Linux-Bulgaria.ORG
навигация

 

начало

пощенски списък

архив на групата

семинари ...

документи

как да ...

 

 

Предишно писмо Следващо писмо Предишно по тема Следващо по тема По Дата По тема (thread)

Re: [Lug-bg] Проблем с pptpd.

  • Subject: Re: [Lug-bg] Проблем с pptpd.
  • From: <d3v1ous@xxxxxxxxxxxx>
  • Date: Tue, 30 Sep 2008 15:39:29 +0300
Е това не го разбрах, всички конфиг файлове използвани от pptpd съм ги 
предоставил в първия мейл.

----- Original Message ----- 
From: "Yordan Boikov" <boikov@xxxxxxxxx>
To: <lug-bg@xxxxxxxxxxxxxxxxxx>
Sent: Tuesday, September 30, 2008 2:35 PM
Subject: Re: [Lug-bg] Проблем с pptpd.


> дай и конфа да фтп-то
> смисъл че не изглежда route или fw
>
>
> -- 
> поздрави
> Y.Boikov
> :wq
>
>
> Quoting d3v1ous@xxxxxxxxxxxx:
>
>> Проблем с pptpd, с описаната по - долу конфигурация след като се
>> вържа на впн-а ( от Windows машина и съм избрал, vpn-a да ми е
>> default gateway ) имам интернет, имам пинг до 192.168.0.1 и само
>> това, т.е. впн-а в момента работи като прокси :), ако се опитам да
>> се вържа през вътрешното ип към хоста на който е стартиран впн
>> сървъра резултата е time out. Вижте по - долните редове.
>>
>> system - Debian GNU/Linux 4.0 \n \l
>> pptpd version - pptpd_1.3.0-2etch2_i386.deb
>>
>> installed: apt-get install pptpd
>> config:
>>
>> root@router:~# egrep -v '#' /etc/pptpd.conf
>> option /etc/ppp/pptpd-options
>> logwtmp
>> localip 192.168.0.1
>> remoteip 192.168.0.100-200
>>
>> root@router:~# egrep -v '#' /etc/ppp/pptpd-options
>> name pptpd
>> refuse-pap
>> refuse-chap
>> refuse-mschap
>> require-mschap-v2
>> require-mppe-128
>> ms-dns 192.168.0.1
>> ms-dns 77.70.5.1
>> proxyarp
>> nodefaultroute
>> lock
>> nobsdcomp
>> root@router:~#
>>
>> root@router:~# egrep -v '#' /etc/init.d/firewall
>>         iptables -P INPUT DROP
>>         iptables -P FORWARD DROP
>>         iptables -P OUTPUT ACCEPT
>>
>>         iptables -F INPUT
>>         iptables -F FORWARD
>>         iptables -F OUTPUT
>>         iptables -F -t nat
>>
>>         iptables -A INPUT -p icmp -j ACCEPT
>>         iptables -A OUTPUT -p icmp -j ACCEPT
>>
>>         iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
>>
>>         iptables -A FORWARD -i eth0 -o eth1 -m state --state
>> ESTABLISHED,RELATED -j ACCEPT
>>         iptables -A INPUT -i eth0 -m state --state
>> ESTABLISHED,RELATED -j ACCEPT
>>
>>         iptables -A INPUT -i eth1 -s 0/0 -d 0/0 -j ACCEPT
>>         iptables -A INPUT -i lo -s 0/0 -d 0/0 -j ACCEPT
>>
>>         iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -o eth0 -j
>> SNAT --to-source 77.70.5.130
>>
>>         iptables -A INPUT -i eth0 -s 192.168.0.0/24 -j DROP
>>         iptables -A INPUT -i eth0 -s 127.0.0.0/8 -j DROP
>>
>>         iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port
>> 1723 --syn -j ACCEPT
>>         iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
>>         iptables -A FORWARD -i eth0 -o ppp+ -m state --state
>> ESTABLISHED,RELATED -j ACCEPT
>>
>>         modprobe ip_gre
>>         modprobe ip_nat_pptp
>>         modprobe ip_conntrack_pptp
>>         iptables -A INPUT -s 0/0 -d 0/0 -p udp -j DROP
>>         iptables -A INPUT -s 0/0 -d 0/0 -p tcp --syn -j DROP
>>
>>         echo 1 > /proc/sys/net/ipv4/tcp_syncookies
>>         echo 1 > /proc/sys/net/ipv4/ip_forward
>>         echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
>>         echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
>>         echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
>>         echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
>>         echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
>>         echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
>>
>>
>> Linux:
>>
>> ppp0      Link encap:Point-to-Point Protocol
>>           inet addr:192.168.0.1  P-t-P:192.168.0.100 
>> Mask:255.255.255.255
>>           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1396  Metric:1
>>           RX packets:31 errors:0 dropped:0 overruns:0 frame:0
>>           TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
>>           collisions:0 txqueuelen:3
>>           RX bytes:4083 (3.9 KiB)  TX bytes:160 (160.0 b)
>>
>> root@router:~# route -n
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags Metric Ref    Use 
>> Iface
>> 192.168.0.100   0.0.0.0         255.255.255.255 UH    0      0        0 
>> ppp0
>> 192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 
>> eth1
>> 77.70.5.0       0.0.0.0         255.255.255.0   U     0      0        0 
>> eth0
>> 0.0.0.0         77.70.5.1       0.0.0.0         UG    0      0        0 
>> eth0
>> root@router:~#
>>
>> Windows:
>>
>> PPP adapter d3v1ous.info VPN Server:
>>
>>    Connection-specific DNS Suffix  . :
>>    Description . . . . . . . . . . . : d3v1ous.info VPN Server
>>    Physical Address. . . . . . . . . :
>>    DHCP Enabled. . . . . . . . . . . : No
>>    Autoconfiguration Enabled . . . . : Yes
>>    IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
>>    Subnet Mask . . . . . . . . . . . : 255.255.255.255
>>    Default Gateway . . . . . . . . . : 0.0.0.0
>>    DNS Servers . . . . . . . . . . . : 192.168.0.1
>>                                        77.70.5.1
>>    NetBIOS over Tcpip. . . . . . . . : Enabled
>>
>> C:\>ping abv.bg
>>
>> Pinging abv.bg [194.153.145.104] with 32 bytes of data:
>>
>> Reply from 194.153.145.104: bytes=32 time=3ms TTL=59
>> Reply from 194.153.145.104: bytes=32 time=4ms TTL=59
>> Reply from 194.153.145.104: bytes=32 time=3ms TTL=59
>> Reply from 194.153.145.104: bytes=32 time=4ms TTL=59
>>
>> Ping statistics for 194.153.145.104:
>>     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
>> Approximate round trip times in milli-seconds:
>>     Minimum = 3ms, Maximum = 4ms, Average = 3ms
>>
>> C:\>ping d3v1ous.info
>>
>> Pinging d3v1ous.info [77.70.5.130] with 32 bytes of data:
>>
>> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59
>> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59
>> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59
>> Reply from 77.70.5.130: bytes=32 time=2ms TTL=59
>>
>> Ping statistics for 77.70.5.130:
>>     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
>> Approximate round trip times in milli-seconds:
>>     Minimum = 2ms, Maximum = 2ms, Average = 2ms
>>
>> C:\>ping 192.168.0.1
>>
>> Pinging 192.168.0.1 with 32 bytes of data:
>>
>> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64
>> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64
>> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64
>> Reply from 192.168.0.1: bytes=32 time=3ms TTL=64
>>
>> Ping statistics for 192.168.0.1:
>>     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
>> Approximate round trip times in milli-seconds:
>>     Minimum = 3ms, Maximum = 3ms, Average = 3ms
>>
>>
>> C:\>ftp d3v1ous.info
>> Connected to d3v1ous.info.
>> 220 77.70.5.130 FTP server ready
>> User (d3v1ous.info:(none)): ^C
>> C:\>
>> C:\>ftp 192.168.0.1
>> Connected to 192.168.0.1.
>> Connection closed by remote host.
>>
>> C:\>
>>
>> Linux:
>> root@router:~# netstat -ntap | grep 21
>> tcp        0      0 0.0.0.0:21              0.0.0.0:*
>> LISTEN     4957/inetd
>>
>>
>>
>
>
>
> _______________________________________________
> Lug-bg mailing list
> Lug-bg@xxxxxxxxxxxxxxxxxx
> http://linux-bulgaria.org/mailman/listinfo/lug-bg
> 

_______________________________________________
Lug-bg mailing list
Lug-bg@xxxxxxxxxxxxxxxxxx
http://linux-bulgaria.org/mailman/listinfo/lug-bg

 
наши приятели

 

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

 

 

Linux-Bulgaria.ORG

Mailing list messages are © Copyright their authors.