答复: where can find ipfilter document
This is a discussion on 答复: where can find ipfilter document within the IPFilter forums, part of the System Security and Security Related category; thank your reply my mail, but i add nat rule ,i can login in vpn server, but other user dial-...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-30-2005
|
|||
|
|||
答复: where can find ipfilter document
thank your reply my mail, but i add nat rule ,i can login in vpn server, but other user dial-up this vpn server vpn server at once reboot, this why ? my network map [ vpn server ] 172.16.1.5/16 | | 172.16.100.10/16 [ NAT server ] <<< add 'nat rule' 192.168.0.1/24 | | 192.168.0.2/24 [ MY Computer ] NAT server info # dmesg FreeBSD 4.10-RELEASE #0: Thu Mar 24 15:10:23 CST 2005 wm@ns.abc.com:/usr/src/sys/compile/gotop Timecounter "i8254" frequency 1193182 Hz CPU: Intel(R) Celeron(R) CPU 2.10GHz (2096.43-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf29 Stepping = 9 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE ,CX8,APIC,SEP,MTRR,PGE,MCA ,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2 ,SS,HTT,TM,PBE> real memory = 535822336 (523264K bytes) avail memory = 517660672 (505528K bytes) Preloaded elf kernel "kernel" at 0xc02d9000. Warning: Pentium 4 CPU: PSE disabled Pentium Pro MTRR support enabled fxp0: <Intel 82559ER Embedded 10/100 Ethernet> port 0xc000-0xc03f mem 0xed000000-0xed01ffff,0xed020000-0xed020fff irq 11 at device 8.0 on pci1 fxp0: Ethernet address 00:90:27:00:06:a0 inphy0: <i82555 10/100 media interface> on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto xl0: <3Com 3c905C-TX Fast Etherlink XL> port 0xc400-0xc47f mem 0xed021000-0xed02107f irq 12 at device 15.0 on pci1 xl0: Ethernet address: 00:04:75:c3:ff:4f IP Filter: v4.1.7 initialized. Default = pass all, Logging = enabled bash-2.05b# ifconfig fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 172.16.100.10 netmask 0xffff0000 broadcast 172.16.255.255 ether 00:90:27:00:06:a0 media: Ethernet autoselect (100baseTX) status: active xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=1<RXCSUM> inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 ether 00:04:75:c3:ff:4f media: Ethernet autoselect (100baseTX <full-duplex>) status: active ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 bash-2.05b# ipnat -l List of active MAP/Redirect filters: map fxp0 192.168.0.0/24 -> 0.0.0.0/32 proxy port pptp pptp/tcp List of active sessions: MAP 192.168.0.2 <- -> 172.16.100.10 [172.16.1.5] MAP 192.168.0.2 1112 <- -> 172.16.100.10 1112 [172.16.1.5 1723] proxy pptp/6 use 1 flags 0 proto 6 flags 0 bytes 1052 pkts 12 data YES size 1392 # last wm ttyp0 192.168.0.2 周三 3 30 08:44 still logged in reboot ~ 周三 3 30 08:41 wm ttyp0 192.168.0.2 周三 3 30 08:38 - crash (00:02) reboot ~ 周三 3 30 08:38 wm ttyp1 192.168.0.2 周三 3 30 08:35 - crash (00:03) 
|
Linear Mode
