Re: lug-bg: ipac+ipchains+mrtg
- Subject: Re: lug-bg: ipac+ipchains+mrtg
- From: hristo@xxxxxxxxxxxx (Hristo Nazarov)
- Date: Wed, 11 Apr 2001 05:34:03 -0700
Mersi za savetite...
1. Mrezata ne mi e vatreshna, a istnska..prosto ne skam da si pisha
IP...Sazeliawam che sam te zabludil.
2. Niama znachenie na koi interface meria (polzwam portslave deto zabiwa
twardi IP na wseki ot modemite - a s ipchains sam definiral accounting
prawila za IP (ne za Interfejci)- taka greshka ne moze da stawa)
3. Po skoro waprosat mi e za ipchains...Wsichko si raboti ok obache kogato
REDIRECTwam paketi kam proxyto te prosto ne stigat do accountig
chaina..(Towa si e osobenost na ipchains)...
4. Mislia (Znam) che problemat mi e w ipchains--Prosto ne se sehtam kak da
go konfiguriram hem da redirectwa, hem da stga do accounting chaina
Mersi Za Informaciata..Ama ne e towa sluchaia...
----- Original Message -----
From: "Stanislav Lechev (AngelFire)" <firedust@xxxxxxx>
To: <lug-bg@xxxxxxxxxxxxxxxxxx>
Sent: Wednesday, April 11, 2001 6:56 AM
Subject: Re: lug-bg: ipac+ipchains+mrtg
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> zabelqzwam che gledash ttySx
> kakto prepolagam ti imash poweche ot edin interface
>
> t.e.
> eth0
> ppp0
> ppp1
> tnt
>
> togawa trqbwa da wnimawash na koj interface merish :)
> a i weroqtno problema ti e che gi masqrade-wash
> i ako se opitwash da hwanesh wsqko masq ip po otdelno
> na eth0 nqma da stane ...
>
> a kato gledam maj ppp0x.domain.net e private mreva(192.168/16)
>
>
> da si predstawim slednoto:
>
> (client) ppp0 <--> eth0 (inet)
>
> ti imash :
> 192.168.0.1 <--> 0/0
> MASQ
> towa 192.168.0.1(ppp0) kogato otide na 0/0(eth0) weche ne e 192.168.0.1
> a e real ip
> sledowatelno na eth0 ne movesh da gledash za 192.168/16 :)
>
> no ne e zadylvitelno da e towa problema pri tebe
>
>
> On Wed, 11 Apr 2001, Hristo Nazarov wrote:
>
> > Date: Wed, 11 Apr 2001 01:13:47 -0700
> > From: Hristo Nazarov <hristo@xxxxxxxxxxxx>
> > Reply-To: lug-bg@xxxxxxxxxxxxxxxxxx
> > To: lug-bg@xxxxxxxxxxxxxxxxxx
> > Subject: lug-bg: ipac+ipchains+mrtg
> >
> > Zdrawejte,
> > naskoro si instalirah ipac. Mnogo sam dowolen kak se sprawia. Obache
imam
> > malak problem s nastrojkata na ipchains...
> > tova e chast ot ipchains -L -v
> >
> > 975 219K ipac_bth all ------ 0xFF 0x00 any
> > anywhere anywhere n/a
> > 975 219K ipac_in all ------ 0xFF 0x00 any
> > anywhere anywhere n/a
> > 170 9428 REDIRECT tcp ------ 0xFF 0x00 any
> > ppp04.domain.net anywhere any -> www => www
> >
> >
> > Chain ipac_in (1 references):
> > pkts bytes target prot opt tosa tosx ifname mark
outsize
> > source destination ports
> > 856 240K - all ------ 0xFF 0x00 eth0
> > anywhere anywhere n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > anywhere ppp01.domain.net n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > anywhere ppp02.domain.net n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > anywhere ppp03.domain.net n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > anywhere ppp04.domain.net n/a
> >
> > Chain ipac_out (1 references):
> > pkts bytes target prot opt tosa tosx ifname mark
outsize
> > source destination ports
> > 820 232K - all ------ 0xFF 0x00 eth0
> > anywhere anywhere n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > ppp01.domain.net anywhere n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > ppp02.domain.net anywhere n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > ppp03.domain.net anywhere n/a
> > 0 0 - all ------ 0xFF 0x00 eth0
> > ppp04.domain.net anywhere n/a
> >
> >
> > Problema e che kogato prawia REDIRECT na paketi - ppp04.domain.net
(pusnal
> > sam edno transperantno proxy (SQUID) na sashtata mashina)
> > Ne se otchitat tezi paketi (trafika ot REDIRECTA). Naskoro go zabeliazah
i
> > izglezda logichno. Obache kato se zamislia Kak da configuriram ipchains
taka
> > che hem Da si imam REDIRECT hem da mi prawi tochen accounting. Ne se
seshtam
> > za nishto Umno. Niakoj da se sehta kak da stane hubawinata?
> > Tova e ipac.conf
> >
> > cat /etc/ipac.conf
> > # $Id: ipac.conf,v 1.1 2000/02/25 19:05:10 moritz Exp $
> > # Example config file with accounting rules
> > # Install as /etc/ipac.conf
> > #
> > # Format:
> > # Name of rule|direction|interface|protocol|source|destination
> > #
> > # where
> > # Name of rule Any string to identify this rule
> > # direction in | out
> > # interface ip number or interface name
> > # protocol tcp | udp | icmp | all
> > # source \
> > # destination both as described in ipfwadm(8), or empty
> > # incoming:
> > incoming all |in|eth0|all||
> > incoming ttyS4 |in|eth0|all|0/0|192.168.255.161|
> > incoming ttyS5 |in|eth0|all|0/0|192.168.255.162|
> > incoming ttyS6 |in|eth0|all|0/0|192.168.255.163|
> > incoming ttyS7 |in|eth0|all|0/0|192.168.255.164|
> >
> >
> > #
> > # Outgoing:
> > outgoing all |out|eth0|all||
> > outgoing ttyS4 |out|eth0|all|192.168.255.161|0/0|
> > outgoing ttyS5 |out|eth0|all|192.168.255.162|0/0|
> > outgoing ttyS6 |out|eth0|all|192.168.255.163|0/0|
> > outgoing ttyS7 |out|eth0|all|192.168.255.164|0/0|
> >
> >
> >
> >
> >
===========================================================================
> > A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> > http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara
Zagora
> >
>
> - -=======================================================================
====-
> Regards, AngelFire
> Stanislav Lechev <firedust@xxxxxxx>
> PGP Key: http://firedust.vega.bg/pgp/StanislavLechev.asc
> - -=======================================================================
====-
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.4 (GNU/Linux)
> Comment: Made with pgp4pine 1.75-6
>
> iD8DBQE61GKf8RPXBhiMqewRAqZ7AJ9mseqNCvxeL+hnRTzH9ScuUygZYgCfQK8r
> pNV0q41w6HimfUAhM+xMghM=
> =K4ol
> -----END PGP SIGNATURE-----
>
>
>
===========================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara
Zagora
>
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|