2006/8/26, Jernej Jakob <jernej dot jakob at gmail dot com>:
> Hello.
>
> I am having a problem with getting DMZ to work. I can access my web
> server from the inside, but not from the outside. I've done everything
> the DMZ manual said to do.
> The IP of the server is 192.168.0.2, external IP is 193.138.45.81, my
> computer is 10.1.0.45
>
> P.S. Could it stop working due to enabling PPTP?
>
> m0n0wall: status
> Sat Aug 26 10:21:16 CEST 2006
>
>
> System uptime
>
> 10:21AM up 1:48, 0 users, load averages: 0.16, 0.06, 0.02
>
> Interfaces
>
> rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=40<POLLING>
> ether 00:40:f4:77:24:6b
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
> fxp0: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500
> options=40<POLLING>
> inet 10.1.0.1 netmask 0xffffff00 broadcast 10.1.0.255
> ether 00:90:27:36:6a:83
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
> xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=1<RXCSUM>
> inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
> ether 00:10:4b:06:8a:0d
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
> inet 127.0.0.1 netmask 0xff000000
> ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1492
> inet 193.138.45.81 --> 193.138.34.254 netmask 0xffffffff
> ng1: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng2: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng3: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng4: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng5: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng6: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng7: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng8: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng9: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng10: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng11: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng12: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng13: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng14: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng15: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
> ng16: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
>
> Routing tables
>
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif Expire
> default 193.138.34.254 UGSc 4 5637 ng0
> 10.1/24 link#2 UC 2 0 fxp0
> 10.1.0.45 00:03:0d:0e:54:48 UHLW 12 11543 fxp0 766
> 10.1.0.55 00:0d:56:39:f1:cd UHLW 0 186 fxp0 981
> 127.0.0.1 127.0.0.1 UH 0 308 lo0
> 192.168.0 link#3 UC 1 0 xl0
> 192.168.0.2 00:80:ad:72:d8:d9 UHLW 2 2970 xl0 406
> 193.138.34.254 193.138.45.81 UH 4 0 ng0
> 193.138.45.81 lo0 UHS 0 0 lo0
>
> ipfw show
>
> ipfw: getsockopt(IP_FW_GET): Protocol not available
>
> ipnat -lv
>
> List of active MAP/Redirect filters:
> map ng0 10.1.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
> map ng0 10.1.0.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
> map ng0 10.1.0.0/24 -> 0.0.0.0/32
> map ng0 192.168.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
> map ng0 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
> map ng0 192.168.0.0/24 -> 0.0.0.0/32
>
> List of active sessions:
> MAP 10.1.0.45 2808 <- -> 193.138.45.81 12400 [66.249.93.99 80]
> age 17968 use 0 sumd 0xa26/0xa26 pr 6 bkt 1919/686 flags 1 drop 0/0
> ifp ng0 bytes 5644 pkts 21
> MAP 10.1.0.45 2806 <- -> 193.138.45.81 12398 [212.58.226.29 80]
> age 380 use 0 sumd 0xa26/0xa26 pr 6 bkt 1596/363 flags 1 drop 0/0
> ifp ng0 bytes 1489 pkts 11
> MAP 10.1.0.45 2805 <- -> 193.138.45.81 12397 [213.250.2.95 80]
> age 440 use 0 sumd 0xa26/0xa26 pr 6 bkt 1256/23 flags 1 drop 0/0
> ifp ng0 bytes 16020 pkts 28
> MAP 10.1.0.45 2788 <- -> 193.138.45.81 12380 [66.249.91.83 80]
> age 379 use 0 sumd 0xa26/0xa26 pr 6 bkt 701/1515 flags 1 drop 0/0
> ifp ng0 bytes 1735 pkts 9
> MAP 10.1.0.45 2784 <- -> 193.138.45.81 12376 [66.249.85.104 80]
> age 17969 use 0 sumd 0xa26/0xa26 pr 6 bkt 1562/329 flags 1 drop 0/0
> ifp ng0 bytes 28899 pkts 86
> MAP 10.1.0.45 2783 <- -> 193.138.45.81 12375 [66.249.93.99 80]
> age 17999 use 0 sumd 0xa26/0xa26 pr 6 bkt 1660/427 flags 1 drop 0/0
> ifp ng0 bytes 24868 pkts 70
> MAP 10.1.0.45 2781 <- -> 193.138.45.81 12373 [212.58.226.29 80]
> age 230 use 0 sumd 0xa26/0xa26 pr 6 bkt 1337/104 flags 1 drop 0/0
> ifp ng0 bytes 1490 pkts 11
> MAP 10.1.0.45 2780 <- -> 193.138.45.81 12372 [213.250.2.95 80]
> age 290 use 0 sumd 0xa26/0xa26 pr 6 bkt 997/1811 flags 1 drop 0/0
> ifp ng0 bytes 16020 pkts 28
> MAP 10.1.0.45 2779 <- -> 193.138.45.81 12371 [212.58.226.29 80]
> age 80 use 0 sumd 0xa26/0xa26 pr 6 bkt 825/1639 flags 1 drop 0/0
> ifp ng0 bytes 18929 pkts 30
> MAP 10.1.0.45 2778 <- -> 193.138.45.81 12370 [213.250.2.95 80]
> age 140 use 0 sumd 0xa26/0xa26 pr 6 bkt 485/1299 flags 1 drop 0/0
> ifp ng0 bytes 16020 pkts 28
> MAP 10.1.0.45 2777 <- -> 193.138.45.81 12369 [66.249.91.83 80]
> age 139 use 0 sumd 0xa26/0xa26 pr 6 bkt 1979/746 flags 1 drop 0/0
> ifp ng0 bytes 1735 pkts 9
> MAP 10.1.0.45 2776 <- -> 193.138.45.81 12368 [66.249.91.18 80]
> age 17950 use 0 sumd 0xa26/0xa26 pr 6 bkt 1333/100 flags 1 drop 0/0
> ifp ng0 bytes 12948 pkts 41
> MAP 192.168.0.2 123 <- -> 193.138.45.81 1651 [193.2.1.92 123]
> age 566 use 0 sumd 0x3429/0x3429 pr 17 bkt 1059/111 flags 2 drop 0/0
> ifp ng0 bytes 152 pkts 2
> MAP 192.168.0.2 123 <- -> 193.138.45.81 1651 [193.2.1.66 123]
> age 538 use 0 sumd 0x3429/0x3429 pr 17 bkt 903/2002 flags 2 drop 0/0
> ifp ng0 bytes 152 pkts 2
> MAP 10.1.0.45 2773 <- -> 193.138.45.81 12365 [66.249.85.104 80]
> age 170 use 0 sumd 0xa26/0xa26 pr 6 bkt 793/1607 flags 1 drop 0/0
> ifp ng0 bytes 1748 pkts 12
> MAP 10.1.0.45 2772 <- -> 193.138.45.81 12364 [66.249.93.104 80]
> age 170 use 0 sumd 0xa26/0xa26 pr 6 bkt 921/1735 flags 1 drop 0/0
> ifp ng0 bytes 1692 pkts 12
> MAP 10.1.0.45 2761 <- -> 193.138.45.81 12605 [66.249.91.18 80]
> age 430 use 0 sumd 0xb22/0xb22 pr 6 bkt 1587/1378 flags 1 drop 0/0
> ifp ng0 bytes 21954 pkts 72
> MAP 10.1.0.45 2237 <- -> 193.138.45.81 12585 [63.245.209.21 80]
> age 17870 use 0 sumd 0xd1a/0xd1a pr 6 bkt 1121/913 flags 1 drop 0/0
> ifp ng0 bytes 73158 pkts 249
> MAP 10.1.0.45 2211 <- -> 193.138.45.81 12559 [207.46.24.27 1863]
> age 17961 use 0 sumd 0xd1a/0xd1a pr 6 bkt 62/1901 flags 1 drop 0/0
> ifp ng0 bytes 33307 pkts 533
> MAP 10.1.0.55 1159 <- -> 193.138.45.81 15035 [66.102.11.125 443]
> age 17950 use 0 sumd 0x1ad8/0x1ad8 pr 6 bkt 2004/1774 flags 1 drop 0/0
> ifp ng0 bytes 27370 pkts 243
>
> List of active host mappings:
> 192.168.0.2 -> 0.0.0.0 (use = 2 hv = 221)
> 10.1.0.45 -> 0.0.0.0 (use = 3 hv = 446)
> 10.1.0.45 -> 0.0.0.0 (use = 12 hv = 446)
> 10.1.0.45 -> 0.0.0.0 (use = 1 hv = 446)
> 10.1.0.45 -> 0.0.0.0 (use = 1 hv = 446)
> 10.1.0.55 -> 0.0.0.0 (use = 1 hv = 486)
>
> ipfstat -v
>
> opts 0x40 name /dev/ipl
> IPv6 packets: in 0 out 0
> input packets: blocked 98 passed 19165 nomatch 0 counted 0 short 0
> output packets: blocked 0 passed 20863 nomatch 0 counted 0 short 0
> input packets logged: blocked 98 passed 3
> output packets logged: blocked 0 passed 0
> packets logged: input 0 output 0
> log failures: input 0 output 0
> fragment state(in): kept 0 lost 0 not fragmented 0
> fragment state(out): kept 0 lost 0 not fragmented 0
> packet state(in): kept 1162 lost 0
> packet state(out): kept 34 lost 0
> ICMP replies: 0 TCP RSTs sent: 0
> Invalid source(in): 0
> Result cache hits(in): 47 (out): 0
> IN Pullups succeeded: 0 failed: 0
> OUT Pullups succeeded: 0 failed: 0
> Fastroute successes: 0 failures: 0
> TCP cksum fails(in): 0 (out): 0
> Packet log flags set: (0)
> none
>
> ipfstat -nio
>
> @1 pass out quick on lo0 from any to any
> @2 pass out quick on fxp0 proto udp from 10.1.0.1/32 port = 67 to any port = 68
> @3 pass out quick on ng0 proto udp from any port = 68 to any port = 67
> @4 pass out quick on fxp0 from any to any keep state
> @5 pass out quick on ng0 from any to any keep state
> @6 pass out quick on xl0 from any to any keep state
> @7 block out log quick from any to any
> @1 pass in quick on lo0 from any to any
> @2 block in log quick from any to any with short
> @3 block in log quick from any to any with ipopt
> @4 pass in quick on fxp0 proto udp from any port = 68 to
> 255.255.255.255/32 port = 67
> @5 pass in quick on fxp0 proto udp from any port = 68 to 10.1.0.1/32 port = 67
> @6 block in log quick on ng0 from 10.1.0.0/24 to any
> @7 block in log quick on ng0 from 192.168.0.0/24 to any
> @8 block in log quick on ng0 proto udp from any port = 67 to
> 10.1.0.0/24 port = 68
> @9 pass in quick on ng0 proto udp from any port = 67 to any port = 68
> @10 block in log quick on fxp0 from !10.1.0.0/24 to any
> @11 block in log quick on xl0 from !192.168.0.0/24 to any
> @12 block in log quick on ng0 from 10.0.0.0/8 to any
> @13 block in log quick on ng0 from 127.0.0.0/8 to any
> @14 block in log quick on ng0 from 172.16.0.0/12 to any
> @15 block in log quick on ng0 from 192.168.0.0/16 to any
> @16 skip 1 in proto tcp from any to any flags S/FSRA
> @17 block in log quick proto tcp from any to any
> @18 block in log quick on fxp0 from any to any head 100
> @1 pass in quick from 10.1.0.0/24 to 10.1.0.1/32 keep state group 100
> @2 pass in quick from 10.1.0.0/24 to any keep state group 100
> @19 block in log quick on ng0 from any to any head 200
> @1 pass in quick proto gre from any to 193.138.45.81/32 keep state group 200
> @2 pass in quick proto tcp from any to 193.138.45.81/32 port = 1723
> keep state group 200
> @3 pass in log first quick proto tcp from any to 192.168.0.2/32 port =
> 80 keep state group 200
> @4 pass in quick proto tcp/udp from any to 10.1.0.45/32 port = 6346
> keep state group 200
> @5 pass in quick proto tcp/udp from any to 10.1.0.56/32 port = 6347
> keep state group 200
> @20 block in log quick on xl0 from any to any head 300
> @1 pass in log first quick proto tcp from any to 193.138.45.81/32 port
> = 80 keep state group 300
> @2 pass in quick from 192.168.0.0/24 to !10.1.0.0/24 keep state group 300
> @21 block in log quick from any to any
>
> unparsed ipnat rules
>
> map ng0 10.1.0.0/24 -> 0/32 proxy port ftp ftp/tcp
> map ng0 10.1.0.0/24 -> 0/32 portmap tcp/udp auto
> map ng0 10.1.0.0/24 -> 0/32
> map ng0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp
> map ng0 192.168.0.0/24 -> 0/32 portmap tcp/udp auto
> map ng0 192.168.0.0/24 -> 0/32
> map ng0 /28 -> 0/32 proxy port ftp ftp/tcp
> map ng0 /28 -> 0/32 portmap tcp/udp auto
> map ng0 /28 -> 0/32
> rdr ng0 0/0 port 6346 -> 10.1.0.45 port 6346 tcp/udp
> rdr ng0 0/0 port 6347 -> 10.1.0.56 port 6347 tcp/udp
> rdr ng0 0/0 port 80 -> 192.168.0.2 port 80 tcp
>
> unparsed ipfilter rules
>
> # loopback
> pass in quick on lo0 all
> pass out quick on lo0 all
>
> # block short packets
> block in log quick all with short
>
> # block IP options
> block in log quick all with ipopts
>
> # allow access to DHCP server on LAN
> pass in quick on fxp0 proto udp from any port = 68 to 255.255.255.255 port = 67
> pass in quick on fxp0 proto udp from any port = 68 to 10.1.0.1 port = 67
> pass out quick on fxp0 proto udp from 10.1.0.1 port = 67 to any port = 68
>
> # WAN spoof check
> block in log quick on ng0 from 10.1.0.0/24 to any
> block in log quick on ng0 from 192.168.0.0/24 to any
>
> # allow our DHCP client out to the WAN
> # XXX - should be more restrictive
> # (not possible at the moment - need 'me' like in ipfw)
> pass out quick on ng0 proto udp from any port = 68 to any port = 67
> block in log quick on ng0 proto udp from any port = 67 to 10.1.0.0/24 port = 68
> pass in quick on ng0 proto udp from any port = 67 to any port = 68
>
> # LAN/OPT spoof check (needs to be after DHCP because of broadcast addresses)
> block in log quick on fxp0 from ! 10.1.0.0/24 to any
> block in log quick on xl0 from ! 192.168.0.0/24 to any
>
> # block anything from private networks on WAN interface
> block in log quick on ng0 from 10.0.0.0/8 to any
> block in log quick on ng0 from 127.0.0.0/8 to any
> block in log quick on ng0 from 172.16.0.0/12 to any
> block in log quick on ng0 from 192.168.0.0/16 to any
>
> # Block TCP packets that do not mark the start of a connection
> skip 1 in proto tcp all flags S/SAFR
> block in log quick proto tcp all
>
> #---------------------------------------------------------------------------
> # group head 100 - LAN interface
> #---------------------------------------------------------------------------
> block in log quick on fxp0 all head 100
>
> # let out anything from the firewall host itself and decrypted IPsec traffic
> pass out quick on fxp0 all keep state
>
> #---------------------------------------------------------------------------
> # group head 200 - WAN interface
> #---------------------------------------------------------------------------
> block in log quick on ng0 all head 200
>
> # let out anything from the firewall host itself and decrypted IPsec traffic
> pass out quick on ng0 all keep state
>
> #---------------------------------------------------------------------------
> # group head 300 - opt1 interface
> #---------------------------------------------------------------------------
> block in log quick on xl0 all head 300
>
> # let out anything from the firewall host itself and decrypted IPsec traffic
> pass out quick on xl0 all keep state
>
> # make sure the user cannot lock himself out of the webGUI
> pass in quick from 10.1.0.0/24 to 10.1.0.1 keep state group 100
>
> # PPTP rules
> pass in quick proto gre from any to 193.138.45.81 keep state group 200
> pass in quick proto tcp from any to 193.138.45.81 port = 1723 keep
> state group 200
>
> # User-defined rules follow
> pass in log first quick proto tcp from any to 192.168.0.2 port = 80
> keep state group 200
> pass in quick proto tcp/udp from any to 10.1.0.45 port = 6346 keep
> state group 200
> pass in quick proto tcp/udp from any to 10.1.0.56 port = 6347 keep
> state group 200
> pass in quick on ng1 proto tcp from any to any keep state
> pass in quick on ng2 proto tcp from any to any keep state
> pass in quick on ng3 proto tcp from any to any keep state
> pass in quick on ng4 proto tcp from any to any keep state
> pass in quick on ng5 proto tcp from any to any keep state
> pass in quick on ng6 proto tcp from any to any keep state
> pass in quick on ng7 proto tcp from any to any keep state
> pass in quick on ng8 proto tcp from any to any keep state
> pass in quick on ng9 proto tcp from any to any keep state
> pass in quick on ng10 proto tcp from any to any keep state
> pass in quick on ng11 proto tcp from any to any keep state
> pass in quick on ng12 proto tcp from any to any keep state
> pass in quick on ng13 proto tcp from any to any keep state
> pass in quick on ng14 proto tcp from any to any keep state
> pass in quick on ng15 proto tcp from any to any keep state
> pass in quick on ng16 proto tcp from any to any keep state
> pass in quick from 192.168.0.0/24 to !10.1.0.0/24 keep state group 300
> pass in quick from 10.1.0.0/24 to any keep state group 100
>
> #---------------------------------------------------------------------------
> # default rules (just to be sure)
> #---------------------------------------------------------------------------
> block in log quick all
> block out log quick all
>
> unparsed ipfw rules
>
> add 50000 set 4 pass all from 10.1.0.1 to any
> add 50001 set 4 pass all from any to 10.1.0.1
>
> resolv.conf
>
> domain jjakob.dyndns.org
> nameserver 212.93.226.5
> nameserver 212.93.226.6
>
> Processes
>
> USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
> root 1121 35.0 8.1 7168 6564 ?? SN 10:21AM 0:00.36
> /usr/local/bin/php status.php
> root 1143 0.0 1.1 1332 876 ?? SN 10:21AM 0:00.01 sh -c ps
> xauww 2>&1
> root 1122 0.0 1.6 2256 1268 ?? S 10:21AM 0:00.01
> /usr/local/sbin/mini_httpd -c **.php|**.cgi -u root -maxproc 16 -i
> /var/run/mini_httpd.pid
> root 545 0.0 1.0 1036 768 ?? SNs 8:56AM 0:00.17
> /usr/sbin/syslogd -s -f /var/etc/syslog.conf
> nobody 480 0.0 1.0 1020 788 ?? IN 8:44AM 0:00.08
> /usr/local/sbin/dnsmasq
> root 384 0.0 1.0 1104 824 ?? I 8:34AM 0:00.01
> /usr/local/bin/msntp -r -P no -l /var/run/msntp.pid -x 300
> ntp1.arnes.si
> root 133 0.0 1.1 1336 888 ?? I 8:32AM 0:00.01 /bin/sh
> /etc/rc.initial console
> root 112 0.0 1.8 2436 1464 ?? Is 8:32AM 0:00.10
> /usr/local/sbin/mpd -b -d /var/etc/mpd-vpn -p /var/run/mpd-vpn.pid
> pptpd
> root 108 0.0 1.0 1332 840 con- I 8:32AM 0:00.14 /bin/sh
> /usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid
> 300 ntp1.arnes.si
> root 104 0.0 1.5 1544 1244 con- S 8:32AM 0:00.52
> /usr/local/sbin/snmpd -c /var/etc/snmpd.conf -P /var/run/snmpd.pid
> root 101 0.0 0.9 952 684 con- I 8:32AM 0:00.01
> /usr/local/bin/ez-ipupdate -c /var/etc/ez-ipupdate.conf
> root 94 0.0 1.5 2248 1224 ?? Ss 8:32AM 0:00.17
> /usr/local/sbin/mini_httpd -c **.php|**.cgi -u root -maxproc 16 -i
> /var/run/mini_httpd.pid
> root 86 0.0 1.5 1456 1224 ?? Ss 8:32AM 0:00.26 /sbin/ipmon -sD
> root 73 0.0 1.7 2256 1348 ?? Ss 8:32AM 0:00.35
> /usr/local/sbin/mpd -b -d /var/etc -p /var/run/mpd.pid pppoe
> root 9 0.0 0.0 0 0 ?? DL 8:32AM 0:00.05 (vnlru)
> root 8 0.0 0.0 0 0 ?? DL 8:32AM 0:00.10 (syncer)
> root 7 0.0 0.0 0 0 ?? DL 8:32AM 0:00.05 (bufdaemon)
> root 6 0.0 0.0 0 0 ?? DL 8:32AM 0:00.01 (pagedaemon)
> root 5 0.0 0.0 0 0 ?? DL 8:32AM 0:00.00 (usbtask)
> root 4 0.0 0.0 0 0 ?? DL 8:32AM 0:00.00 (usb0)
> root 3 0.0 0.0 0 0 ?? DL 8:32AM 0:00.00 (taskqueue)
> root 2 0.0 0.0 0 0 ?? DL 8:32AM 0:00.00 (cryptoret)
> root 1 0.0 0.9 1060 696 ?? SLs 8:32AM 0:00.03 /sbin/init --
> root 1144 0.0 0.8 1080 676 ?? RN 10:21AM 0:00.00 ps xauww
> root 0 0.0 0.0 0 0 ?? DLs 8:32AM 0:00.00 (swapper)
>
> dhcpd.conf
>
> cat: /var/etc/dhcpd.conf: No such file or directory
>
> ez-ipupdate.cache
>
> 1156287028,193.138.45.81
>
> df
>
> Filesystem 512-blocks Used Avail Capacity Mounted on
> /dev/md0c 21758 20166 1592 93% /
> procfs 8 8 0 100% /proc
> /dev/ad0a 13822 11124 2698 80% /cf
>
> racoon.conf
>
> cat: /var/etc/racoon.conf: No such file or directory
>
> SPD
>
> No SPD entries.
>
> SAD
>
> No SAD entries.
>
> last 200 system log entries
>
> (this really is not neccessary, it only shows messages about PPPoE connecting)
>
> last 50 (10) filter log entries
>
> Aug 26 08:36:17 wall ipmon[86]: 08:36:17.036824 ng0 @0:17 b
> 63.245.209.21,80 -> 193.138.45.81,12477 PR tcp len 20 40 -AF IN
> Aug 26 08:36:19 wall ipmon[86]: 08:36:19.046806 ng0 @0:17 b
> 63.245.209.21,80 -> 193.138.45.81,12477 PR tcp len 20 40 -AF IN
> Aug 26 08:36:23 wall ipmon[86]: 08:36:23.058616 ng0 @0:17 b
> 63.245.209.21,80 -> 193.138.45.81,12477 PR tcp len 20 40 -AF IN
> Aug 26 08:36:31 wall ipmon[86]: 08:36:31.067866 ng0 @0:17 b
> 63.245.209.21,80 -> 193.138.45.81,12477 PR tcp len 20 40 -AF IN
> Aug 26 08:38:16 wall ipmon[86]: 08:38:16.300243 ng0 @0:19 b
> 24.155.40.246,42884 -> 193.138.45.81,80 PR tcp len 20 60 -S IN
> Aug 26 08:38:19 wall ipmon[86]: 08:38:19.299474 ng0 @0:19 b
> 24.155.40.246,42884 -> 193.138.45.81,80 PR tcp len 20 60 -S IN
> Aug 26 08:38:25 wall ipmon[86]: 08:38:25.299409 ng0 @0:19 b
> 24.155.40.246,42884 -> 193.138.45.81,80 PR tcp len 20 60 -S IN
> Aug 26 08:38:37 wall ipmon[86]: 08:38:37.299789 ng0 @0:19 b
> 24.155.40.246,42884 -> 193.138.45.81,80 PR tcp len 20 60 -S IN
> Aug 26 08:38:39 wall ipmon[86]: 08:38:39.694937 ng0 @0:19 b
> 204.16.209.59,32890 -> 193.138.45.81,1026 PR udp len 20 442 IN
> Aug 26 08:38:39 wall ipmon[86]: 08:38:39.698803 ng0 @0:19 b
> 204.16.209.59,32892 -> 193.138.45.81,1027 PR udp len 20 442 IN
> (this is a shortened output because of size, but it can still clearly
> be seen that the 4 HTTP requests have been blocked by rule @0:19)
>
> ls /conf
>
> config.xml
> ez-ipupdate.cache
>
> ls /var/run
>
> dev.db
> dnsmasq.dirty
> dnsmasq.pid
> ez-ipupdate.pid
> filter.conf.dirty
> htpasswd
> ipmon.pid
> ld-elf.so.hints
> log
> mini_httpd.pid
> mpd-vpn.pid
> mpd.pid
> msntp.pid
> runmsntp.pid
> snmpd.pid
> syslog.pid
> utmp
>
> config.xml
>
> <?xml version="1.0"?>
> <m0n0wall>
> <version>1.6</version>
> <lastchange>1156580454</lastchange>
> <system>
> <hostname>wall</hostname>
> <domain>jjakob.dyndns.org</domain>
> <dnsallowoverride/>
> <username>admin</username>
> <password>xxxxx</password>
> <timezone>Europe/Ljubljana</timezone>
> <time-update-interval>300</time-update-interval>
> <timeservers>ntp1.arnes.si</timeservers>
> <webgui>
> <protocol>http</protocol>
> <port/>
> <certificate/>
> <private-key/>
> <expanddiags/>
> </webgui>
> <harddiskstandby>5</harddiskstandby>
> <notes>OTYgTUIgUkFNDQozMzMgTUh6IENFTEVST04=</notes>
> </system>
> <interfaces>
> <lan>
> <if>fxp0</if>
> <ipaddr>10.1.0.1</ipaddr>
> <subnet>24</subnet>
> <media/>
> <mediaopt/>
> </lan>
> <wan>
> <if>rl0</if>
> <mtu/>
> <blockpriv/>
> <media/>
> <mediaopt/>
> <spoofmac/>
> <ipaddr>pppoe</ipaddr>
> </wan>
> <opt1>
> <if>xl0</if>
> <descr>DMZ</descr>
> <ipaddr>192.168.0.1</ipaddr>
> <subnet>24</subnet>
> <bridge/>
> <enable/>
> </opt1>
> </interfaces>
> <staticroutes/>
> <pppoe>
> <username>*******@dsl.*********</username>
> <password>xxxxx</password>
> <provider/>
> <timeout/>
> </pppoe>
> <pptp/>
> <bigpond/>
> <dyndns>
> <type>dyndns-static</type>
> <username>*********</username>
> <password>xxxxx</password>
> <host>jjakob.dyndns.org</host>
> <mx/>
> <server/>
> <port/>
> <enable/>
> <wildcard/>
> </dyndns>
> <dnsupdate>
> <host/>
> <ttl>60</ttl>
> <keyname/>
> <keydata/>
> </dnsupdate>
> <dhcpd>
> <lan>
> <range>
> <from>192.168.1.100</from>
> <to>192.168.1.199</to>
> </range>
> </lan>
> </dhcpd>
> <pptpd>
> <mode>server</mode>
> <redir/>
> <localip>192.168.0.234</localip>
> <remoteip/>
> <radius>
> <server/>
> <secret/>
> </radius>
> <req128/>
> <user>
> <name>*******</name>
> <ip/>
> <password>xxxxx</password>
> </user>
> </pptpd>
> <dnsmasq>
> <enable/>
> </dnsmasq>
> <snmpd>
> <syslocation/>
> <syscontact/>
> <rocommunity>public</rocommunity>
> <enable/>
> </snmpd>
> <diag>
> <ipv6nat>
> <ipaddr/>
> </ipv6nat>
> </diag>
> <bridge/>
> <syslog>
> <reverse/>
> <nentries>50</nentries>
> <remoteserver>10.1.0.45</remoteserver>
> <filter/>
> <system/>
> <enable/>
> <vpn/>
> <rawfilter/>
> </syslog>
> <nat>
> <rule>
> <protocol>tcp/udp</protocol>
> <external-port>6346</external-port>
> <target>10.1.0.45</target>
> <local-port>6346</local-port>
> <interface>wan</interface>
> <descr>gnutella jernej</descr>
> </rule>
> <rule>
> <protocol>tcp/udp</protocol>
> <external-port>6347</external-port>
> <target>10.1.0.56</target>
> <local-port>6347</local-port>
> <interface>wan</interface>
> <descr>gnutella silvo</descr>
> </rule>
> <rule>
> <protocol>tcp</protocol>
> <external-port>80</external-port>
> <target>192.168.0.2</target>
> <local-port>80</local-port>
> <interface>wan</interface>
> <descr>www</descr>
> </rule>
> <advancedoutbound/>
> </nat>
> <filter>
> <rule>
> <type>pass</type>
> <interface>wan</interface>
> <protocol>tcp</protocol>
> <source>
> <any/>
> </source>
> <destination>
> <address>192.168.0.2</address>
> <port>80</port>
> </destination>
> <log/>
> <descr>NAT www</descr>
> </rule>
> <rule>
> <type>pass</type>
> <interface>wan</interface>
> <protocol>tcp/udp</protocol>
> <source>
> <any/>
> </source>
> <destination>
> <address>10.1.0.45</address>
> <port>6346</port>
> </destination>
> <descr/>
> </rule>
> <rule>
> <type>pass</type>
> <interface>wan</interface>
> <protocol>tcp/udp</protocol>
> <source>
> <any/>
> </source>
> <destination>
> <address>10.1.0.56</address>
> <port>6347</port>
> </destination>
> <descr/>
> </rule>
> <rule>
> <type>pass</type>
> <interface>pptp</interface>
> <protocol>tcp</protocol>
> <source>
> <any/>
> </source>
> <destination>
> <any/>
> </destination>
> <descr>Default PPTP -> any</descr>
> </rule>
> <rule>
> <type>pass</type>
> <interface>opt1</interface>
> <source>
> <network>opt1</network>
> </source>
> <destination>
> <network>lan</network>
> <not/>
> </destination>
> <descr>allow DMZ anywhere but to LAN</descr>
> </rule>
> <rule>
> <type>pass</type>
> <descr>Default LAN -> any</descr>
> <interface>lan</interface>
> <source>
> <network>lan</network>
> </source>
> <destination>
> <any/>
> </destination>
> </rule>
> <tcpidletimeout/>
> </filter>
> <ipsec/>
> <aliases/>
> <proxyarp/>
> <wol/>
> <vlans/>
> <shaper>
> <magic>
> <p2plow/>
> <maxup>256</maxup>
> <maxdown>1000</maxdown>
> </magic>
> </shaper>
> </m0n0wall>
>
|
