Jump to content
Sign in to follow this  
game-game

Dhcp Server Dalam Freebsd

Recommended Posts

1) Cuba remove entry 'defaultrouter=192.168.0.1' dalam /etc/rc.conf

2) Cuba ping IP google instead of hostname: 72.14.207.104

3) Paste output untuk command di bawah

a) ipfw -a list

B) ps -auxw |grep nat

ipfw -a list untuk tengok firewall rule

ps -waxu | grep nat untuk tengok sama ada natd running atau tidak.

Dah buat changes kat /etc/rc.conf boleh terus run /etc/netstart untuk refresh.

Edited by mchammer

Share this post


Link to post
Share on other sites

mchammer, kalau takde masalah, bleh bgtau kemungkinan2 berkenaan config aku tu tak?sebab aku nak tau gak kat mane silap.. huhu..

no satu, aku dah delete,

no dua, aku dah ping. takde masalah...

ni output untuk no 3.

ipfw

00050 123 11098 divert 8668 ip4 from any to any via xl0

00100 0 0 allow ip from any to any via lo0

00200 0 0 deny ip from any to 127.0.0.0/8

00300 0 0 deny ip from 127.0.0.0/8 to any

65000 139 12394 allow ip from any to any

65535 18 1805 allow ip from any to any

ni plak ps

root 615 0.0 0.4 1524 1016 ?? Ss 4:32PM 0:16.90 /sbin/natd -dynamic -n xl0

oh ye, aku check balik tadi, default router tu ade balik la..

Edited by gamekiller

Share this post


Link to post
Share on other sites

ooo... boleh ping ip google, tapi kalau ping guna hostname tak boleh, betul?

Apa dns setting kat client?

hmm? dua-dua bleh.. camne skrang? dns tak letak lagi.. nak gne ip mane? jap2.. ip pc router aku fxpO ni betol tak? same ngan gtway?

Share this post


Link to post
Share on other sites

hmm? dua-dua bleh.. camne skrang? dns tak letak lagi.. nak gne ip mane? jap2.. ip pc router aku fxpO ni betol tak? same ngan gtway?

Ok, so sekarang apa problem?

Share this post


Link to post
Share on other sites

problm die client tak bleh nak masuk tenet lagi.. huhu.. dns pon aku dah letak same ngan gateway.. aku try letak 10.100.100.227, bleh ping gak.. ade kaitan ngan firewall ke? route ke..

Edited by gamekiller

Share this post


Link to post
Share on other sites

huhu..tak dapat lah.request time out ble aku ping ip dns tu.. pastu ble ping google die cakap check balik name tu..

jap2 dns tu kat client ke? atau pc router? aku ping ni dari mane?

Edited by gamekiller

Share this post


Link to post
Share on other sites

Ok try ni pulak,

Dekat /etc/rc.conf tukar defaultrouter="10.100.100.1" dengan menggunakan editor (vi, ee, etc).

Lepas tu run /etc/netstart

Try lagi sekali...

Kalu rajin paste /etc/rc.conf lagi sekali...

Edited by mchammer

Share this post


Link to post
Share on other sites

ni output.. mesti rajin ni..ilmu2..hehe..

# -- sysinstall generated deltas -- # Wed Feb 13 01:18:03 2008

# added by xorg-libraries port

hostname="free"

ifconfig_xl0="DHCP"

keymap="us.iso"

linux_enable="YES"

local_startup="/usr/local/etc/rc.d"

moused_enable="YES"

usbd_enable="YES"

firewall_enable="YES"

gateway_enable="YES"

firewall_type="OPEN"

ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0"

natd_enable="YES"

natd_interface="xl0"

natd_flags=""

# -- sysinstall generated deltas -- # Thu Feb 14 12:48:50 2008

ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0"

#defaultrouter="192.168.0.1"

hostname="pc"

# -- sysinstall generated deltas -- # Fri Feb 15 19:46:17 2008

ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0"

defaultrouter="10.100.100.1"

hostname="fxp0_card"

# -- sysinstall generated deltas -- # Fri Feb 15 20:16:02 2008

ifconfig_xl0="DHCP"

hostname="fxp0_card"

aku dah takpaham kenape makin banyak plak line line ni.. ni mesti sbb aku gne sysinstall punyer command ni..

Edited by gamekiller

Share this post


Link to post
Share on other sites

10.100.100.1 tu lab punya gateway kan? So tak boleh gak?

Apa kata reboot pc freebsd tu. Lagi satu, cuba bersihkan sikit /etc/rc.conf. Buang entry yg berulang.

Share this post


Link to post
Share on other sites

10.100.100.1 tu lab punya gateway kan? So tak boleh gak?

Apa kata reboot pc freebsd tu. Lagi satu, cuba bersihkan sikit /etc/rc.conf. Buang entry yg berulang.

haah.. mksudnye nak letak kat client gateway tu ke?

freebsd ku sedang dirrestart

Share this post


Link to post
Share on other sites

Tak. Patutnye semua dah lengkap...

FreeBSD version berapa ni?

Dah check /var/log/messages? Mana la tau ada error message yg berkaitan...

p/s: aku nak gi makan... lagi sejam aku kembali...

Edited by mchammer

Share this post


Link to post
Share on other sites

version baru ni.. enam point kosong tiga.. sori.. nombor kat keyboard rosak... haha..

aisey.. kita jmpe isnin r.. aku pon nak balik.. pasni lab tutup.. pepehal pon thanks banyak. ^_^

Share this post


Link to post
Share on other sites

errr. aku dah check /var/log/message.. takde pape mencurigakan.. huhu..

camne ek? ade solution lain tak?

ade kaitan ngan NAT tak?

Edited by gamekiller

Share this post


Link to post
Share on other sites

output ipfw -a list ada tunjukkan packet diterima oleh router.

00050 123 11098 divert 8668 ip4 from any to any via xl0

Erm.. aku tak sure apsal tak boleh. Lepas ni boleh try guna ipf dengan ipnat pulak.

Client yang sambung ke router tu guna apa (cross over cable, hub, etc)?

Edited by mchammer

Share this post


Link to post
Share on other sites

diagramny5.png

lpe nak letak, yang user ke switch tu gne straight cable gak..

output ipfw -a list ada tunjukkan packet diterima oleh router.

00050 123 11098 divert 8668 ip4 from any to any via xl0

so maknenya sepatutnye takde maslah? packet dah didivertkan ke xl0 la kan?

btw, mslh ni dari ipfw? nnti aku try ipnat plak.. camne ngan dns?

Share this post


Link to post
Share on other sites

Dns tu kemudian boleh buat. Takyah buat pun takpe sebenarnya, tapi untuk learning purposes boleh je. Sekarang ni bagi NAT berfungsi dulu.

Cuba buat guna ipnat pulak...

Share this post


Link to post
Share on other sites

Dns tu kemudian boleh buat. Takyah buat pun takpe sebenarnya, tapi untuk learning purposes boleh je. Sekarang ni bagi NAT berfungsi dulu.

Cuba buat guna ipnat pulak...

possibly guna ipnat lebih mudah, ipnat nih salah satu dr elemen dalam ipf ( dah lama aku tak pakai ipfw )..

anyway en mchammer boleh guide nampaknya tuh.. bagusla :)

guide simple ipnat ngan NetBSD:

http://trunasuci.pbwiki.com/NetBSD+gateway...Wireless+Jaring

ngan FreeBSD leh kata sama gakla.. cuma adjust kat rc.conf saja.. :)

rc.conf:

nat_enable="YES"

ipnat_enable="YES"

ipnat_program="/sbin/ipnat"

ipnat_rules="/etc/ipnat.rules"

/etc/ipnat.rules:

map ex0 192.168.10.0/24 -> 0/32 proxy port ftp ftp/tcp

map ex0 192.168.10.0/24 -> 0/32 portmap tcp/udp 10000:20000

map ex0 192.168.10.0/24 -> 0/32

edit ex0 tuh ikut NIC yg connect ke "luar" dalam DHCP network LAB (xl0 kut?)..

flush any rules ( kalau ada )

ipnat -FC

ipnat -f /etc/ipnat.rules

dan check:

ipnat -l

contoh ipnat yg dah "berjaya":

# ipnat -l

List of active MAP/Redirect filters:

map ex0 10.0.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp

map ex0 10.0.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:20000

map ex0 10.0.0.0/24 -> 0.0.0.0/32

kat client (windows):

C:Documents and Settingstrunz>ping www.yahoo.com

Pinging www.yahoo-ht3.akadns.net [209.131.36.158] with 32 bytes of data:

Reply from 209.131.36.158: bytes=32 time=406ms TTL=49

Reply from 209.131.36.158: bytes=32 time=315ms TTL=48

Reply from 209.131.36.158: bytes=32 time=1084ms TTL=49

Reply from 209.131.36.158: bytes=32 time=379ms TTL=48

Ping statistics for 209.131.36.158:

selamat mencuba

Edited by TRUNASUCI

Share this post


Link to post
Share on other sites

ek.. trunasuci,

kenape aku dapat error

/dev/ipnat: open: no such file or directory

dalam link yang ko bagi tu ade cakap nak guide untuk enable ipnat ni tapi aku scroll takde.. :wacko:

by the time, aku search jap psl nak enable ni.

haaa.. dah jmpe dah.. jap.. try jap..

http://www.phildev.net/ipf/IPFfreebsd.html#freebsd10

Edited by gamekiller

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...