У меня проблема такова :
Есть FreeBSD 7.0,
стоит две сетевых
Код: Выделить всё
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:1e:c9:f7:56:30
inet 192.168.1.55 netmask 0xffffff00 broadcast 192.168.1.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
bge1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:1e:c9:f7:56:31
inet 192.168.5.3 netmask 0xffffff00 broadcast 192.168.5.255
media: Ethernet autoselect (1000baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet 127.0.0.1 netmask 0xff000000
Код: Выделить всё
bge1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:1e:c9:f7:56:31
inet 192.168.5.3 netmask 0xffffff00 broadcast 192.168.5.255
вот /etc/rc.conf
Код: Выделить всё
###########################################################################
defaultrouter="192.168.5.10"
hostname="хххххххххх"
ifconfig_bge0="inet 192.168.1.55 netmask 255.255.255.0"
ifconfig_bge1="inet 192.168.5.3 netmask 255.255.255.0"
###########################################################################
gateway_enable="YES"
inetd_enable="YES"
keymap="ua.koi8-u"
linux_enable="YES"
moused_enable="YES"
sshd_enable="YES"
##############################-samba-#####################################
samba_enable="YES"
###############################-DNS-######################################
named_enable="YES"
named_flage="-u bind -g bind"
rpcbind_enable="YES"
nisdomainname="NO"
###############################-IPFW-#####################################
firewall_enable="YES"
firewall_type="/etc/rc.firewall"
firewall_logging="YES"
natd_enable="YES"
natd_interface="bge0"
natd_flags=" -u -m "
############################-time server-#################################
ntpd_enable=YES
###############################-mail-#####################################
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
##########################- VPN for windows -#############################
pptpd_enable="YES"
################################-www-#####################################
apache22_enable="YES"
#############################-monitoring-#################################
ntop_enable="YES"
ntop_flags="@/usr/local/etc/ntop/ntop.conf"
##########################- probros portov -#############################
rinetd_enable="YES"
Код: Выделить всё
# cat /etc/resolv.conf
domain ххххххххх
nameserver 127.0.0.1
nameserver 123.123.123.123
Код: Выделить всё
# cat /etc/rc.firewall
#!/bin/sh
#
FwCMD="/sbin/ipfw -q " #
LanOut="bge0" #
NetOut="192.168.1.0" #
IpOut="192.168.1.55" #
LanIn="bge1" #
NetIn="192.168.5.0/24" #
ip_lan="192.168.5" #
# Sbros vseh pravil
${FwCMD} -f flush
# sbros pipe
${FwCMD} -f pipe flush
# sbros ocheredi
${FwCMD} -f queue flush
# razreshaem vse po vnutrennemu interfeysu
#${FwCMD} add allow ip from any to any via lo0
# zapreschaem localhostu lazit
${FwCMD} add deny ip from any to 127.0.0.0/8
${FwCMD} add deny ip from 127.0.0.0/8 to any
# NAT
${FwCMD} add divert natd ip from any to any via ${LanOut}
#${FwCMD} add divert natd ip from any to ${IpOut} in via ${LanOut}
###########################-VPN i-net to lan-#################################
#${FwCMD} add allow tcp from any to me 1723
#${FwCMD} add allow tcp from me 1723 to any
#${FwCMD} add allow gre from any to any
#${FwCMD} add allow ip from any to any via tun0
# ping
${FwCMD} add allow icmp from any to any icmptypes 0,8,11
# vnutrenniy trafik na vnutrennem interfeyse
${FwCMD} add allow ip from any to ${NetIn} in via ${LanIn}
${FwCMD} add allow ip from ${NetIn} to any out via ${LanIn}
# razreshaem suschstv. soedineniya
${FwCMD} add allow tcp from any to any established
# DNS
${FwCMD} add allow udp from any to ${IpOut} 53 in via ${LanOut}
${FwCMD} add allow udp from ${IpOut} 53 to any out via ${LanOut}
${FwCMD} add allow udp from any 53 to ${IpOut} in via ${LanOut}
${FwCMD} add allow udp from ${IpOut} to any 53 out via ${LanOut}
# time-123
${FwCMD} add allow udp from any to any 123 via ${LanOut}
${FwCMD} add allow udp from any 123 to any via ${LanOut}
# DNS
${FwCMD} add pass udp from any to any 53
${FwCMD} add pass udp from any 53 to any
# SSH
${FwCMD} add allow tcp from any to any 22
${FwCMD} add allow tcp from any 22 to any
# ntop
${FwCMD} add allow tcp from me 3000,161 to any
${FwCMD} add allow udp from me 161 to any
# RDP windows
${FwCMD} add allow tcp from any to any 3389
${FwCMD} add allow tcp from any 3389 to any
${FwCMD} add allow tcp from any to any 3390
${FwCMD} add allow tcp from any 3390 to any
#razreshaem vse
${FwCMD} add allow log ip from any to any
В настройках подключения я поставил
шлюз 192.168.1.55
ДНС 192.168.1.55
НО НЕТА НЕТ! но ІР адреса статические пингуються. А сайты НЕТ
А когда я ставлю вот так
шлюз 192.168.1.55
ДНС 123.123.123.123 - ДНС провайдера (123.123.123.123 - взят для примера)
то тогда нет есть!
Подскажите где я ошибся!
Или как решить проблему ?
Спасибо!