8080

###Firewall 
Kurallari##
block in log all
block out log allpass in quick on lo0 allpass out quick 
on lo0 all

pass in log on $int_if route-to \ { ($ext_if 
$ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto 
tcp from $fwips to any flags S/SA modulate state

pass in log on $int_if route-to \ { ($ext_if 
$ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto { 
udp, icmp } from $fwips to any keep state


###Port Bazli 
Routing##

pass in quick log on $int_if route-to ($ext_if2 $ext_gw2) proto 
tcp from $fwips to any port 25 keep statepass out quick on 
$ext_if route-to ($ext_if2 $ext_gw2) proto tcp from $fwips to any port 
25 keep state 
###1.Adsl Uzerinden 
Gelisler##pass in 
quick log on $ext_if proto tcp from any to any port = 22 flags S/SApass 
out quick on $ext_if proto { tcp, udp, icmp } from $ext_if to any keep 
statepass out on $ext_if2 route-to ($ext_if $ext_gw1) from $ext_if 
to any keep state

###2.Adsl Uzerinden 
Gelisler##pass in 
quick log on $ext_if2 proto tcp from any to any port {25,80,110} flags S/SA 
pass out quick on $ext_if2 proto { tcp, udp, icmp } from $ext_if2 
to any keep statepass out on $ext_if route-to ($ext_if2 $ext_gw2) 
from $ext_if2 to any keep 
state## #Localden 
Firewall 
Gelisler##pass in 
quick log on $int_if proto tcp from $lan_net to any port { 22, 25, 80, 110, 
8080, 3128, 12200 } flags S/SA keep statepass in quick log on $int_if 
proto tcp from msn to any port = 1863 flags S/SA keep state pass 
in quick log on $int_if proto tcp from kamera to any port = 18082 
flags S/SA keep statepass in quick log on $int_if proto tcp from 
sigorta to any port = 12173 flags S/SA keep statepass in quick 
log on $int_if proto tcp from banka to any port = 443 flags S/SA 
keep state 
pass in quick log on $int_if proto tcp from fbs to any port = 
33000 flags S/SA keep statepass in quick log on

Re: [FreeBSD] port bazli routing

Re: [FreeBSD] Re: rrdtool ile ilgili

Re: [FreeBSD] port bazli routing

3 matches

Site Navigation

Mail list logo

Footer information