OpenForum RSS: FreeBSD 10.2 GRE IPFW+NAT �� PF

FreeBSD 10.2 GRE IPFW+NAT �� PF (Grinya64)

Tue, 15 Dec 2015 10:46:49 GMT

�� ssh �� , ��
# SSH for localhost allow
${fwcmd} add allow tcp from any to me 22

FreeBSD 10.2 GRE IPFW+NAT �� PF (Grinya64)

Tue, 15 Dec 2015 10:34:34 GMT

>[�� ]
> flags S/SA keep state
> pass in on $ext_if proto tcp from any to $ext_if port $udp_services
> keep state
> pass out on $ext_if proto tcp all modulate state flags S/SA
> pass out on $ext_if proto {tcp, udp, icmp } all keep state
> pass on $int_if all
> ########################################################
> �� - ��
> �� , �� PPTP ��.
> �� .

� �� GRE IPFW+NAT �� , ��
NAT VPN Out
${fwcmd} nat 10 config if ${eint}
${fwcmd} add nat 10 gre from any to any
${fwcmd} add nat 10 tcp from ${ipv} to any dst-port pptp,1396,53,21
${fwcmd} add nat 10 tcp from any pptp,1396,53,21 to any
�� {ipv} �� ip ��ۣ�� vpn ��.
natd �� , �� 22 ��
# rulezz for sshit table
${fwcmd} add deny tcp from table$0$ to me dst-port 22

FreeBSD 10.2 GRE IPFW+NAT �� PF (rtroll)

Tue, 15 Dec 2015 10:10:48 GMT

> � �� vpn � �� ?
> � �� rdp � w2003 ��

�� , �� , � �� .
� � �� 1723 � GRE.
� �� 1723 �� , � GRE ��.
�� , �� 1723 � GRE �� .

�� , �� pptp � gre, �� ӣ �� .
� �� FreeBSD 10.2 �� .

FreeBSD 10.2 GRE IPFW+NAT �� PF (tootsie)

Tue, 15 Dec 2015 05:35:55 GMT

>> �� ?
> ��, ��. �� w2k3. �� , ��
> �� IP �� .

� �� vpn � �� ?
� �� rdp � w2003 ��

FreeBSD 10.2 GRE IPFW+NAT �� PF (rtroll)

Mon, 14 Dec 2015 12:11:33 GMT

> �� ?

��, ��. �� w2k3. �� , �� IP �� .

FreeBSD 10.2 GRE IPFW+NAT �� PF (tootsie)

Mon, 14 Dec 2015 10:47:35 GMT

>[�� ]
> 0, length 0
> �� pptp � ��̣�� ip �� , ��, ��
> �� 1723 ��, �� VPN �� Win2k3
> ��((
> 15:57:22.900963 IP 37.204.151.153.5636 > 192.168.1.10.1723: Flags [S], seq 550181637,
> win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
> 15:57:25.896837 IP 37.204.151.153.5636 > 192.168.1.10.1723: Flags [S], seq 550181637,
> win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
> 15:57:31.901522 IP 37.204.151.153.5636 > 192.168.1.10.1723: Flags [S], seq 550181637,
> win 8192, options [mss 1460,nop,nop,sackOK], length 0

�� ?

FreeBSD 10.2 GRE IPFW+NAT �� PF (ALex_hha)

Sun, 13 Dec 2015 10:40:06 GMT

� �� , �� ipfw �� , �� iptables :)

�� CentOS �� - nf_nat_pptp, nf_conntrack_pptp, nf_nat_proto_gre nf_conntrack_proto_gre

FreeBSD 10.2 GRE IPFW+NAT �� PF (tootsie)

Sat, 12 Dec 2015 12:49:07 GMT

> firewall_nat_enable="YES"
> firewall_script="/etc/ipfw.rules"
> firewall_type="Open"

�� Open � ��?

> natd_program="/sbin/natd"
> natd_enable="YES"

�� firewall_nat_enable="YES"

>[�� ]
> $fwcmd add 3510 allow all from any to any via rl0
> ########################################################
> ########################################################
> natd.conf
> ########################################################
> redirect_proto gre 192.168.1.10
> redirect_port tcp 192.168.1.10:1723 1723
> redirect_port tcp 10.10.13.196:25 2525
> ########################################################
> ########################################################

FreeBSD 10.2 GRE IPFW+NAT �� PF (rtroll)

Fri, 11 Dec 2015 11:47:49 GMT

> �� :
> http://startext.tomsk.ru/node/125
> http://shurik.kiev.ua/blog/index.php?/archives/9-FreeBSD_i_GRE.html
> http://it-e.ru/blogs/administrirovanie/probros-trafika-pptp-cherez-ipfw-kernel-nat

� �� (
tpc 1723 ��, � �� gre �� .

OpenForum RSS: FreeBSD 10.2 GRE IPFW+NAT ��� PF

FreeBSD 10.2 GRE IPFW+NAT ��� PF (Grinya64)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (Grinya64)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (rtroll)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (tootsie)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (rtroll)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (tootsie)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (ALex_hha)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (tootsie)

FreeBSD 10.2 GRE IPFW+NAT ��� PF (rtroll)

OpenForum RSS: FreeBSD 10.2 GRE IPFW+NAT �� PF

FreeBSD 10.2 GRE IPFW+NAT �� PF (Grinya64)

FreeBSD 10.2 GRE IPFW+NAT �� PF (Grinya64)

FreeBSD 10.2 GRE IPFW+NAT �� PF (rtroll)

FreeBSD 10.2 GRE IPFW+NAT �� PF (tootsie)

FreeBSD 10.2 GRE IPFW+NAT �� PF (rtroll)

FreeBSD 10.2 GRE IPFW+NAT �� PF (tootsie)

FreeBSD 10.2 GRE IPFW+NAT �� PF (ALex_hha)

FreeBSD 10.2 GRE IPFW+NAT �� PF (tootsie)

FreeBSD 10.2 GRE IPFW+NAT �� PF (rtroll)