OpenForum RSS: � �� Free9.0 + PF: NAT ��, ��

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

Thu, 26 Apr 2012 14:33:41 GMT

�� - �� , �� ... �� , �� .

��

�� - �� , �� ... ?

�� :

ext_if="xl0"
int_if="fxp0"
internal_net="192.168.200.0/24"

tcp_services="{ PORT }"

allowed_ports="{5190, 2041, 2042, 2043, 2044}"
web_ports="{80, 8080, 443}"
icmp_types="echoreq"

table <remote> {IP}
table <priv> {IP, IP, IP }

set block-policy drop
set loginterface $ext_if

set skip on lo

scrub in

nat on $ext_if from !($ext_if) tagged USER_TRAFFIC -> ($ext_if:0)
nat on $ext_if from !($ext_if) tagged PRIV_TRAFFIC -> ($ext_if:0)

nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"

rdr pass on $ext_if proto tcp from <remote> to $ext_if port 80 tag REMOTE_WEB -> 192.168.200.7
rdr pass on $ext_if proto tcp from <remote> to $ext_if port

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

Sun, 08 Apr 2012 16:22:37 GMT

�� - � ��
8. make delete-old
11. make delete-old-libs
� �� (�� KERNCONF= �� .�. �� )

��
mergemaster -p � �� .�. �) �� ) �� , �� . � ��-�� :)

�� , �� ... ��

� �� Free9.0 + PF: NAT ��, �� (artemrts)

Sat, 07 Apr 2012 20:41:27 GMT

>[�� ]
> make buildworld
> make buildkernel (�� GENERIC)
> make installkernel
> reboot
> make installworld
> mergemaster
> �� (��
> :) ) - �� , ��
> �� - �� pf � ALTQ
> � ��

�� , �� :

1. cd /usr/src
2. make buildworld
3. make buildkernel KERNCONF=��_��_��_��_�_��_ident
4. make installkernel KERNCONF=��_��_��_��_�_��_ident
5. reboot (in single user mode: boot -s from the loader prompt).
6. mergemaster -p
7. make installworld
8. make delete-old
9. mergemaster -iUF
10. reboot
11. make delete-old-libs

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

Sat, 07 Apr 2012 19:58:26 GMT

�� cvsup
(�� )
*default release=cvs tag=RELENG_9
src-all

�� - ��

make buildworld
make buildkernel (�� GENERIC)
make installkernel
reboot
make installworld
mergemaster

�� (�� :) ) - �� , �� - �� pf � ALTQ � ��

� �� Free9.0 + PF: NAT ��, �� (artemrts)

Sat, 07 Apr 2012 19:37:06 GMT

> �� - ��
> �� ...

��... �� , ��?..

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

Sat, 07 Apr 2012 19:18:59 GMT

�� - �� ...

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

Wed, 04 Apr 2012 13:58:32 GMT

�� :)
�� (�� ) ��

�� , �� - � �� World, �� .�. ��

sysctl net.inet - �� , �� -�� 1 ��-�� 0

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

Wed, 04 Apr 2012 10:17:53 GMT

�� pfctl -f /etc/test.conf (�� - �� )
�� - �� ? :))
�� 'pfctl -sr' ��

��
pfctl -F all -f /etc/pfc.cnf
��
(�� - telnet �� set skip on lo0 �� 127.0.0.1 �� )

�� - ��, �� ...
�� - ��

� �� Free9.0 + PF: NAT ��, �� (artemrts)

Wed, 04 Apr 2012 10:06:33 GMT

>[�� ]
>> telnet: Unable to connect to remote host
>> telnet 192.168.200.1 25
>> Trying 192.168.200.1...
>> telnet: connect to address 192.168.200.1: Operation not permitted
>> telnet: Unable to connect to remote host
>> �� (25, 110, 3127, 3128 ...) ��
>> ��
>> �� set skip on lo0 - ��
> �� ? pfctl -F rules /etc/pf.conf � pfctl -F nat
> /etc/pf.conf ?

�� -)
pfctl -F rules -f /etc/pf.conf
.....

OpenForum RSS: � ����� Free9.0 + PF: NAT ����, �������� ���

� ����� Free9.0 + PF: NAT ����, �������� ��� (Yarikson)

� ����� Free9.0 + PF: NAT ����, �������� ��� (Yarikson)

� ����� Free9.0 + PF: NAT ����, �������� ��� (artemrts)

� ����� Free9.0 + PF: NAT ����, �������� ��� (Yarikson)

� ����� Free9.0 + PF: NAT ����, �������� ��� (artemrts)

� ����� Free9.0 + PF: NAT ����, �������� ��� (Yarikson)

� ����� Free9.0 + PF: NAT ����, �������� ��� (Yarikson)

� ����� Free9.0 + PF: NAT ����, �������� ��� (Yarikson)

� ����� Free9.0 + PF: NAT ����, �������� ��� (artemrts)

OpenForum RSS: � �� Free9.0 + PF: NAT ��, ��

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

� �� Free9.0 + PF: NAT ��, �� (artemrts)

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

� �� Free9.0 + PF: NAT ��, �� (artemrts)

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

� �� Free9.0 + PF: NAT ��, �� (Yarikson)

� �� Free9.0 + PF: NAT ��, �� (artemrts)