[FUGSPBR] Ajuda - Ipnat

Marcus Voloch bsd em voloch.net
Qui Mar 13 16:56:58 BRT 2003


desculpem se eu estiver falando uma tremenda besteira, mas para usar o
IPNAT, nao devemos usar em conjunto o IPF?

ipfilter_enable="YES"
ipfilter_rules="/etc/ipf.rules"
ipfilter_flags=""
ipnat_enable="YES"
ipnat_flags="-CF"
ipnat_rules="/etc/ipnat.rules"
ipmon_enable="YES"
ipmon_flags="-D /var/log/ipflog"


eu uso assim e funciona às 1000 maravilhas.

sds

----- Original Message -----
From: "Assessor Sistemas" <assessorsis em terra.com.br>
To: "Grupo Brasileiro de Usuarios FreeBSD" <fugspbr em fugspbr.org>
Sent: Thursday, March 13, 2003 3:35 PM
Subject: Re: [FUGSPBR] Ajuda - Ipnat


O meu rc.conf

firewall_enable=NO

#defaultrouter="10.0.0.138"
gateway_enable="YES"
hostname="assessor.lan"
network_interfaces="ed0 ed1 lo0"
ifconfig_ed0="inet 10.0.0.139 netmask 255.0.0.0 broadcast 10.0.0.255" #
media
10BaseT/UTP
ifconfig_ed1="inet 192.168.0.1 netmask 255.0.0.0" # media 10BaseT/UTP
kern_securelevel_enable="NO"

keymap="br275.iso.acc"
keyrate="fast"
moused_port="/dev/cuaa0"
moused_type="microsoft"
moused_enable="YES"

icmp_bmcastecho="YES"

nfs_reserved_port_only="YES"
sendmail_enable="YES"
sshd_enable="YES"
usbd_enable="NO"

ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="NO"
ppp_profile="default"

**********************************************************************

O meu kernel

machine i386
cpu I586_CPU
ident GENERIC
maxusers 96

options MATH_EMULATE
options INET
options FFS
options FFS_ROOT
options SOFTUPDATES
options UFS_DIRHASH
options MFS
options MD_ROOT
options NFS
options NFS_ROOT
options MSDOSFS
options CD9660
options CD9660_ROOT
options PROCFS
options COMPAT_43
options UCONSOLE
options USERCONFIG
options VISUAL_USERCONFIG
options KTRACE
options SYSVSHM
options SYSVMSG
options SYSVSEM
options P1003_1B
#options _KPOSIX_PRIORITY_SCHEDULING
#options KBD_INSTALL_CDEV
#options AHC_REG_PRETTY_PRINT
#options AHD_REG_PRETTY_PRINT

#options PMAP_SHPGPERPROC=201

#options IPFIREWALL
#options IPFIREWALL_DEFAULT_TO_ACCEPT
#options IPFIREWALL_VERBOSE
#options IPFIREWALL_VERBOSE_LIMIT=10
#options IPFIREWALL_FORWARD

#options IPDIVERT

options IPFILTER
options IPFILTER_LOG

options TCP_DROP_SYNFIN
options ICMP_BANDLIM

device isa
device pci

# Floppy drives
device fdc0 at isa? port IO_FD1 irq 6 drq 2
device fd0 at fdc0 drive 0
device fd1 at fdc0 drive 1

# ATA and ATAPI devices
device ata0 at isa? port IO_WD1 irq 14
device ata1 at isa? port IO_WD2 irq 15
device ata
device atadisk # ATA disk drives
device atapicd # ATAPI CDROM drives
device atapifd # ATAPI floppy drives
device atapist # ATAPI tape drives
options ATA_STATIC_ID #Static device numbering

# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc0 at isa? port IO_KBD
device atkbd0 at atkbdc? irq 1 flags 0x1
device psm0 at atkbdc? irq 12

device vga0 at isa?

# splash screen/screen saver
pseudo-device splash

# syscons is the default console driver, resembling an SCO console
device sc0 at isa? flags 0x100

# Floating point support - do not disable.
device npx0 at nexus? port IO_NPX irq 13

# Power management support (see LINT for more options)
device apm0 at nexus? disable flags 0x20 # Advanced Power Management

# Serial (COM) ports
device sio0 at isa? port IO_COM1 flags 0x10 irq 4
device sio1 at isa? port IO_COM2 irq 3

# Placa Ne1000,Ne2000
device          miibus
device          ed0 at isa? port 0x280 irq 10 iomem 0xd8000

# Pseudo devices - the number indicates how many units to allocate.
pseudo-device loop # Network loopback
pseudo-device ether # Ethernet support
pseudo-device sl 1 # Kernel SLIP
pseudo-device ppp 1 # Kernel PPP
pseudo-device tun 4 # Packet tunnel.
pseudo-device pty # Pseudo-ttys (telnet etc)
pseudo-device md # Memory "disks"
pseudo-device gif # IPv6 and IPv4 tunneling
pseudo-device faith 1 # IPv6-to-IPv4 relaying (translation)
pseudo-device   speaker

#Berkeley packet filter (para funcionar DHCP-BOOT)
#pseudo-device bpf

**********************************************************************

Espero que isto ajude...

Muito Obrigado pela atenção

Grato
Alessandro

************************************************************************
Em Qui 13 Mar 2003 14:25, Márcio Luciano escreveu:
> Faz o seguinte envio-nos o eu kernel e o seu rc.conf
> T+
> Márcio
>
>
> _______________________________________________________________
> Sair da Lista: http://www2.fugspbr.org/mailman/listinfo/fugspbr
> Historico: http://www4.fugspbr.org/lista/html/FUG-BR/

_______________________________________________________________
Sair da Lista: http://www2.fugspbr.org/mailman/listinfo/fugspbr
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/

_______________________________________________________________
Sair da Lista: http://www2.fugspbr.org/mailman/listinfo/fugspbr
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/



Mais detalhes sobre a lista de discussão freebsd