mchammer 0 Report post Posted February 14, 2008 (edited) 1) Cuba remove entry 'defaultrouter=192.168.0.1' dalam /etc/rc.conf2) Cuba ping IP google instead of hostname: 72.14.207.1043) Paste output untuk command di bawah a) ipfw -a list ps -auxw |grep natipfw -a list untuk tengok firewall ruleps -waxu | grep nat untuk tengok sama ada natd running atau tidak.Dah buat changes kat /etc/rc.conf boleh terus run /etc/netstart untuk refresh. Edited February 14, 2008 by mchammer Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 (edited) mchammer, kalau takde masalah, bleh bgtau kemungkinan2 berkenaan config aku tu tak?sebab aku nak tau gak kat mane silap.. huhu..no satu, aku dah delete,no dua, aku dah ping. takde masalah...ni output untuk no 3.ipfw00050 123 11098 divert 8668 ip4 from any to any via xl000100 0 0 allow ip from any to any via lo000200 0 0 deny ip from any to 127.0.0.0/800300 0 0 deny ip from 127.0.0.0/8 to any65000 139 12394 allow ip from any to any65535 18 1805 allow ip from any to anyni plak psroot 615 0.0 0.4 1524 1016 ?? Ss 4:32PM 0:16.90 /sbin/natd -dynamic -n xl0oh ye, aku check balik tadi, default router tu ade balik la.. Edited February 15, 2008 by gamekiller Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 (edited) ooo... boleh ping ip google, tapi kalau ping guna hostname tak boleh, betul?Apa dns setting kat client? Edited February 15, 2008 by mchammer Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 ooo... boleh ping ip google, tapi kalau ping guna hostname tak boleh, betul?Apa dns setting kat client?hmm? dua-dua bleh.. camne skrang? dns tak letak lagi.. nak gne ip mane? jap2.. ip pc router aku fxpO ni betol tak? same ngan gtway? Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 hmm? dua-dua bleh.. camne skrang? dns tak letak lagi.. nak gne ip mane? jap2.. ip pc router aku fxpO ni betol tak? same ngan gtway?Ok, so sekarang apa problem? Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 (edited) problm die client tak bleh nak masuk tenet lagi.. huhu.. dns pon aku dah letak same ngan gateway.. aku try letak 10.100.100.227, bleh ping gak.. ade kaitan ngan firewall ke? route ke.. Edited February 15, 2008 by gamekiller Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 (edited) Cuba letak DNS ni: 202.188.0.133Cuba paste output untuk: ping -c4 www.google.com.my Edited February 15, 2008 by mchammer Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 (edited) huhu..tak dapat lah.request time out ble aku ping ip dns tu.. pastu ble ping google die cakap check balik name tu..jap2 dns tu kat client ke? atau pc router? aku ping ni dari mane? Edited February 15, 2008 by gamekiller Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 Client guna OS apa? Boleh paste configuration dia? Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 client gne windows.. snng..haha.. Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 (edited) Cuba paste output ipconfigDNS Ip yg aku bagi tu set kat client.Cuba ping google dari client. Edited February 15, 2008 by mchammer Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 adeh..ping pon tak dpat ni..ni ipconfig aku.. Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 (edited) Ok try ni pulak,Dekat /etc/rc.conf tukar defaultrouter="10.100.100.1" dengan menggunakan editor (vi, ee, etc).Lepas tu run /etc/netstartTry lagi sekali...Kalu rajin paste /etc/rc.conf lagi sekali... Edited February 15, 2008 by mchammer Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 (edited) ni output.. mesti rajin ni..ilmu2..hehe..# -- sysinstall generated deltas -- # Wed Feb 13 01:18:03 2008# added by xorg-libraries porthostname="free"ifconfig_xl0="DHCP"keymap="us.iso"linux_enable="YES"local_startup="/usr/local/etc/rc.d"moused_enable="YES"usbd_enable="YES"firewall_enable="YES"gateway_enable="YES"firewall_type="OPEN"ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0"natd_enable="YES"natd_interface="xl0"natd_flags=""# -- sysinstall generated deltas -- # Thu Feb 14 12:48:50 2008ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0"#defaultrouter="192.168.0.1"hostname="pc"# -- sysinstall generated deltas -- # Fri Feb 15 19:46:17 2008ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0"defaultrouter="10.100.100.1"hostname="fxp0_card"# -- sysinstall generated deltas -- # Fri Feb 15 20:16:02 2008ifconfig_xl0="DHCP"hostname="fxp0_card"aku dah takpaham kenape makin banyak plak line line ni.. ni mesti sbb aku gne sysinstall punyer command ni.. Edited February 15, 2008 by gamekiller Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 10.100.100.1 tu lab punya gateway kan? So tak boleh gak?Apa kata reboot pc freebsd tu. Lagi satu, cuba bersihkan sikit /etc/rc.conf. Buang entry yg berulang. Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 10.100.100.1 tu lab punya gateway kan? So tak boleh gak?Apa kata reboot pc freebsd tu. Lagi satu, cuba bersihkan sikit /etc/rc.conf. Buang entry yg berulang.haah.. mksudnye nak letak kat client gateway tu ke?freebsd ku sedang dirrestart Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 15, 2008 (edited) Tak. Patutnye semua dah lengkap...FreeBSD version berapa ni?Dah check /var/log/messages? Mana la tau ada error message yg berkaitan...p/s: aku nak gi makan... lagi sejam aku kembali... Edited February 15, 2008 by mchammer Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 15, 2008 version baru ni.. enam point kosong tiga.. sori.. nombor kat keyboard rosak... haha..aisey.. kita jmpe isnin r.. aku pon nak balik.. pasni lab tutup.. pepehal pon thanks banyak. Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 18, 2008 (edited) errr. aku dah check /var/log/message.. takde pape mencurigakan.. huhu..camne ek? ade solution lain tak?ade kaitan ngan NAT tak? Edited February 18, 2008 by gamekiller Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 18, 2008 (edited) output ipfw -a list ada tunjukkan packet diterima oleh router.00050 123 11098 divert 8668 ip4 from any to any via xl0Erm.. aku tak sure apsal tak boleh. Lepas ni boleh try guna ipf dengan ipnat pulak.Client yang sambung ke router tu guna apa (cross over cable, hub, etc)? Edited February 18, 2008 by mchammer Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 19, 2008 lpe nak letak, yang user ke switch tu gne straight cable gak..output ipfw -a list ada tunjukkan packet diterima oleh router.00050 123 11098 divert 8668 ip4 from any to any via xl0so maknenya sepatutnye takde maslah? packet dah didivertkan ke xl0 la kan?btw, mslh ni dari ipfw? nnti aku try ipnat plak.. camne ngan dns? Quote Share this post Link to post Share on other sites
mchammer 0 Report post Posted February 19, 2008 Dns tu kemudian boleh buat. Takyah buat pun takpe sebenarnya, tapi untuk learning purposes boleh je. Sekarang ni bagi NAT berfungsi dulu.Cuba buat guna ipnat pulak... Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 19, 2008 so, ipnat ni camne nak config? perlu aku compile kernel balik? huhu.. lame tu.. harap2 tak r.. hehe.. Quote Share this post Link to post Share on other sites
TRUNASUCI 15 Report post Posted February 19, 2008 (edited) Dns tu kemudian boleh buat. Takyah buat pun takpe sebenarnya, tapi untuk learning purposes boleh je. Sekarang ni bagi NAT berfungsi dulu.Cuba buat guna ipnat pulak...possibly guna ipnat lebih mudah, ipnat nih salah satu dr elemen dalam ipf ( dah lama aku tak pakai ipfw ).. anyway en mchammer boleh guide nampaknya tuh.. bagusla guide simple ipnat ngan NetBSD:http://trunasuci.pbwiki.com/NetBSD+gateway...Wireless+Jaringngan FreeBSD leh kata sama gakla.. cuma adjust kat rc.conf saja.. rc.conf:nat_enable="YES"ipnat_enable="YES"ipnat_program="/sbin/ipnat"ipnat_rules="/etc/ipnat.rules"/etc/ipnat.rules:map ex0 192.168.10.0/24 -> 0/32 proxy port ftp ftp/tcpmap ex0 192.168.10.0/24 -> 0/32 portmap tcp/udp 10000:20000map ex0 192.168.10.0/24 -> 0/32edit ex0 tuh ikut NIC yg connect ke "luar" dalam DHCP network LAB (xl0 kut?)..flush any rules ( kalau ada )ipnat -FCipnat -f /etc/ipnat.rulesdan check:ipnat -lcontoh ipnat yg dah "berjaya":# ipnat -lList of active MAP/Redirect filters:map ex0 10.0.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcpmap ex0 10.0.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:20000map ex0 10.0.0.0/24 -> 0.0.0.0/32kat client (windows):C:Documents and Settingstrunz>ping www.yahoo.com Pinging www.yahoo-ht3.akadns.net [209.131.36.158] with 32 bytes of data: Reply from 209.131.36.158: bytes=32 time=406ms TTL=49Reply from 209.131.36.158: bytes=32 time=315ms TTL=48Reply from 209.131.36.158: bytes=32 time=1084ms TTL=49Reply from 209.131.36.158: bytes=32 time=379ms TTL=48 Ping statistics for 209.131.36.158:selamat mencuba Edited February 19, 2008 by TRUNASUCI Quote Share this post Link to post Share on other sites
game-game 0 Report post Posted February 20, 2008 (edited) ek.. trunasuci,kenape aku dapat error /dev/ipnat: open: no such file or directorydalam link yang ko bagi tu ade cakap nak guide untuk enable ipnat ni tapi aku scroll takde.. by the time, aku search jap psl nak enable ni.haaa.. dah jmpe dah.. jap.. try jap..http://www.phildev.net/ipf/IPFfreebsd.html#freebsd10 Edited February 20, 2008 by gamekiller Quote Share this post Link to post Share on other sites