{"id":102,"date":"2010-08-27T17:08:35","date_gmt":"2010-08-27T14:08:35","guid":{"rendered":"http:\/\/rexxer.kharkov.ru\/?p=102"},"modified":"2010-08-27T17:08:35","modified_gmt":"2010-08-27T14:08:35","slug":"freebsd-probros-portov-cherez-natd","status":"publish","type":"post","link":"https:\/\/dety.net.ua\/?p=102","title":{"rendered":"FreeBSD – \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 NATD"},"content":{"rendered":"

FreeBSD – \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 NATD<\/strong><\/p>\n

\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432\u043e\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043a\u043e\u043d\u0444\u0438\u0433-\u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438. \u0412\u0437\u044f\u0442\u043e \u0438\u0437 \u043e\u0444\u0438\u0437\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438, \u0441\u043c.\u043d\u0438\u0436\u0435. \u0420\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043b\u0438\u0431\u043e alias (-a), \u043b\u0438\u0431\u043e interface (-n) – \u0432\u044b\u0431\u043e\u0440 \u0437\u0430 \u0432\u0430\u043c\u0438. \u0422.\u0435. \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0435 \u043c\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c \u043b\u0438\u0431\u043e \u0430\u043b\u0438\u0430\u0441-\u0430\u0434\u0440\u0435\u0441, \u043b\u0438\u0431\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441.<\/p>\n

rc.conf<\/p>\n

\n
natd_enable=\"YES\"\nnatd_interface=\"rl0<\/em><\/tt>\"\nnatd_flags=\"-f \/etc\/natd.conf\"<\/pre>\n<\/blockquote>\n
natd.conf<\/p>\n
\n
interface rl0\nsame_ports\nuse_sockets\nunregistered_only\nredirect_port tcp 192.168.0.10:25 25\n# \u0440\u0435\u0434\u0438\u0440\u0435\u043a\u0442 \u0438\u0434\u0435\u0442 \u043d\u0430 192.168.0.10 \u0441 25\u0433\u043e \u043f\u043e\u0440\u0442\u0430 \u043d\u0430 25\u0439.<\/pre>\n<\/blockquote>\n
rc.firewall<\/p>\n
# \u042f \u0440\u0435\u0448\u0438\u043b \u043d\u0435 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u044b\u0439:<\/p>\n
# Main devert for ALL
\ncase ${natd_enable} in
\n[Yy][Ee][Ss])
\nif [ -n “${natd_interface}” ]; then
\n${fwcmd} add divert natd all from any to any via ${natd_interface}
\nfi
\n;;
\nesac<\/p>\n
# Allow SMTP – \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 – \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0438\u0434\u0435\u0442 \u043f\u043e\u0441\u043b\u0435 \u0434\u0438\u0432\u0435\u0440\u0442\u0430
\n${fwcmd} add allow tcp from any to 192.168.2.197 25 via ${oif}<\/p><\/blockquote>\n
\u0414\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 2\u0445 \u0438\u043d\u0441\u0442\u0430\u043d\u0441\u043e\u0432 NATD \u043b\u0438\u0431\u043e \u0442\u0430\u043a:<\/p>\n
rc.firewall<\/p>\n
#First NAT<\/p>\n
natd -m -u -a ${oip1} -p 8668
\n${fwcmd} add divert 8668 all from any to any via ${oif2}<\/p>\n
# Second NAT
\nnatd -m -u -a ${oip2} -p 8778
\n${fwcmd} add divert 8778 all from any to any via ${oif2}<\/p><\/blockquote>\n
\u043b\u0438\u0431\u043e \u0447\u0435\u0440\u0435\u0437 natd.conf<\/p>\n
\n
# default instance\nport 8668\nalias_address 158.152.17.1\n\n# second instance\ninstance dsl1\nport 8778\nalias_address 192.168.0.1<\/pre>\n<\/blockquote>\n
\u0421\u0430\u043c NATD \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u043e\u0436\u043d\u043e \u043a\u0438\u043b\u044c\u043d\u0443\u0442\u044c: killall natd \u0438\u043b\u0438 kill PID(NATD), \u0430 \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \/etc\/rc.d\/natd -f \/etc\/natd.conf<\/p>\n
\u041b\u0438\u0431\u043e: \/etc\/rc.d\/natd restart<\/p>\n
\u0412\u0430\u0436\u043d\u043e\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u043d\u0438\u0435: \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0434\u043b\u044f \u043f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043a\u0435\u0442\u0430 \u0434\u043e\u043b\u0436\u043d\u043e \u0441\u0442\u043e\u044f\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u0434\u0438\u0432\u0435\u0440\u0442\u0430, \u0430 \u0434\u043e \u044d\u0442\u043e\u0433\u043e \u043d\u0438\u043a\u043a\u0438\u0445 \u0420\u0410\u0417\u0420\u0415\u0428\u0410\u042e\u0429\u0418\u0425 (\u0437\u0430\u043f\u0440\u0435\u0449\u0430\u044e\u0449\u0438\u0445) \u043f\u0440\u0430\u0432\u0438\u043b. \u041f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043e, \u0435\u0441\u043b\u0438 \u0441\u0442\u043e\u0438\u0442 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043f\u0435\u0440\u0435\u0434 \u0434\u0438\u0432\u0435\u0440\u0442\u043e\u043c \u0438 \u043f\u043e\u0441\u043b\u0435 \u0434\u0438\u0432\u0435\u0440\u0442\u0430 \u0442\u043e\u0436\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0449\u0435\u0435, \u0442\u043e \u0434\u043e \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442 \u043d\u0435 \u0434\u043e\u0445\u043e\u0434\u0438\u0442, \u0434\u0430\u0436\u0435 \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 net.inet.ip.fw.one_pass=0<\/p>\n
http:\/\/www.freebsd.org\/doc\/en_US.ISO8859-1\/books\/handbook\/network-natd.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
FreeBSD – \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 NATD \u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432\u043e\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043a\u043e\u043d\u0444\u0438\u0433-\u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438. \u0412\u0437\u044f\u0442\u043e \u0438\u0437 \u043e\u0444\u0438\u0437\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438, \u0441\u043c.\u043d\u0438\u0436\u0435. \u0420\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043b\u0438\u0431\u043e alias (-a), \u043b\u0438\u0431\u043e interface (-n) – \u0432\u044b\u0431\u043e\u0440 \u0437\u0430 \u0432\u0430\u043c\u0438. \u0422.\u0435. \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0435 \u043c\u044b \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c \u043b\u0438\u0431\u043e \u0430\u043b\u0438\u0430\u0441-\u0430\u0434\u0440\u0435\u0441, \u043b\u0438\u0431\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441. rc.conf natd_enable=”YES” natd_interface=”rl0″ natd_flags=”-f \/etc\/natd.conf” natd.conf interface rl0 same_ports use_sockets unregistered_only redirect_port tcp 192.168.0.10:25 25 # \u0440\u0435\u0434\u0438\u0440\u0435\u043a\u0442 \u0438\u0434\u0435\u0442 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,13],"tags":[],"class_list":["post-102","post","type-post","status-publish","format-standard","hentry","category-freebsd","category-novosti"],"_links":{"self":[{"href":"https:\/\/dety.net.ua\/index.php?rest_route=\/wp\/v2\/posts\/102","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dety.net.ua\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dety.net.ua\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dety.net.ua\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dety.net.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=102"}],"version-history":[{"count":0,"href":"https:\/\/dety.net.ua\/index.php?rest_route=\/wp\/v2\/posts\/102\/revisions"}],"wp:attachment":[{"href":"https:\/\/dety.net.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=102"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dety.net.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=102"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dety.net.ua\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=102"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}