bolelshik

Мне лично? Мне лично никаких логов не нужно. А что показать, для нормальной диагностики вашей проблемы - я уже четко озвучил. Не вижу смысла повторяться. Могу удаленку подключить, просто не очень понимаю в чем дело. Напрямую работает, а через усилитель почему-то нет. IP же получает, почему в инет то не выходит не пойму.

вот клиент получил ip: Aug 14 17:12:39 srv dhcpd: DHCPDISCOVER from 88:ae:1d:82:0d:e0 via re2 Aug 14 17:12:39 srv dhcpd: DHCPOFFER on 172.16.0.9 to 88:ae:1d:82:0d:e0 via re2 Aug 14 17:12:39 srv dhcpd: uid lease 172.32.0.185 for client 88:ae:1d:82:0d:e0 is duplicate on ourisp а дальше по моему разумению должен выходить в инет, а вот если клиент цепляется сразу к вышке без повторителя, то все просто летает и проблем нет. какие еще логи показать?

Тип nas local nas, левые ip потому что работает uhw, а вот после того как клиент через повторитель получает ip который позволяет ему выйти в интернет, выйти в интернет не может. такое подозрение что сам биллинг не пускает в инет. режим пророка ON] включите RESET_AO=1 и MACCHGDOUBLEKILL=1 [/режим пророка OFF] включил тоже не работает

Добрый день всем. Прблема такая, подключаю клиента через мост wds, клиент с биллинга получает левые ip все отлично, как только я его регистрирую в интернет клиент выйти не может, в чем проблема?

Все вышеописанные службы вполне могут работать на одном компьютере. В своем последнем проекте я их все использовал. Опиши подробнее, что и как не работает. Попробую помочь. Хочу настроить named.conf таким образом чтобы у меня был внутренний DNS и чтобы работали завороты Локальная сетка billing 172.16.0.1/24, nas 172.16.1.1/24 Внешняя сетка 192.168.0.98 -billing, nas- 192.168.0.71 DNS - 192.168.0.80; 192.168.0.85 Конфигурация named.conf: // $FreeBSD: releng/9.3/etc/namedb/named.conf 254270 2013-08-13 06:25:17Z erwin $ // // Refer to the named.conf(5) and named(8) man pages, and the documentation // in /usr/share/doc/bind9 for more details. // // If you are going to set up an authoritative server, make sure you // understand the hairy details of how DNS works. Even with // simple mistakes, you can break connectivity for affected parties, // or cause huge amounts of useless Internet traffic. options { // All file and path names are relative to the chroot directory, // if any, and should be fully qualified. directory "/etc/namedb/working"; pid-file "/var/run/named/pid"; dump-file "/var/dump/named_dump.db"; statistics-file "/var/stats/named.stats"; // If named is being used only as a local resolver, this is a safe default. // For named to be accessible to the network, comment this option, specify // the proper IP address, or delete this option. listen-on { 127.0.0.1; 172.32.0.1; 172.16.0.1; 172.16.1.1;}; // If you have IPv6 enabled on this system, uncomment this option for // use as a local resolver. To give access to the network, specify // an IPv6 address, or the keyword "any". // listen-on-v6 { ::1; }; // These zones are already covered by the empty zones listed below. // If you remove the related empty zones below, comment these lines out. disable-empty-zone "255.255.255.255.IN-ADDR.ARPA"; disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; // If you've got a DNS server around at your upstream provider, enter // its IP address here, and enable the line below. This will make you // benefit from its cache, thus reduce overall DNS traffic in the Internet. /* forwarders { 127.0.0.1; 172.16.0.1; 192.168.0.80; 192.168.0.85; }; */ // If the 'forwarders' clause is not empty the default is to 'forward first' // which will fall back to sending a query from your local server if the name // servers in 'forwarders' do not have the answer. Alternatively you can // force your name server to never initiate queries of its own by enabling the // following line: // forward only; // If you wish to have forwarding configured automatically based on // the entries in /etc/resolv.conf, uncomment the following line and // set named_auto_forward=yes in /etc/rc.conf. You can also enable // named_auto_forward_only (the effect of which is described above). // include "/etc/namedb/auto_forward.conf"; /* Modern versions of BIND use a random UDP port for each outgoing query by default in order to dramatically reduce the possibility of cache poisoning. All users are strongly encouraged to utilize this feature, and to configure their firewalls to accommodate it. AS A LAST RESORT in order to get around a restrictive firewall policy you can try enabling the option below. Use of this option will significantly reduce your ability to withstand cache poisoning attacks, and should be avoided if at all possible. Replace NNNNN in the example with a number between 49160 and 65530. */ // query-source address * port NNNNN; }; // If you enable a local name server, don't forget to enter 127.0.0.1 // first in your /etc/resolv.conf so this server will be queried. // Also, make sure to enable it in /etc/rc.conf. //allow-query {"kletskaya"; };" // The traditional root hints mechanism. Use this, OR the slave zones below. zone "." { type hint; file "/etc/namedb/named.root"; }; /* Slaving the following zones from the root name servers has some significant advantages: 1. Faster local resolution for your users 2. No spurious traffic will be sent from your network to the roots 3. Greater resilience to any potential root server failure/DDoS On the other hand, this method requires more monitoring than the hints file to be sure that an unexpected failure mode has not incapacitated your server. Name servers that are serving a lot of clients will benefit more from this approach than individual hosts. Use with caution. To use this mechanism, uncomment the entries below, and comment the hint zone above. As documented at http://dns.icann.org/services/axfr/these zones: "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET are availble for AXFR from these servers on IPv4 and IPv6: xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org */ /* zone "." { type slave; file "/etc/namedb/slave/root.slave"; masters { 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; zone "arpa" { type slave; file "/etc/namedb/slave/arpa.slave"; masters { 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; */ /* Serving the following zones locally will prevent any queries for these zones leaving your network and going to the root name servers. This has two significant advantages: 1. Faster local resolution for your users 2. No spurious traffic will be sent from your network to the roots */ // RFCs 1912, 5735 and 6303 (and BCP 32 for localhost) zone "localhost" { type master; file "/etc/namedb/master/localhost-forward.db"; }; zone "127.in-addr.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; }; zone "255.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // RFC 1912-style zone for IPv6 localhost address (RFC 6303) zone "0.ip6.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; }; // "This" Network (RFCs 1912, 5735 and 6303) zone "0.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // Private Use Networks (RFCs 1918, 5735 and 6303) zone "10.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "16.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "17.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "18.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "19.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "20.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "21.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "22.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "23.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "24.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "25.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "26.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "27.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "28.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "29.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "30.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "31.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "168.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // Shared Address Space (RFC 6598) zone "64.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "65.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "66.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "67.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "68.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "69.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "70.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "71.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "72.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "73.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "74.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "75.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "76.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "77.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "78.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "79.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "80.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "81.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "82.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "83.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "84.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "85.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "86.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "87.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "88.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "89.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "90.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "91.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "92.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "93.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "94.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "95.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "96.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "97.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "98.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "99.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "100.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "101.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "102.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "103.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "104.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "105.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "106.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "107.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "108.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "109.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "110.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "111.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "112.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "113.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "114.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "115.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "116.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "117.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "118.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "119.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "120.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "121.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "122.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "123.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "124.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "125.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "126.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "127.100.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // Link-local/APIPA (RFCs 3927, 5735 and 6303) zone "254.169.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IETF protocol assignments (RFCs 5735 and 5736) zone "0.0.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303) zone "2.0.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "100.51.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "113.0.203.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IPv6 Example Range for Documentation (RFCs 3849 and 6303) zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // Domain Names for Documentation and Testing (BCP 32) zone "test" { type master; file "/etc/namedb/master/empty.db"; }; zone "example" { type master; file "/etc/namedb/master/empty.db"; }; zone "invalid" { type master; file "/etc/namedb/master/empty.db"; }; zone "example.com" { type master; file "/etc/namedb/master/empty.db"; }; zone "example.net" { type master; file "/etc/namedb/master/empty.db"; }; zone "example.org" { type master; file "/etc/namedb/master/empty.db"; }; // Router Benchmark Testing (RFCs 2544 and 5735) zone "18.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "19.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IANA Reserved - Old Class E Space (RFC 5735) zone "240.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "241.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "242.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "243.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "244.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "245.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "246.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "247.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "248.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "249.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "250.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "251.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "252.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "253.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "254.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IPv6 Unassigned Addresses (RFC 4291) zone "1.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "3.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "4.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "5.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "6.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "7.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "8.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "9.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "a.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "b.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "c.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "d.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "e.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "0.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "7.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "8.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "9.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "a.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "b.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "0.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "1.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "2.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "3.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "4.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "5.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "6.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "7.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IPv6 ULA (RFCs 4193 and 6303) zone "c.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "d.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IPv6 Link Local (RFCs 4291 and 6303) zone "8.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "9.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "a.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "b.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303) zone "c.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "d.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "e.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; zone "f.e.f.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; }; // IP6.INT is Deprecated (RFC 4159) zone "ip6.int" { type master; file "/etc/namedb/master/empty.db"; }; // NB: Do not use the IP addresses below, they are faked, and only // serve demonstration/documentation purposes! // // Example slave zone config entries. It can be convenient to become // a slave at least for the zone your own domain is in. Ask // your network administrator for the IP address of the responsible // master name server. // // Do not forget to include the reverse lookup zone! // This is named after the first bytes of the IP address, in reverse // order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6. // // Before starting to set up a master zone, make sure you fully // understand how DNS and BIND work. There are sometimes // non-obvious pitfalls. Setting up a slave zone is usually simpler. // // NB: Don't blindly enable the examples below. :-) Use actual names // and addresses instead. /* An example dynamic zone key "exampleorgkey" { algorithm hmac-md5; secret "sf87HJqjkqh8ac87a02lla=="; }; zone "example.org" { type master; allow-update { key "exampleorgkey"; }; file "/etc/namedb/dynamic/example.org"; }; */ /* Example of a slave reverse zone zone "1.168.192.in-addr.arpa" { type slave; file "/etc/namedb/slave/1.168.192.in-addr.arpa"; masters { 192.168.1.1; }; }; */ //Logging logging { channel syslog { syslog daemon; severity info; print-category yes; print-severity yes; }; };

07 авг 2015 - 10:32 AM DemonidZe писал: 07 авг 2015 - 09:47 AM bolelshik писал: да вот в том то и дело что пытаюсь настроить чтобы и DNS и UHW и SIGNUP2 работали одновременно, но пока не получается. Либо DNS работает либо перенаправление и заявки на подключение. странно как это у вас обсолютно несвязанные службы не работают вместе. а там скорее всего днс висит на 172.32.0.1 + плюс fwd для uhw по 172.32.0.0/20 другой связи я не вижу ну да именно так, вот и думаю как все в одно слить

да вот в том то и дело что пытаюсь настроить чтобы и DNS и UHW и SIGNUP2 работали одновременно, но пока не получается. Либо DNS работает либо перенаправление и заявки на подключение.

Добрый день! Понимаю что нельзя устанавливать все на одной машине, но как говорится нужно, все работает и устраивает только не могу нормально настроить DNS так чтобы работало перенаправление должников и заявки на подключение и DNS еще. Или обязательно на отдельной машине ставить DNS?

спасибо

поле USER_LINKING_CFID создал, но ничего не изменилось

Добрый день! Пытаюсь воспользоваться дополнительным сервисом ниже кусок лога alter.ini, но никаких чумуданов не появляется, как быть? версия биллинга 0.6.8 ONLINE_LAT=0 ;Enable masssender? MASSSEND_ENABLED=0 ;Native ticketing massender mode MASSSEND_SAFE=1 ; credit limit STRICT_CREDIT_LIMIT=DISABLED ; user linking enabled? USER_LINKING_ENABLED=1 ; which field used to linking users (IP, login... etc) USER_LINKING_FIELD="IP" ;Custom field ID for linking USER_LINKING_CFID=24 ; merge tariff for linked users USER_LINKING_TARIFF=1 ; merge user cash USER_LINKING_CASH=1 ; merge credit USER_LINKING_CREDIT=1

спасибо. все заработало.

добавил редирект но все равно не работает. ${FwCMD} add 4 allow ip from table\(2\) to 8.8.8.8 dst-port 53 via sk0 ${FwCMD} add 4 allow ip from 8.8.8.8 to table\(2\) src-port 53 via sk0 ${FwCMD} add 4 allow ip from table\(2\) to me dst-port 80 via sk0 ${FwCMD} add 4 allow ip from me to table\(2\) src-port 80 via sk0 ${FwCMD} add 6 fwd 172.16.0.1,80 ip from table\(47\) to not me dst-port 80 ${FwCMD} delete 65534 2) даже не задумывался об этом.

Добрый день всем. Есть 2 сервера один биллинг второй nas(rscriptd), так вот когда у клиента(на nas) деньги есть все работает замечательно, как только уходит в минус не работает переадресация должников при это на биллинге все пашет как часы, в чем проблема? firewall.conf(billng) #!/bin/sh # firewall command FwCMD="/sbin/ipfw -q" ${FwCMD} -f flush # Interfaces setup LAN_IF="re2" WAN_IF="re0" # Networks define ${FwCMD} table 2 add 172.16.0.0/20 #NAT ${FwCMD} nat 1 config log if ${WAN_IF} reset same_ports ${FwCMD} add 6000 nat 1 ip from table\(2\) to not table\(9\) out xmit ${WAN_IF} ${FwCMD} add 6001 nat 1 ip from any to me in recv ${WAN_IF} #Shaper - table 4 download speed, table 3 - upload speed ${FwCMD} add 12001 pipe tablearg ip from any to table\(4\) via ${LAN_IF} out ${FwCMD} add 12000 pipe tablearg ip from table\(3\) to any via ${LAN_IF} in # default block policy ${FwCMD} add 65533 deny all from table\(2\) to any via ${LAN_IF} ${FwCMD} add 65534 deny all from any to table\(2\) via ${LAN_IF} ${FwCMD} add 65535 allow all from any to any #Debtors forwarding ${FwCMD} add 4 allow ip from table\(2\) to 8.8.8.8 dst-port 53 via ${LAN_IF} ${FwCMD} add 4 allow ip from 8.8.8.8 to table\(2\) src-port 53 via ${LAN_IF} ${FwCMD} add 4 allow ip from table\(2\) to me dst-port 80 via ${LAN_IF} ${FwCMD} add 4 allow ip from me to table\(2\) src-port 80 via ${LAN_IF} ${FwCMD} add 6 fwd 127.0.0.1,80 ip from table\(47\) to not me dst-port 80 ${FwCMD} delete 65534 #Unknow user redirect ${FwCMD} add 5 fwd 127.0.0.1,80 ip from 172.32.0.0/20 to not me dst-port 80 ${FwCMD} add 8 allow ip from 172.32.0.0/20 to 8.8.8.8 dst-port 53 via ${LAN_IF} ${FwCMD} add 8 allow ip from 8.8.8.8 to 172.32.0.0/20 src-port 53 via ${LAN_IF} firewall.conf(nas) #!/bin/sh # netflow stats /usr/local/sbin/softflowd -i sk0 -n 192.168.56.90:42111 # firewall command FwCMD="/sbin/ipfw -q" ${FwCMD} -f flush # Networks define ${FwCMD} table 2 add 172.16.0.0/21 ${FwCMD} table 9 add 172.16.0.0/21 ${FwCMD} table 9 add 192.168.0.73/32 #NAT ${FwCMD} nat 1 config log if re1 reset same_ports ${FwCMD} add 6000 nat 1 ip from table\(2\) to not table\(9\) via re1 ${FwCMD} add 6001 nat 1 ip from any to 192.168.0.73 via re1 # in 6001 rule must be my external IP #Shape ${FwCMD} add 12001 pipe tablearg ip from any to table\(4\) via sk0 out ${FwCMD} add 12000 pipe tablearg ip from table\(3\) to any via sk0 in #security ${FwCMD} add 3 deny ip6 from any to any ${FwCMD} add 101 allow all from 192.168.56.90 to any ${FwCMD} add 101 allow all from any to 192.168.56.90 ${FwCMD} add 101 allow all from 172.16.0.1 to any ${FwCMD} add 101 allow all from any to 172.16.0.1 # allow access to my http for all ${FwCMD} add 62000 allow tcp from any to me dst-port 80 ${FwCMD} add 62000 allow tcp from me to any src-port 80 # default block policy ${FwCMD} add 65533 deny all from table\(2\) to any via sk0 ${FwCMD} add 65534 deny all from any to table\(2\) via sk0 ${FwCMD} add 65535 allow all from any to any # ==== CUSTOM FIREWALL CONFIG ==== ${FwCMD} add 62100 allow tcp from table\(2\) to table\(17\) dst-port 80 ${FwCMD} add 62100 allow tcp from table\(17\) to table\(2\) src-port 80

-VaSaK- да если можно. Заранее спасибо

да в том то и дело, а новых никаких не могу сделать.

поднимал, не помогает. уже всю голову сломал.

а без поднятия работать не будет я так понимаю?

локальный dns не поднимал

неа нету, поменял 172.32.0.1 как посоветовал kissbohda все равно не работает заворот.

global.template: option domain-name "ourisp"; option domain-name-servers 8.8.8.8; default-lease-time 3600; max-lease-time 43200; authoritative; ddns-update-style none; log-facility local7; one-lease-per-client true; deny duplicates; shared-network ourisp { {SUBNETS} ###### Unknown users network subnet 172.32.0.0 netmask 255.255.240.0 { default-lease-time 3600; option domain-name "isp"; option subnet-mask 255.255.240.0; option domain-name-servers 172.32.0.1; option routers 172.32.0.1; range 172.32.0.100 172.32.0.254; } } dhcpd.log DHCPDISCOVER from 00:19:66:dd:91:1f via sk0 DHCPOFFER on 172.32.0.100 to 00:19:66:dd:91:1f (nas) via sk0 DHCPREQUEST for 172.32.0.100 (172.16.0.1) from 00:19:66:dd:91:1f (nas) via sk0 DHCPACK on 172.32.0.100 to 00:19:66:dd:91:1f (nas) via sk0

global.template: option domain-name "ourisp"; option domain-name-servers 8.8.8.8; default-lease-time 3600; max-lease-time 43200; authoritative; ddns-update-style none; log-facility local7; one-lease-per-client true; deny duplicates; shared-network ourisp { {SUBNETS} ###### Unknown users network subnet 172.32.0.0 netmask 255.255.240.0 { default-lease-time 3600; option domain-name "isp"; option subnet-mask 255.255.240.0; option domain-name-servers 172.32.0.1; option routers 172.32.0.1; range 172.32.0.100 172.32.0.254; } } dhcpd.log DHCPDISCOVER from 00:19:66:dd:91:1f via sk0 DHCPOFFER on 172.32.0.100 to 00:19:66:dd:91:1f (nas) via sk0 DHCPREQUEST for 172.32.0.100 (172.16.0.1) from 00:19:66:dd:91:1f (nas) via sk0 DHCPACK on 172.32.0.100 to 00:19:66:dd:91:1f (nas) via sk0

Добрый день, всем! Установил ubilling, пытаюсь разобраться с uhw, новый клиент получает левый ip, mac адрес тоже виден, но не работает заворот что делаю не так? firewall.conf #!/bin/sh # firewall command FwCMD="/sbin/ipfw -q" ${FwCMD} -f flush # Interfaces setup LAN_IF="sk0" WAN_IF="re0" # Networks define ${FwCMD} table 2 add 172.16.0.0/21 #unknown users redirect ${FwCMD} add 5 fwd 127.0.0.1,80 ip from 172.32.0.0/20 to not me dst-port 80 #NAT ${FwCMD} nat 1 config log if ${WAN_IF} reset same_ports ${FwCMD} add 6000 nat 1 ip from table\(2\) to not table\(9\) out xmit ${WAN_IF} ${FwCMD} add 6001 nat 1 ip from any to me in recv ${WAN_IF} #Shaper - table 4 download speed, table 3 - upload speed ${FwCMD} add 12001 pipe tablearg ip from any to table\(4\) via ${LAN_IF} out ${FwCMD} add 12000 pipe tablearg ip from table\(3\) to any via ${LAN_IF} in # default block policy ${FwCMD} add 65533 deny all from table\(2\) to any via ${LAN_IF} ${FwCMD} add 65534 deny all from any to table\(2\) via ${LAN_IF} ${FwCMD} add 65535 allow all from any to any ipfw show: root@billing:~ # ipfw show 00005 0 0 fwd 127.0.0.1,80 ip from 172.32.0.0/20 to not me dst-port 80 06000 0 0 nat 1 ip from table(2) to not table(9) out xmit re0 06001 285 24450 nat 1 ip from any to me in recv re0 12000 0 0 pipe tablearg ip from table(3) to any via sk0 in 12001 0 0 pipe tablearg ip from any to table(4) via sk0 out 65533 0 0 deny ip from table(2) to any via sk0 65534 0 0 deny ip from any to table(2) via sk0 65535 2908 256238 allow ip from any to any