Код: Выделить всё
[9:11] /usr/home/alex >uname -a
FreeBSD gw 8.2-STABLE FreeBSD 8.2-STABLE #0: Tue Sep 20 14:28:31 MSK 2011
Код: Выделить всё
[9:13] /usr/home/alex >ifconfig
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=2009<RXCSUM,VLAN_MTU,WOL_MAGIC>
ether 00:08:02:e0:a5:4e
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
ether 00:08:02:91:70:85
inet 192.168.10.130 netmask 0xfffffe00 broadcast 192.168.11.255
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
bge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
ether 00:08:02:ed:3a:eb
inet 192.168.254.6 netmask 0xfffffff8 broadcast 192.168.254.7
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet 127.0.0.1 netmask 0xff000000
vlan358: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 00:08:02:e0:a5:4e
inet 217.XX.XXX.XX netmask 0xfffffffc broadcast 217.65.208.23
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 358 parent interface: fxp0
vlan135: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=3<RXCSUM,TXCSUM>
ether 00:08:02:ed:3a:eb
inet 192.168.254.6 netmask 0xfffffff8 broadcast 192.168.254.7
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 135 parent interface: bge1
vlan140: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=3<RXCSUM,TXCSUM>
ether 00:08:02:ed:3a:eb
inet 217.XX.XX.XXX netmask 0xfffffffc broadcast 217.23.64.127
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 140 parent interface: bge1
Код: Выделить всё
[9:14] /usr/home/alex >ipfw show
00100 1951 1662061 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
01010 2203 223131 setfib 1 ip from table(4) to any in recv bge0
10010 122556 73407257 allow ip from 192.168.10.0/23 to 192.168.10.0/23 via bge0
10020 0 0 allow ip from table(2) to table(2) via vlan135
10030 0 0 allow ip from any to any via ng*
10110 9577 1099938 allow ip from table(1) to table(1)
10120 120 6720 allow ip from table(2) to table(2)
10130 559 290338 allow ip from table(1) to table(2)
10140 300 139556 allow ip from table(2) to table(1)
20010 0 0 deny ip from table(5) to any via bge0
21010 11131 8358205 allow ip from any to 192.168.10.0/23 out xmit bge0
21020 8907 1054127 allow ip from 192.168.10.0/23 to any in recv bge0
21100 0 0 allow tcp from any to me dst-port 80 in recv vlan358
21200 154 11680 allow tcp from any to me dst-port 1216 in recv vlan358
21310 0 0 allow tcp from any to me dst-port 1723 in recv vlan358
21320 0 0 allow tcp from me 1723 to any out xmit vlan358
22010 107318 72957430 allow ip from me to any via vlan358 keep-state
22020 0 0 allow ip from me to any via vlan140 keep-state
30410 0 0 nat 100 gre from 217.XX.XX.XXX to me via vlan358
30420 0 0 nat 100 gre from 192.168.10.138 to 217.23.68.166 via vlan358
30430 0 0 allow gre from any to any via vlan358
50000 9796 7812024 nat 100 ip from any to me via vlan358
50010 2219 703497 nat 200 ip from any to me via vlan140
50100 1956 206434 nat 200 ip from table(4) to any via vlan140
51010 0 0 nat 100 ip from 192.168.10.132 25,110,143,993,995 to any via vlan358
51020 0 0 nat 100 ip from 192.168.10.132 to any dst-port 25 via vlan358
53010 0 0 nat 100 ip from 192.168.10.177 10001 to any via vlan358
54030 0 0 nat 100 ip from 192.168.10.241 to any dst-port 22 via vlan358
54040 0 0 nat 100 ip from 192.168.10.241 to any dst-port 21 via vlan358
54050 610 49689 nat 100 ip from 192.168.10.99 to any via vlan358
60000 6267 790874 nat 100 ip from table(3) to any via vlan358
65534 192 71481 deny log logamount 50 ip from any to any
65535 42 2696 deny ip from any to any
Код: Выделить всё
[9:17] /usr/home/alex >netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 217.XX.XXX.XX UGS 0 68320 vlan35
127.0.0.1 link#5 UH 0 1175 lo0
192.168.1.0/24 192.168.254.4 UGS 0 0 bge1
192.168.10.0/23 link#2 U 0 105545 bge0
192.168.10.130 link#2 UHS 0 0 lo0
192.168.20.0/24 192.168.254.4 UGS 0 4499 bge1
192.168.100.0/24 192.168.254.1 UGS 0 165 bge1
192.168.150.0/24 192.168.254.4 UGS 0 242 bge1
192.168.160.0/24 192.168.254.4 UGS 0 185 bge1
192.168.170.0/24 192.168.254.4 UGS 0 241 bge1
192.168.254.0/29 link#3 U 0 161 bge1
192.168.254.6 link#3 UHS 1 0 lo0
192.168.254.8/29 192.168.254.4 UGS 0 237 bge1
192.168.254.16/30 192.168.254.4 UGS 0 0 bge1
192.168.254.20/30 192.168.254.4 UGS 0 0 bge1
192.168.254.24/30 192.168.254.4 UGS 0 0 bge1
192.168.254.28/30 192.168.254.4 UGS 0 164 bge1
217.23.64.124/30 link#8 U 0 0 vlan14
217.23.64.126 link#8 UHS 0 0 lo0
217.65.208.20/30 link#6 U 0 9 vlan35
217.65.208.22 link#6 UHS 0 246 lo0
Код: Выделить всё
[9:17] /usr/home/alex >ipfw table 1 list
192.168.10.0/23 0
192.168.20.0/24 0
192.168.100.0/24 0
192.168.150.0/24 0
192.168.160.0/24 0
192.168.170.0/24 0
Код: Выделить всё
[9:18] /usr/home/alex >ping 192.168.170.1
PING 192.168.170.1 (192.168.170.1): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
^C
--- 192.168.170.1 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
[9:19] /usr/home/alex >ping 192.168.160.1
PING 192.168.160.1 (192.168.160.1): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
^C
--- 192.168.160.1 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
[9:19] /usr/home/alex >
Человек который рулит этим шлюзом не доступен а самому разобраться тяжело так как в ipfw соображаю в общих чертах.