natd problema

Ferenc Szentpétery szefe at lino.kvif.hu
1999. Már. 8., H, 09:15:48 CET 

Sziasztok!

A kovetkezo problemam van 2.2.7-en:

Szeretnek egy belso halorol ftp-zni a FreeBSD routeren at natd-vel, de nem mukodik:
A kovetkezoket csinaltam:

natd -n tx0    (tx0 az interfesz a internet fele)
ipfw add 1000 divert natd all from 192.168.227.201 to ftp.sztaki.hu

A forrascim itt egy tavoli modemes gep, de az ethernet belso halorol sem
mukodik a dolog:

ipfw show

01000          8        480 divert 8668 ip from 192.168.227.201 to 193.225.86.1
64199       5812     505302 allow ip from any to any via lo0
64200          0          0 deny ip from any to 127.0.0.0/8
65000      57415   12534134 allow ip from any to any
65535          0          0 deny ip from any to any

Itt jelzi, hogy mentek packetek a natd fele, az ftp, ping, stb, de a kliensen timeouttal
all le az ftp, ping, stb.

ifconfig -a

tx0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 193.224.167.1 netmask 0xffffff00 broadcast 193.224.167.255
        ether 00:e0:29:29:a2:49
        media: 10baseT/UTP status: active
        supported media: autoselect <hw-loopback> autoselect 100baseTX <full-dup
lex> 100baseTX <hw-loopback> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP <hw
-loopback> 10baseT/UTP
de0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        inet 192.168.3.1 netmask 0xffffff00 broadcast 192.168.3.255
        ether 00:e0:29:2c:7f:70
        media: 10baseT/UTP status: active
        supported media: autoselect 10base5/AUI 10base2/BNC 10baseT/UTP <full-du
plex> 10baseT/UTP
tx1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
        ether 00:e0:29:29:a2:4e
        media: 10baseT/UTP status: active
        supported media: autoselect <hw-loopback> autoselect 100baseTX <full-dup
lex> 100baseTX <hw-loopback> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP <hw
-loopback> 10baseT/UTP
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
        inet 192.168.227.202 --> 192.168.227.201 netmask 0xffffffff

Masik pelda:

ipfw add 1000 divert natd udp from 192.168.227.201 ftp to ftp.sztaki.hu

ipfw show

01000          0          0 divert 8668 udp from 192.168.227.201 21 to 193.225.8
6.1
64199       7514     624126 allow ip from any to any via lo0
64200          0          0 deny ip from any to 127.0.0.0/8
65000      64469   13443272 allow ip from any to any
65535          0          0 deny ip from any to any

Itt meg csak nem is jelzi, hogy atmentek volna a packetek.

A kernel conf. file idevago reszlete:

options         IPFIREWALL
options         IPFIREWALL_VERBOSE
options         IPFIREWALL_VERBOSE_LIMIT=10
options         IPDIVERT

Magarol a FreeBSD-rol lehet ftp-zni barhova, meg minden egyeb is mukodik.

Mi rontottam el?

SzeFe

További információk a(z) BSD levelezőlistáról