1. Поставил /usr/ports/sysutils/socket
проверел /etc/services
rdp 3389/tcp #Microsoft Remote Desktop Protocol
radmin 4899/tcp #Добавил самКОНФИГИ
-------------------------------------------------------------------
inetd.conf
radmin stream tcp nowait /usr/local/bin/socket socket 10.0.0.2 4899
rdp stream tcp nowait /usr/local/bin/socket socket 10.0.0.2 3389
------------------------------------------------------------
ipfw show
00050 9100 1658974 divert 8668 ip from any to any via rl0
00055 1715 69740 allow ip from any to 10.0.0.2
00055 1697 71524 allow ip from 10.0.0.2 to any
00056 11821 1417917 allow ip from any to my_real_ip
00056 4405 525521 allow ip from my_real_ip to any
--------------------------------------------------------------
rc.conf
hostname="my_host"
gateway_enable=yes
natd_enable=yes
natd_interface=rl0
defaultrouter=router_ip
ifconfig_rl0="inet my_real_ip netmask 255.255.255.0"
ifconfig_rl1="inet 10.0.0.1 netmask 255.255.255.128"
firewall_enable=yes
firewall_script="/etc/ipfw/ipfw.sh"
--------------------------------------------------------------
сделал
#kilall -hup inetd
проверил открыты ли порты на локальной машине
#nmap -v 10.0.0.2
--------------------------------------------------------------
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-11-26 12:46 MSK
Initiating SYN Stealth Scan against 10.0.0.2 [1663 ports] at 12:46
Discovered open port 53/tcp on 10.0.0.2
Discovered open port 3389/tcp on 10.0.0.2
Discovered open port 389/tcp on 10.0.0.2
Discovered open port 636/tcp on 10.0.0.2
Discovered open port 3372/tcp on 10.0.0.2
Discovered open port 1029/tcp on 10.0.0.2
Discovered open port 464/tcp on 10.0.0.2
Discovered open port 3269/tcp on 10.0.0.2
Discovered open port 445/tcp on 10.0.0.2
Discovered open port 4899/tcp on 10.0.0.2
Discovered open port 3268/tcp on 10.0.0.2
Discovered open port 139/tcp on 10.0.0.2
Discovered open port 9876/tcp on 10.0.0.2
Discovered open port 1026/tcp on 10.0.0.2
Discovered open port 1080/tcp on 10.0.0.2
Discovered open port 593/tcp on 10.0.0.2
Discovered open port 88/tcp on 10.0.0.2
Discovered open port 135/tcp on 10.0.0.2
The SYN Stealth Scan took 0.70s to scan 1663 total ports.
Host 10.0.0.2 appears to be up ... good.
Interesting ports on 10.0.0.2:
(The 1645 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
53/tcp open domain
88/tcp open kerberos-sec
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
1026/tcp open LSA-or-nterm
1029/tcp open ms-lsa
1080/tcp open socks
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3372/tcp open msdtc
3389/tcp open ms-term-serv
4899/tcp open radmin
9876/tcp open sd
MAC Address: (Asustek Computer)
Nmap finished: 1 IP address (1 host up) scanned in 1.876 seconds
Raw packets sent: 1665 (66.6KB) | Rcvd: 1664 (76.5KB)
----------------------------------------
что самое интересное
#nmap -v my_real_ip
----------------------------------------
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-11-26 12:49 MSK
Initiating SYN Stealth Scan against mail.dnb.spb.ru (my_real_ip) [1663 ports] at 12:49
Discovered open port 25/tcp on my_real_ip
Discovered open port 21/tcp on my_real_ip
Discovered open port 80/tcp on my_real_ip
Discovered open port 22/tcp on my_real_ip
Discovered open port 587/tcp on my_real_ip
Increasing send delay for my_real_ip from 0 to 5 due to max_successful_tryno increase to 4
Discovered open port 110/tcp on my_real_ip
The SYN Stealth Scan took 14.23s to scan 1663 total ports.
Host my_real_ip (my_real_ip) appears to be up ... good.
Interesting ports on my_real_ip (my_real_ip):
(The 1657 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
110/tcp open pop3
587/tcp open submission
Nmap finished: 1 IP address (1 host up) scanned in 14.419 seconds
Raw packets sent: 1900 (76KB) | Rcvd: 3569 (143KB)
----------------------------------------------------------
Т.е. порты 4899 и 3389 не открыты, ну тут можно обяснить это тем что всетаки нет сервисов
которые слушают эти порты.
делаю
#tcpdump -i rl0 > fwd.log
Пытаюсь залесть по radmin and mstsc, не лезет.
логи
---------------------------------------
# cat fwd.log | grep rdp
12:55:44.691824 IP remote_ip.4302 > my_real_ip.rdp: S 93790851:93790851(0) win 65535 <mss 1460,nop,nop,sackOK>
12:55:44.692248 IP my_real_ip.rdp > remote_ip.4302: R 0:0(0) ack 93790852 win 0
12:55:45.329284 IP remote_ip.4302 > my_real_ip.rdp: S 93790851:93790851(0) win 65535 <mss 1460,nop,nop,sackOK>
12:55:45.329681 IP my_real_ip.rdp > remote_ip.4302: R 0:0(0) ack 1 win 0
12:55:45.766400 IP remote_ip.4302 > my_real_ip.rdp: S 93790851:93790851(0) win 65535 <mss 1460,nop,nop,sackOK>
12:55:45.766761 IP my_real_ip.rdp > remote_ip.4302: R 0:0(0) ack 1 win 0
# cat fwd.log | grep radmin
12:55:24.452786 IP remote_ip.4301 > my_real_ip.radmin: S 178054994:178054994(0) win 65535 <mss 1460,nop,nop,sackOK>
12:55:24.453181 IP my_real_ip.radmin > remote_ip.4301: R 0:0(0) ack 178054995 win 0
12:55:24.873878 IP remote_ip.4301 > my_real_ip.radmin: S 178054994:178054994(0) win 65535 <mss 1460,nop,nop,sackOK>
12:55:24.874159 IP my_real_ip.radmin > remote_ip.4301: R 0:0(0) ack 1 win 0
12:55:25.419917 IP remote_ip.4301 > my_real_ip.radmin: S 178054994:178054994(0) win 65535 <mss 1460,nop,nop,sackOK>
12:55:25.420286 IP my_real_ip.radmin > remote_ip.4301: R 0:0(0) ack 1 win 0
-----------------------------------------
Я в панике :( ничего не понимаю
