[fli4l] Problem mit der neuen Portweiterleitung und Shares
meter.paler at googlemail.com
meter.paler at googlemail.com
Di Mai 17 17:03:25 CEST 2016
Hi Peter,
> Für OPENVPN brauch man nichts in PF_INPUT konfigurieren! Openvpn macht
> seinen Port selber auf!
seit welcher Version funktioniert das denn, wenn Fli4l hinter einem Router hängt?
Wie bei der alten V3.6.1 soll von außen der Zugriff auf die früher per PORTFW_N='13' konfigurierten Ports zugegriffen werden können und intern soll zwischen NET1 und NET2 der Zugriff auf die Windows-Freigaben funktionieren.
Unten im zweiten 'base' Abschnitt steht: PORTFW_N='0'
Den Eintrag gibt es in der Base.txt aber gar nicht.
Die aktuelle Config:
# generated by mkfli4l (Revision: 41041)
#
# package 'base'
#
AUTO='99'
BASE='yes'
HOSTNAME='router'
PASSWORD='xxx'
BOOT_TYPE='cd'
LIBATA_DMA='disabled'
MOUNT_BOOT='rw'
BOOTMENU_TIME='5'
TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0/3'
KERNEL_VERSION='3.14.66'
KERNEL_BOOT_OPTION=''
COMP_TYPE_OPT='xz'
IP_CONNTRACK_MAX=''
POWERMANAGEMENT='acpi'
LOCALE='de'
CONSOLE_BLANK_TIME=''
BEEP='yes'
SER_CONSOLE='no'
DEBUG_STARTUP='no'
KEYBOARD_LOCALE='auto'
NET_DRV_N='2'
NET_DRV_1='r8169'
NET_DRV_1_OPTION=''
NET_DRV_2='asix'
NET_DRV_2_OPTION=''
IP_NET_N='3'
IP_NET_1='192.168.1.250/24'
IP_NET_1_DEV='eth0'
IP_NET_2='192.168.3.250/24'
IP_NET_2_DEV='eth1'
IP_NET_3='10.0.0.1/24'
IP_NET_3_DEV='eth2'
IP_ROUTE_N='1'
IP_ROUTE_1='0.0.0.0/0 10.0.0.250'
PF_INPUT_POLICY='REJECT'
PF_INPUT_ACCEPT_DEF='yes'
PF_INPUT_LOG='no'
PF_INPUT_LOG_LIMIT='3/minute:5'
PF_INPUT_REJ_LIMIT='1/second:5'
PF_INPUT_UDP_REJ_LIMIT='1/second:5'
PF_INPUT_N='5'
PF_INPUT_1='IP_NET_1 ACCEPT'
PF_INPUT_2='IP_NET_2 ACCEPT'
PF_INPUT_3='prot:udp IP_NET_3:40001 ACCEPT'
PF_INPUT_4='prot:udp IP_NET_3:50001 ACCEPT'
PF_INPUT_5='prot:udp IP_NET_3:60001 ACCEPT'
PF_FORWARD_POLICY='REJECT'
PF_FORWARD_ACCEPT_DEF='yes'
PF_FORWARD_LOG='no'
PF_FORWARD_LOG_LIMIT='3/minute:5'
PF_FORWARD_REJ_LIMIT='1/second:5'
PF_FORWARD_UDP_REJ_LIMIT='1/second:5'
PF_FORWARD_N='2'
PF_FORWARD_1='IP_NET_1 ACCEPT'
PF_FORWARD_2='IP_NET_2 ACCEPT'
PF_OUTPUT_POLICY='ACCEPT'
PF_OUTPUT_ACCEPT_DEF='yes'
PF_OUTPUT_LOG='no'
PF_OUTPUT_LOG_LIMIT='3/minute:5'
PF_OUTPUT_REJ_LIMIT='1/second:5'
PF_OUTPUT_UDP_REJ_LIMIT='1/second:5'
PF_OUTPUT_N='0'
PF_POSTROUTING_N='2'
PF_POSTROUTING_1='IP_NET_1 MASQUERADE'
PF_POSTROUTING_2='IP_NET_2 MASQUERADE'
PF_PREROUTING_N='13'
PF_PREROUTING_1='prot:tcp IP_NET_3:45570 DNAT:192.168.3.200:80'
PF_PREROUTING_2='prot:tcp IP_NET_3:45571 DNAT:192.168.3.202:80'
PF_PREROUTING_3='prot:tcp IP_NET_3:45572 DNAT:192.168.3.203:80'
PF_PREROUTING_4='prot:tcp IP_NET_3:45573 DNAT:192.168.3.204:80'
PF_PREROUTING_5='prot:tcp IP_NET_3:45580 DNAT:192.168.3.1:5900'
PF_PREROUTING_6='prot:tcp IP_NET_3:45590 DNAT:192.168.3.50:8080'
PF_PREROUTING_7='prot:tcp IP_NET_3:45591 DNAT:192.168.1.50:8080'
PF_PREROUTING_8='prot:tcp IP_NET_3:45200 DNAT:192.168.3.2:5900'
PF_PREROUTING_9='prot:tcp IP_NET_3:45300 DNAT:192.168.3.2:80'
PF_PREROUTING_10='prot:tcp IP_NET_3:45592 DNAT:192.168.1.51:8080'
PF_PREROUTING_11='prot:tcp IP_NET_3:45582 DNAT:192.168.3.51:8080'
PF_PREROUTING_12='prot:tcp IP_NET_3:45574 DNAT:192.168.1.205:80'
PF_PREROUTING_13='prot:tcp IP_NET_3:45575 DNAT:192.168.1.206:80'
PF_PREROUTING_CT_ACCEPT_DEF='yes'
PF_PREROUTING_CT_N='1'
PF_PREROUTING_CT_1='tmpl:ftp IP_NET_1 HELPER:ftp'
PF_OUTPUT_CT_ACCEPT_DEF='yes'
PF_OUTPUT_CT_N='0'
PF_USR_CHAIN_N='0'
DOMAIN_NAME='xxxxxxx'
DNS_FORWARDERS='10.0.0.250'
START_IMOND='no'
IP_DYN_ADDR='no'
DIALMODE='auto'
#
# package 'dns_dhcp'
#
HOST_N='0'
HOST_EXTRA_N='0'
OPT_DNS='yes'
DNS_BIND_INTERFACES='no'
DNS_LISTEN_N='0'
DNS_VERBOSE='no'
DNS_MX_SERVER=''
DNS_FORBIDDEN_N='0'
DNS_REDIRECT_N='0'
DNS_BOGUS_PRIV='yes'
DNS_FILTERWIN2K='no'
DNS_LOCAL_HOST_CACHE_TTL='60'
DNS_ZONE_DELEGATION_N='0'
DNS_REBINDOK_N='0'
#
# package 'openvpn'
#
OPT_OPENVPN='yes'
OPENVPN_EXPERT='no'
OPENVPN_WEBGUI='no'
OPENVPN_N='3'
OPENVPN_DEFAULT_PROTOCOL='udp'
OPENVPN_DEFAULT_OPEN_OVPNPORT='no'
OPENVPN_DEFAULT_VERBOSE='0'
OPENVPN_1_NAME='xxx'
OPENVPN_1_LOCAL_PORT='50001'
OPENVPN_1_SECRET='xxx'
OPENVPN_1_TYPE='tunnel'
OPENVPN_1_REMOTE_VPN_IP='192.168.105.2'
OPENVPN_1_LOCAL_VPN_IP='192.168.105.1'
OPENVPN_1_ROUTE_N='1'
OPENVPN_1_ROUTE_1='192.168.201.0/24'
OPENVPN_1_PF_INPUT_N='1'
OPENVPN_1_PF_INPUT_1='ACCEPT'
OPENVPN_1_PF_FORWARD_N='1'
OPENVPN_1_PF_FORWARD_1='ACCEPT BIDIRECTIONAL'
OPENVPN_2_NAME='xxx'
OPENVPN_2_LOCAL_PORT='40001'
OPENVPN_2_SECRET='xxx'
OPENVPN_2_TYPE='tunnel'
OPENVPN_2_REMOTE_VPN_IP='192.168.104.2'
OPENVPN_2_LOCAL_VPN_IP='192.168.104.1'
OPENVPN_2_ROUTE_N='1'
OPENVPN_2_ROUTE_1='192.168.2.0/24'
OPENVPN_2_PF_INPUT_N='0'
OPENVPN_2_PF_FORWARD_N='3'
OPENVPN_2_PF_FORWARD_1='if:VPNDEV:IP_NET_2_DEV prot:tcp 3389 ACCEPT'
OPENVPN_2_PF_FORWARD_2='if:VPNDEV:IP_NET_2_DEV prot:tcp 5800 ACCEPT'
OPENVPN_2_PF_FORWARD_3='if:VPNDEV:IP_NET_2_DEV prot:tcp 5900 ACCEPT'
OPENVPN_3_NAME='xxx'
OPENVPN_3_LOCAL_PORT='60001'
OPENVPN_3_SECRET='xxx'
OPENVPN_3_TYPE='tunnel'
OPENVPN_3_REMOTE_VPN_IP='192.168.106.2'
OPENVPN_3_LOCAL_VPN_IP='192.168.106.1'
OPENVPN_3_ROUTE_N='0'
OPENVPN_3_PF_INPUT_N='0'
OPENVPN_3_PF_FORWARD_N='3'
OPENVPN_3_PF_FORWARD_1='if:VPNDEV:IP_NET_2_DEV prot:tcp 102 ACCEPT'
OPENVPN_3_PF_FORWARD_2='if:VPNDEV:IP_NET_2_DEV prot:tcp 1099 ACCEPT'
OPENVPN_3_PF_FORWARD_3='if:IP_NET_2_DEV:VPNDEV ACCEPT'
#
# package 'usb'
#
OPT_USB='yes'
USB_EXTRA_DRIVER_N='0'
#
# package 'base'
#
ARCH='x86_64'
LIBC_VERSION='0.9.33'
LOG_BOOT_SEQ='yes'
OPT_MAKEKBL='no'
PF_INPUT_ICMP_ECHO_REQ_SIZE='150'
MASQ_MODULE_N='0'
PORTFW_N='0'
OPT_SYSLOGD='no'
OPT_KLOGD='no'
OPT_LOGIP='no'
OPT_Y2K='no'
OPT_PNP='no'
OPT_ADDMODULES='no'
COMP_TYPE_ROOTFS='xz'
FLI4L_VERSION='3.10.6'
#
# package 'dns_dhcp'
#
OPT_HOSTS='yes'
DNS_FORWARD_LOCAL='no'
DNS_AUTHORITATIVE='no'
DNS_ZONE_NETWORK_N='0'
OPT_DHCP='no'
OPT_DHCPRELAY='no'
OPT_TFTP='no'
OPT_YADIFA='no'
#
# package 'hd'
#
OPT_MOUNT='no'
OPT_HDINSTALL='no'
OPT_HDSLEEP='no'
OPT_HDDRV='no'
OPT_RECOVER='no'
OPT_EXTMOUNT='no'
#
# package 'kernel_3_14'
#
COMP_TYPE_ROOTFS_3_14='xz'
#
# package 'base'
#
KERNEL_MAJOR='3.14'
Gruß
Pete
Mehr Informationen über die Mailingliste Fli4L