Перейти до

балансировка нескольких каналов freebsd


Рекомендованные сообщения

firewall.conf
!/bin/sh
 
# netflow stats
/usr/local/sbin/softflowd -i em2 -n 192.168.56.93:42111
 
 
# firewall command
FwCMD="/sbin/ipfw"       
 
${FwCMD} -f flush        
 
# Networks define
${FwCMD} table all flush
${FwCMD} table 2 add 172.16.0.0/22
${FwCMD} table 3 add 172.16.3.0/24
${FwCMD} table 4 add 172.16.4.0/24
${FwCMD} table 5 add 172.16.5.0/24
${FwCMD} table 6 add 172.16.6.0/24
#${FwCMD} table 9 add DHCP/32
${FwCMD} table 9 add 192.168.56.0/24
 
 
${FwCMD} add 2 deny udp from any to any 139
 
#NAT
${FwCMD} nat 1 config log if em1.3 reset same_ports
${FwCMD} add 6000 nat 1 ip from table\(3\) to not table\(9\) via em1.3
#${FwCMD} add 6001 nat 1 ip from any to DHCP via em1.3
# in 6001 rule must be my external IP
${FwCMD} nat 2 config log if em1.5 reset same_ports
${FwCMD} add 6010 nat 2 ip from table\(5\) to not table\(9\) via em1.5
${FwCMD} add 6011 nat 2 ip from any to 2.2.2.2 via em1.5
${FwCMD} add 6012 allow all from 172.16.5.0/24 to me via em1.5
${FwCMD} add 6013 allow all from me to 172.16.5.0/24 via em1.5
# in 6001 rule must be my external IP
${FwCMD} nat 3 config log if em1.6 reset same_ports
#${FwCMD} nat 3 config log ip 1.1.2.2
${FwCMD} add 6020 nat 3 log ip from table\(6\) to not table\(9\)
${FwCMD} add 6021 fwd 1.1.1.1 log all from 1.1.2.2 to any
${FwCMD} add 6022 nat 3 log ip from any to any in via em1.6
#${FwCMD} add 6022 allow all from 172.16.6.0/24 to me via em1.6
#${FwCMD} add 6023 allow all from me to 172.16.6.0/24 via em1.6
# in 6001 rule must be my external IP
 
rc.conf
 
hostname="ubilling"
ifconfig_em0="192.168.56.94/24"
ifconfig_em1="UP"
vlans_em1="3 4 5 6"
ifconfig_em1_4="DHCP"
ifconfig_em1_5="DHCP"
ifconfig_em1_6="DHCP"
ifconfig_em2="172.16.1.1/24"
ifconfig_em2_alias0="inet 172.16.5.1 netmask 255.255.255.0"
ifconfig_em2_alias1="inet 172.16.6.1 netmask 255.255.255.0"
ifconfig_em2_alias2="inet 172.32.0.1 netmask 255.255.240.0"
ifconfig_em2_alias3="inet 172.16.4.1 netmask 255.255.255.0"
sshd_enable="YES"
radiusd_enable="YES"
snmptrapd_enable="YES"
snmptrapd_flags="-On -A -c /usr/local/etc/snmptrapd.conf"
powerd_enable="YES"
local_unbound_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
# ====== added by UBinstaller ====
 
 
 
 
 

 

Ссылка на сообщение
Поделиться на других сайтах

 

firewall.conf
!/bin/sh
 
# netflow stats
/usr/local/sbin/softflowd -i em2 -n 192.168.56.93:42111
 
 
# firewall command
FwCMD="/sbin/ipfw"       
 
${FwCMD} -f flush        
 
# Networks define
${FwCMD} table all flush
${FwCMD} table 2 add 172.16.0.0/22
${FwCMD} table 3 add 172.16.3.0/24
${FwCMD} table 4 add 172.16.4.0/24
${FwCMD} table 5 add 172.16.5.0/24
${FwCMD} table 6 add 172.16.6.0/24
#${FwCMD} table 9 add DHCP/32
${FwCMD} table 9 add 192.168.56.0/24
 
 
${FwCMD} add 2 deny udp from any to any 139
 
#NAT
${FwCMD} nat 1 config log if em1.3 reset same_ports
${FwCMD} add 6000 nat 1 ip from table\(3\) to not table\(9\) via em1.3
#${FwCMD} add 6001 nat 1 ip from any to DHCP via em1.3
# in 6001 rule must be my external IP
${FwCMD} nat 2 config log if em1.5 reset same_ports
${FwCMD} add 6010 nat 2 ip from table\(5\) to not table\(9\) via em1.5
${FwCMD} add 6011 nat 2 ip from any to 2.2.2.2 via em1.5
${FwCMD} add 6012 allow all from 172.16.5.0/24 to me via em1.5
${FwCMD} add 6013 allow all from me to 172.16.5.0/24 via em1.5
# in 6001 rule must be my external IP
${FwCMD} nat 3 config log if em1.6 reset same_ports
#${FwCMD} nat 3 config log ip 1.1.2.2
${FwCMD} add 6020 nat 3 log ip from table\(6\) to not table\(9\)
${FwCMD} add 6021 fwd 1.1.1.1 log all from 1.1.2.2 to any
${FwCMD} add 6022 nat 3 log ip from any to any in via em1.6
#${FwCMD} add 6022 allow all from 172.16.6.0/24 to me via em1.6
#${FwCMD} add 6023 allow all from me to 172.16.6.0/24 via em1.6
# in 6001 rule must be my external IP
 
rc.conf
 
hostname="ubilling"
ifconfig_em0="192.168.56.94/24"
ifconfig_em1="UP"
vlans_em1="3 4 5 6"
ifconfig_em1_4="DHCP"
ifconfig_em1_5="DHCP"
ifconfig_em1_6="DHCP"
ifconfig_em2="172.16.1.1/24"
ifconfig_em2_alias0="inet 172.16.5.1 netmask 255.255.255.0"
ifconfig_em2_alias1="inet 172.16.6.1 netmask 255.255.255.0"
ifconfig_em2_alias2="inet 172.32.0.1 netmask 255.255.240.0"
ifconfig_em2_alias3="inet 172.16.4.1 netmask 255.255.255.0"
sshd_enable="YES"
radiusd_enable="YES"
snmptrapd_enable="YES"
snmptrapd_flags="-On -A -c /usr/local/etc/snmptrapd.conf"
powerd_enable="YES"
local_unbound_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
# ====== added by UBinstaller ====
 
 
 
 
 

 

завелось все через natd

File:firewall.conf       Col:0 =2469 bytes                                  19% 
${FwCMD} add 1 allow all from 172.16.3.1 to any
${FwCMD} add 1 allow all from 172.16.4.1 to any
${FwCMD} add 1 allow all from 172.16.5.1 to any
${FwCMD} add 1 allow all from 172.16.6.1 to any
 
${FwCMD} add 2 deny udp from any to any 137
${FwCMD} add 2 deny udp from any to any 139
 
#NAT
#${FwCMD} nat 1 config log if em1.3 reset same_ports
#${FwCMD} add 6000 nat 1 ip from table\(3\) to not table\(9\) via em1.3
#${FwCMD} add 6001 nat 1 ip from any to DHCP via em1.3
# prov1
${FwCMD} add 6010 divert 8669 log ip from table\(5\) to not table\(9\)
${FwCMD} add 6011 fwd 2.2.1.1 log all from 2.2.2.2 to any
${FwCMD} add 6012 divert 8669 log ip from any to any in via em1.5
# prov2
${FwCMD} add 6020 divert 8668 log ip from table\(6\) to not table\(9\)
${FwCMD} add 6021 fwd 1.1.1.1 log all from 1.1.2.2 to any
${FwCMD} add 6022 divert 8668 log ip from any to any in via em1.6
Ссылка на сообщение
Поделиться на других сайтах

Создайте аккаунт или войдите в него для комментирования

Вы должны быть пользователем, чтобы оставить комментарий

Создать аккаунт

Зарегистрируйтесь для получения аккаунта. Это просто!

Зарегистрировать аккаунт

Вхід

Уже зарегистрированы? Войдите здесь.

Войти сейчас
  • Зараз на сторінці   0 користувачів

    Немає користувачів, що переглядають цю сторінку.

×
×
  • Створити нове...