fenixna

2015-09-26 09:38:14

firewall.conf

!/bin/sh

# netflow stats

/usr/local/sbin/softflowd -i em2 -n 192.168.56.93:42111

# firewall command

FwCMD="/sbin/ipfw"

${FwCMD} -f flush

# Networks define

${FwCMD} table all flush

${FwCMD} table 2 add 172.16.0.0/22

${FwCMD} table 3 add 172.16.3.0/24

${FwCMD} table 4 add 172.16.4.0/24

${FwCMD} table 5 add 172.16.5.0/24

${FwCMD} table 6 add 172.16.6.0/24

#${FwCMD} table 9 add DHCP/32

${FwCMD} table 9 add 192.168.56.0/24

${FwCMD} add 2 deny udp from any to any 139

#NAT

${FwCMD} nat 1 config log if em1.3 reset same_ports

${FwCMD} add 6000 nat 1 ip from table$3$ to not table$9$ via em1.3

#${FwCMD} add 6001 nat 1 ip from any to DHCP via em1.3

# in 6001 rule must be my external IP

${FwCMD} nat 2 config log if em1.5 reset same_ports

${FwCMD} add 6010 nat 2 ip from table$5$ to not table$9$ via em1.5

${FwCMD} add 6011 nat 2 ip from any to 2.2.2.2 via em1.5

${FwCMD} add 6012 allow all from 172.16.5.0/24 to me via em1.5

${FwCMD} add 6013 allow all from me to 172.16.5.0/24 via em1.5

# in 6001 rule must be my external IP

${FwCMD} nat 3 config log if em1.6 reset same_ports

#${FwCMD} nat 3 config log ip 1.1.2.2

${FwCMD} add 6020 nat 3 log ip from table$6$ to not table$9$

${FwCMD} add 6021 fwd 1.1.1.1 log all from 1.1.2.2 to any

${FwCMD} add 6022 nat 3 log ip from any to any in via em1.6

#${FwCMD} add 6022 allow all from 172.16.6.0/24 to me via em1.6

#${FwCMD} add 6023 allow all from me to 172.16.6.0/24 via em1.6

# in 6001 rule must be my external IP

rc.conf

hostname="ubilling"

ifconfig_em0="192.168.56.94/24"

ifconfig_em1="UP"

vlans_em1="3 4 5 6"

ifconfig_em1_4="DHCP"

ifconfig_em1_5="DHCP"

ifconfig_em1_6="DHCP"

ifconfig_em2="172.16.1.1/24"

ifconfig_em2_alias0="inet 172.16.5.1 netmask 255.255.255.0"

ifconfig_em2_alias1="inet 172.16.6.1 netmask 255.255.255.0"

ifconfig_em2_alias2="inet 172.32.0.1 netmask 255.255.240.0"

ifconfig_em2_alias3="inet 172.16.4.1 netmask 255.255.255.0"

sshd_enable="YES"

radiusd_enable="YES"

snmptrapd_enable="YES"

snmptrapd_flags="-On -A -c /usr/local/etc/snmptrapd.conf"

powerd_enable="YES"

local_unbound_enable="YES"

# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable

dumpdev="AUTO"

# ====== added by UBinstaller ====

завелось все через natd

File:firewall.conf Col:0 =2469 bytes 19%

${FwCMD} add 1 allow all from 172.16.3.1 to any

${FwCMD} add 1 allow all from 172.16.4.1 to any

${FwCMD} add 1 allow all from 172.16.5.1 to any

${FwCMD} add 1 allow all from 172.16.6.1 to any

${FwCMD} add 2 deny udp from any to any 137

${FwCMD} add 2 deny udp from any to any 139

#NAT

#${FwCMD} nat 1 config log if em1.3 reset same_ports

#${FwCMD} add 6000 nat 1 ip from table$3$ to not table$9$ via em1.3

#${FwCMD} add 6001 nat 1 ip from any to DHCP via em1.3

# prov1

${FwCMD} add 6010 divert 8669 log ip from table$5$ to not table$9$

${FwCMD} add 6011 fwd 2.2.1.1 log all from 2.2.2.2 to any

${FwCMD} add 6012 divert 8669 log ip from any to any in via em1.5

# prov2

${FwCMD} add 6020 divert 8668 log ip from table$6$ to not table$9$

${FwCMD} add 6021 fwd 1.1.1.1 log all from 1.1.2.2 to any

${FwCMD} add 6022 divert 8668 log ip from any to any in via em1.6

2015-09-26 09:09:58

firewall.conf

!/bin/sh

# netflow stats

/usr/local/sbin/softflowd -i em2 -n 192.168.56.93:42111

# firewall command

FwCMD="/sbin/ipfw"

${FwCMD} -f flush

# Networks define

${FwCMD} table all flush

${FwCMD} table 2 add 172.16.0.0/22

${FwCMD} table 3 add 172.16.3.0/24

${FwCMD} table 4 add 172.16.4.0/24

${FwCMD} table 5 add 172.16.5.0/24

${FwCMD} table 6 add 172.16.6.0/24

#${FwCMD} table 9 add DHCP/32

${FwCMD} table 9 add 192.168.56.0/24

${FwCMD} add 2 deny udp from any to any 139

#NAT

${FwCMD} nat 1 config log if em1.3 reset same_ports

${FwCMD} add 6000 nat 1 ip from table$3$ to not table$9$ via em1.3

#${FwCMD} add 6001 nat 1 ip from any to DHCP via em1.3

# in 6001 rule must be my external IP

${FwCMD} nat 2 config log if em1.5 reset same_ports

${FwCMD} add 6010 nat 2 ip from table$5$ to not table$9$ via em1.5

${FwCMD} add 6011 nat 2 ip from any to 2.2.2.2 via em1.5

${FwCMD} add 6012 allow all from 172.16.5.0/24 to me via em1.5

${FwCMD} add 6013 allow all from me to 172.16.5.0/24 via em1.5

# in 6001 rule must be my external IP

${FwCMD} nat 3 config log if em1.6 reset same_ports

#${FwCMD} nat 3 config log ip 1.1.2.2

${FwCMD} add 6020 nat 3 log ip from table$6$ to not table$9$

${FwCMD} add 6021 fwd 1.1.1.1 log all from 1.1.2.2 to any

${FwCMD} add 6022 nat 3 log ip from any to any in via em1.6

#${FwCMD} add 6022 allow all from 172.16.6.0/24 to me via em1.6

#${FwCMD} add 6023 allow all from me to 172.16.6.0/24 via em1.6

# in 6001 rule must be my external IP

rc.conf

hostname="ubilling"

ifconfig_em0="192.168.56.94/24"

ifconfig_em1="UP"

vlans_em1="3 4 5 6"

ifconfig_em1_4="DHCP"

ifconfig_em1_5="DHCP"

ifconfig_em1_6="DHCP"

ifconfig_em2="172.16.1.1/24"

ifconfig_em2_alias0="inet 172.16.5.1 netmask 255.255.255.0"

ifconfig_em2_alias1="inet 172.16.6.1 netmask 255.255.255.0"

ifconfig_em2_alias2="inet 172.32.0.1 netmask 255.255.240.0"

ifconfig_em2_alias3="inet 172.16.4.1 netmask 255.255.255.0"

sshd_enable="YES"

radiusd_enable="YES"

snmptrapd_enable="YES"

snmptrapd_flags="-On -A -c /usr/local/etc/snmptrapd.conf"

powerd_enable="YES"

local_unbound_enable="YES"

# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable

dumpdev="AUTO"

# ====== added by UBinstaller ====

2015-09-04 19:08:09

ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/ISO-IMAGES/9.3/

freebsd 9.3 releases amd64 memstick.img

вот ету я поставил.

2015-09-04 18:59:30

спасибо. подождем)

2015-09-04 18:52:09

и как теперь воевать с ними??

2015-09-04 17:46:40

Building rscriptd for FreeBSD 9

#############################################################################

Checking CC... found

Checking CXX... found

Checking endianess... Little Endian

gmake -C /tmp/nas_preconf/stg/stg-2.408/projects/rscriptd/../../stglibs

gmake[1]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs'

gmake -C logger.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/logger.lib'

c++ -I/usr/local/include -DARCH_LE -fPIC -I ../../include -I . -I ./include -DFREE_BSD5 -DSTG_TIME -c logger.cpp

ar rc libstglogger.a logger.o

ranlib libstglogger.a

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/logger.lib'

gmake -C locker.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/locker.lib'

c++ -I/usr/local/include -DARCH_LE -fPIC -I ../../include -I . -I ./include -DFREE_BSD5 -DSTG_TIME -c locker.cpp

ar rc libstglocker.a locker.o

ranlib libstglocker.a

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/locker.lib'

gmake -C crypto.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/crypto.lib'

cc -DARCH_LE -fPIC -I ../../include -I . -I ./include -DFREE_BSD5 -DSTG_TIME -c ag_md5.c

cc -DARCH_LE -fPIC -I ../../include -I . -I ./include -DFREE_BSD5 -DSTG_TIME -c blowfish.c

ar rc libstgcrypto.a ag_md5.o blowfish.o

ranlib libstgcrypto.a

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/crypto.lib'

gmake -C common.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/common.lib'

c++ -I/usr/local/include -DARCH_LE -fPIC -I ../../include -I . -I ./include -DFREE_BSD5 -DSTG_TIME -c common.cpp

common.cpp: In function 'std::string IconvString(const std::string&, const std::string&, const std::string&)':

common.cpp:937: error: invalid conversion from 'const char**' to 'char**'

common.cpp:937: error: initializing argument 2 of 'size_t libiconv(void*, char**, size_t*, char**, size_t*)'

deps:3: recipe for target 'common.o' failed

gmake[2]: *** [common.o] Error 1

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/common.lib'

Makefile:12: recipe for target 'common.lib' failed

gmake[1]: *** [common.lib] Error 2

gmake[1]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs'

gmake -C /tmp/nas_preconf/stg/stg-2.408/projects/rscriptd/../../stglibs

gmake[1]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs'

gmake -C logger.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/logger.lib'

gmake[2]: Nothing to be done for 'all'.

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/logger.lib'

gmake -C locker.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/locker.lib'

gmake[2]: Nothing to be done for 'all'.

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/locker.lib'

gmake -C crypto.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/crypto.lib'

gmake[2]: Nothing to be done for 'all'.

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/crypto.lib'

gmake -C common.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/common.lib'

c++ -I/usr/local/include -DARCH_LE -fPIC -I ../../include -I . -I ./include -DFREE_BSD5 -DSTG_TIME -c common.cpp

common.cpp: In function 'std::string IconvString(const std::string&, const std::string&, const std::string&)':

common.cpp:937: error: invalid conversion from 'const char**' to 'char**'

common.cpp:937: error: initializing argument 2 of 'size_t libiconv(void*, char**, size_t*, char**, size_t*)'

deps:3: recipe for target 'common.o' failed

gmake[2]: *** [common.o] Error 1

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/common.lib'

Makefile:12: recipe for target 'common.lib' failed

gmake[1]: *** [common.lib] Error 2

gmake[1]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs'

Makefile:41: recipe for target 'libs' failed

gmake: *** [libs] Error 2

gmake -C /tmp/nas_preconf/stg/stg-2.408/projects/rscriptd/../../stglibs

gmake[1]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs'

gmake -C logger.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/logger.lib'

gmake[2]: Nothing to be done for 'all'.

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/logger.lib'

gmake -C locker.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/locker.lib'

gmake[2]: Nothing to be done for 'all'.

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/locker.lib'

gmake -C crypto.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/crypto.lib'

gmake[2]: Nothing to be done for 'all'.

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/crypto.lib'

gmake -C common.lib

gmake[2]: Entering directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/common.lib'

c++ -I/usr/local/include -DARCH_LE -fPIC -I ../../include -I . -I ./include -DFREE_BSD5 -DSTG_TIME -c common.cpp

common.cpp: In function 'std::string IconvString(const std::string&, const std::string&, const std::string&)':

common.cpp:937: error: invalid conversion from 'const char**' to 'char**'

common.cpp:937: error: initializing argument 2 of 'size_t libiconv(void*, char**, size_t*, char**, size_t*)'

deps:3: recipe for target 'common.o' failed

gmake[2]: *** [common.o] Error 1

gmake[2]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs/common.lib'

Makefile:12: recipe for target 'common.lib' failed

gmake[1]: *** [common.lib] Error 2

gmake[1]: Leaving directory '/tmp/nas_preconf/stg/stg-2.408/stglibs'

Увійти

fenixna

Всього повідомлень

Приєднався

Останній візит

Тип контенту

Профили

Форум

Календарь

Сообщения додав fenixna

балансировка нескольких каналов freebsd

балансировка нескольких каналов freebsd

не устанавливается rscriptd на freebsd 9.3x64

не устанавливается rscriptd на freebsd 9.3x64

не устанавливается rscriptd на freebsd 9.3x64

не устанавливается rscriptd на freebsd 9.3x64

Спільнота

Активність