OpenForum RSS: OpenBSD 4.3, pf, NAT, VPN.

OpenBSD 4.3, pf, NAT, VPN. (tomishinets)

Wed, 06 Aug 2008 10:33:58 GMT

>� �� vpn ��?

�� , �� ! �� !

� �� Windows XP, �� ip �� (�� ) � �� ! �� .

�� , �� VPN �� (�� ), �� VPN ��?
�� , ipf/ipnat �� OpenBSD �� >3,5...
�� -�� ?

�� !

OpenBSD 4.3, pf, NAT, VPN. (tomishinets)

Wed, 06 Aug 2008 10:19:02 GMT

>>� �� vpn ��?
>
>��...�� (ping �� )...
>�� , ��-�� - � ��.

�� , �� ! �� !

� �� Windows XP, �� ip �� (�� ) � �� ! �� .

�� , �� VPN �� (�� ), �� VPN ��?
�� , ipf/ipnat �� OpenBSD �� >3,5...
�� -�� ?

�� !

OpenBSD 4.3, pf, NAT, VPN. (tomishinets)

Wed, 06 Aug 2008 10:07:29 GMT

>� �� vpn ��?

��...�� (ping �� )...
�� , ��-�� - � ��.

OpenBSD 4.3, pf, NAT, VPN. (A Clockwork Orange)

Wed, 06 Aug 2008 10:03:45 GMT

� �� vpn ��?

OpenBSD 4.3, pf, NAT, VPN. (tomishinets)

Wed, 06 Aug 2008 09:57:29 GMT

>tcpdump -n -e -ttt -i pflog0

Aug 06 13:50:55.900210 rule 129/(match) pass in on rl0: client_ip.2532 > $vpn_ip.1723: [|tcp] (DF)
Aug 06 13:50:55.900393 rule 132/(match) pass out on rl1: $ext_ip_router.56618 > $vpn_ip.1723: [|tcp] (DF)

OpenBSD 4.3, pf, NAT, VPN. (A Clockwork Orange)

Wed, 06 Aug 2008 09:48:38 GMT

tcpdump -n -e -ttt -i pflog0

OpenBSD 4.3, pf, NAT, VPN. (tomishinets)

Wed, 06 Aug 2008 09:28:56 GMT

>tcpdump -i pflog0 -ttt
>
>�� ?

....
Aug 06 13:26:05.668475 client.46957 > $vpn_ip.pptp: [|tcp] (DF)
...
Aug 06 13:26:06.757489 call 4736 seq 1 gre-ppp-payload (gre encap)
Aug 06 13:26:06.757579 call 4736 seq 1 gre-ppp-payload (gre encap)
...

OpenBSD 4.3, pf, NAT, VPN. (A Clockwork Orange)

Wed, 06 Aug 2008 09:24:45 GMT

tcpdump -i pflog0 -ttt

�� ?

OpenBSD 4.3, pf, NAT, VPN. (A Clockwork Orange)

Wed, 06 Aug 2008 09:23:01 GMT

>[�� ]
>any
> $tcp_state
>pass out log on $ext_if inet proto udp
> to
>any
> $udp_icmp_state
>pass out log on $int_if inet proto udp from $int_ip to
>$local_net port snmp $udp_icmp_state
>block out log on $ext_if inet proto { tcp udp } to
>any port $dhcpd_ports

gre �� ?