[FUG-BR] Uma ajuda para NAT com PF
Enio Marconcini -:- www.Enio.Pro.Br -:-
eniorm em gmail.com
Quinta Agosto 6 15:04:44 BRT 2009
2009/8/6 Renato Botelho <rbgarga em gmail.com>
> # pfctl -sa
>
> Do seu laptop
>
> # traceroute -n www.uol.com.br
>
> --
> Renato Botelho
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
pfctl -sa gera bastante linhas:
hobbit# pfctl -sa
TRANSLATION RULES:
nat on vge0 from <rede_pref> to any -> (vge0) round-robin
FILTER RULES:
scrub in all fragment reassemble
pass all flags S/SA keep state
No queue in use
INFO:
Status: Disabled for 0 days 00:01:33 Debug: Urgent
State Table Total Rate
current entries 0
searches 0 0.0/s
inserts 0 0.0/s
removals 0 0.0/s
Counters
match 0 0.0/s
bad-offset 0 0.0/s
fragment 0 0.0/s
short 0 0.0/s
normalize 0 0.0/s
memory 0 0.0/s
bad-timestamp 0 0.0/s
congestion 0 0.0/s
ip-option 0 0.0/s
proto-cksum 0 0.0/s
state-mismatch 0 0.0/s
state-insert 0 0.0/s
state-limit 0 0.0/s
src-limit 0 0.0/s
synproxy 0 0.0/s
TIMEOUTS:
tcp.first 120s
tcp.opening 30s
tcp.established 86400s
tcp.closing 900s
tcp.finwait 45s
tcp.closed 90s
tcp.tsdiff 30s
udp.first 60s
udp.single 30s
udp.multiple 60s
icmp.first 20s
icmp.error 10s
other.first 60s
other.single 30s
other.multiple 60s
frag 30s
interval 10s
adaptive.start 6000 states
adaptive.end 12000 states
src.track 0s
LIMITS:
states hard limit 10000
src-nodes hard limit 10000
frags hard limit 5000
tables hard limit 1000
table-entries hard limit 200000
TABLES:
rede_pref
OS FINGERPRINTS:
696 fingerprints loaded
hobbit#
porém o tracert do meu note só alcançou o IP do servidor, apos isso só
apareceu asteriscos e esgotado o tempo limite,
mas o traceroute no servidor para um ip externo foi
--
ENIO RODRIGO MARCONCINI
www.Enio.Pro.Br
skype: eniorm
> FreeBSD -:- OpenBSD -:- Slackware
> Coleções Marcas de Cigarros
< Obi-Wan has taught you well....
Mais detalhes sobre a lista de discussão freebsd