OpenForum RSS: ipfw � ��

ipfw � �� (_John_)

Mon, 03 Sep 2012 08:34:28 GMT

� �� :

#!/bin/sh
ipfw="/sbin/ipfw"
local_net="172.25.37.0/24"
local_interface="rl0"
inter_net="192.168.1.0/24"
inter_interface="vr0"

#lo0
${ipfw} add allow all from any to any via lo0

#��
${ipfw} add allow ip from any to any via ${local_interface}

#��
${ipfw} nat 1 config log if ${inter_interface} reset same_ports deny_in

#Transparent squid forward
${ipfw} add fwd 172.25.37.1,3128 tcp from ${local_net} to any 80 via ${inter_interface}

#��
${ipfw} add nat 1 ip from any to any via ${inter_interface}

�� , �� .

�� , �� , ��

${ipfw} add nat 1 all from ${local_net} to any uid squid keep-state
� ��
${ipfw} add all from ${local_net} to any uid squid keep-state
� ��
${ipfw} add all from me 3128 to any keep-state

�� , � �� (keep-state �� , �� -��

ipfw � �� (user)

Sat, 01 Sep 2012 04:42:30 GMT

>[�� ]
>>> ��) � �� .
>> forward �� nat
>> �� ipfw (-de) show �� pppoe � ��
>>> �� , �� , � �� ppp?
>> �� pppoe mpd � up / down ��
>> �� ?
> �� , � �� .
> � ��, �� , �� keep-state �� ?
> � �� , �� , � ��
> �� ?

�� keep-state � ipfw �� . � sysctl �� -�� (�� ). �� - 8192.
� �� keep-state.

ipfw � �� (_John_)

Fri, 31 Aug 2012 17:41:52 GMT

>> �� ipfw �� , ��
>> �� (�� , dst-port ��
>> ��) � �� .
> forward �� nat
> �� ipfw (-de) show �� pppoe � ��
>> �� , �� , � �� ppp?
> �� pppoe mpd � up / down ��
> �� ?

�� , � �� .
� ��, �� , �� keep-state �� ?
� �� , �� , � �� ?

ipfw � �� (��)

Fri, 31 Aug 2012 16:44:35 GMT

> �� ipfw �� , ��
> �� (�� , dst-port ��
> ��) � �� .

forward �� nat
�� ipfw (-de) show �� pppoe � ��

> �� , �� , � �� ppp?

�� pppoe mpd � up / down �� ?

ipfw � �� (_John_)

Fri, 31 Aug 2012 15:26:20 GMT

>[�� ]
>> ${ipfw} add fwd 127.0.0.1,3128 tcp from ${local_net} not dst-port 65,993,143,110,25,995 to any out via ${inter_interface}
> �� ӣ-�� ?
> �� , �� 65,993,143,110,25,995
> � �� http
> �� not
> ��
> ${ipfw} add fwd 127.0.0.1,3128 tcp from ${local_net} to not me 80,443 in
> recv ${local_interface}
> �� "��" ��
> fwd 127.0.0.1,3128 tcp from ${local_net} to any 80

�� , �� .

�� , �� ppp (pppoe), � �� , �� , �� ipfw �� , �� ppp �� enable_nat=no, �� .
�� ipfw �� , �� (�� , d

ipfw � �� (��)

Fri, 31 Aug 2012 11:17:50 GMT

> # ��
> ${ipfw} add fwd 127.0.0.1,3128 tcp from ${local_net} not dst-port 65,993,143,110,25,995 to any out via ${inter_interface}

�� ӣ-�� ?
�� , �� 65,993,143,110,25,995
� �� http
�� not
��
${ipfw} add fwd 127.0.0.1,3128 tcp from ${local_net} to not me 80,443 in recv ${local_interface}

�� "��" ��
fwd 127.0.0.1,3128 tcp from ${local_net} to any 80

OpenForum RSS: ipfw � ���������� ������

ipfw � ���������� ������ (_John_)

ipfw � ���������� ������ (user)

ipfw � ���������� ������ (_John_)

ipfw � ���������� ������ (�������)

ipfw � ���������� ������ (_John_)

ipfw � ���������� ������ (�������)

OpenForum RSS: ipfw � ��

ipfw � �� (_John_)

ipfw � �� (user)

ipfw � �� (_John_)

ipfw � �� (��)

ipfw � �� (_John_)

ipfw � �� (��)