ciudăţenie [solved]

10 posts / 0 new
Last post
A.Faith
ciudăţenie [solved]

originally posted here : http://forum.softpedia.com/index.php?showtopic=303417

Azi dimineaţă Clicknet mi-a făcut cadou un downtime de vreo 6 ore :rantcurse: . Fără să mă uit la modem, m-am aruncat repede să dau flush la firewall şi la alte prostii, crezând că de-acolo e problema, însă apoi am văzut speedtouch-ul 330 desincronizat. am restartat pc-ul (ca să nu mai bag manual toate liniile de firewall şi-aşa mai departe) setând un cron care să dea dial ppp0 din oră-n oră, ca să prindă momentu' când îşi revine conexiunea. asta s-a întâmplat pe la 8 şi ceva, înainte să plec la ore.
mă rog, m-am întors de la liceu pe la 3 şi un pic tot desincronizat era modemul, aşa că am şters cron-ul şi-am sunat la 08008-CLICK. Toate bune şi frumoase, mi-au spus că mai durează :confuzzled: . din fericire pe la 4 şi câteva minute şi-a revenit.
dau dial şi mă conectez la net. numa' că pe la 8 vine unchiul meu la mine (cu care împart netu') şi-mi zice că nu merge :rolleyes: .
dau repede fuguţa până acolo, crezând că iar şi-a băgat nasu' prin setări, dar totul era ok :mellow: .
Ip-ul, netmask, dns, gateway luate prin DHCP fără probleme, deci ... el iese din discuţie. Atunci, problema trebuie să fie de la mine, mi-am zis.
bun..
dau ifconfig :

[root@pc1 afaith]# ifconfig
	 eth0	  Link encap:Ethernet  HWaddr 00:0A:E6:2F:A0:05
			   inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
			   inet6 addr: fe80::20a:e6ff:fe2f:a005/64 Scope:Link
			   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
			   RX packets:40883 errors:0 dropped:0 overruns:0 frame:0
			   TX packets:7662 errors:0 dropped:0 overruns:0 carrier:0
			   collisions:0 txqueuelen:1000
			   RX bytes:2955488 (2.8 MiB)  TX bytes:2911066 (2.7 MiB)
			   Interrupt:20 Base address:0xf00
	 
	 lo		Link encap:Local Loopback
			   inet addr:127.0.0.1  Mask:255.0.0.0
			   inet6 addr: ::1/128 Scope:Host
			   UP LOOPBACK RUNNING  MTU:16436  Metric:1
			   RX packets:78649 errors:0 dropped:0 overruns:0 frame:0
			   TX packets:78649 errors:0 dropped:0 overruns:0 carrier:0
			   collisions:0 txqueuelen:0
			   RX bytes:18751738 (17.8 MiB)  TX bytes:18751738 (17.8 MiB)
	 
	 nas0	  Link encap:Ethernet  HWaddr 00:0E:50:DB:45:A0
			   inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
			   inet6 addr: fe80::20e:50ff:fedb:45a0/64 Scope:Link
			   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
			   RX packets:57781 errors:0 dropped:0 overruns:0 frame:0
			   TX packets:47135 errors:0 dropped:0 overruns:0 carrier:0
			   collisions:0 txqueuelen:1000
			   RX bytes:60912740 (58.0 MiB)  TX bytes:7928094 (7.5 MiB)
	 
	 ppp0	  Link encap:Point-to-Point Protocol
			   inet addr:92.80.200.*  P-t-P:92.80.192.254  Mask:255.255.255.255
			   UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
			   RX packets:57621 errors:0 dropped:0 overruns:0 frame:0
			   TX packets:46963 errors:0 dropped:0 overruns:0 carrier:0
			   collisions:0 txqueuelen:3
			   RX bytes:60444342 (57.6 MiB)  TX bytes:6417827 (6.1 MiB)
	 
	 [root@pc1 afaith]#

totul în regulă

ping google.ro

[root@pc1 afaith]# ping google.ro -c 5
	 PING google.ro (72.14.221.104) 56(84) bytes of data.
	 64 bytes from fg-in-f104.google.com (72.14.221.104): icmp_seq=1 ttl=244 time=45.5 ms
	 64 bytes from fg-in-f104.google.com (72.14.221.104): icmp_seq=2 ttl=244 time=47.5 ms
	 64 bytes from fg-in-f104.google.com (72.14.221.104): icmp_seq=3 ttl=244 time=45.4 ms
	 64 bytes from fg-in-f104.google.com (72.14.221.104): icmp_seq=4 ttl=244 time=44.3 ms
	 64 bytes from fg-in-f104.google.com (72.14.221.104): icmp_seq=5 ttl=244 time=48.2 ms
	 
	 --- google.ro ping statistics ---
	 5 packets transmitted, 5 received, 0% packet loss, time 3999ms
	 rtt min/avg/max/mdev = 44.352/46.221/48.294/1.466 ms

mă gândesc apoi la vechea mea problemă, default route.

 [root@pc1 afaith]# route -n
 Kernel IP routing table
 Destination	 Gateway		 Genmask		 Flags Metric Ref	Use Iface
 92.80.192.254   0.0.0.0		 255.255.255.255 UH	0	  0		0 ppp0
 192.168.1.0	 0.0.0.0		 255.255.255.0   U	 0	  0		0 eth0
 0.0.0.0		 0.0.0.0		 0.0.0.0		 U	 0	  0		0 ppp0
 [root@pc1 afaith]#

totul pare şi aici în regulă (deşi sincer, parcă ar fi mai puţine decât de obicei)

firewall-ul, îmi zic eu în minte.
folosesc un shorewall care vine default cu mandriva, pe care-l ţin în frâu din Webmin.

[root@pc1 afaith]# iptables -nL
	 Chain INPUT (policy DROP)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0
	 Ifw		0	--  0.0.0.0/0			0.0.0.0/0
	 eth0_in	0	--  0.0.0.0/0			0.0.0.0/0
	 ppp0_in	0	--  0.0.0.0/0			0.0.0.0/0
	 Reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 LOG		0	--  0.0.0.0/0			0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'
	 reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain FORWARD (policy DROP)
	 target	 prot opt source			   destination
	 eth0_fwd   0	--  0.0.0.0/0			0.0.0.0/0
	 ppp0_fwd   0	--  0.0.0.0/0			0.0.0.0/0
	 Reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 LOG		0	--  0.0.0.0/0			0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'
	 reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain OUTPUT (policy DROP)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0
	 eth0_out   0	--  0.0.0.0/0			0.0.0.0/0
	 ppp0_out   0	--  0.0.0.0/0			0.0.0.0/0
	 Reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 LOG		0	--  0.0.0.0/0			0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:'
	 reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain Drop (1 references)
	 target	 prot opt source			   destination
	 reject	 tcp  --  0.0.0.0/0			0.0.0.0/0		   tcp dpt:113
	 dropBcast  0	--  0.0.0.0/0			0.0.0.0/0
	 ACCEPT	 icmp --  0.0.0.0/0			0.0.0.0/0		   icmp type 3 code 4
	 ACCEPT	 icmp --  0.0.0.0/0			0.0.0.0/0		   icmp type 11
	 dropInvalid  0	--  0.0.0.0/0			0.0.0.0/0
	 DROP	   udp  --  0.0.0.0/0			0.0.0.0/0		   multiport dports 135,445
	 DROP	   udp  --  0.0.0.0/0			0.0.0.0/0		   udp dpts:137:139
	 DROP	   udp  --  0.0.0.0/0			0.0.0.0/0		   udp spt:137 dpts:1024:65535
	 DROP	   tcp  --  0.0.0.0/0			0.0.0.0/0		   multiport dports 135,139,445
	 DROP	   udp  --  0.0.0.0/0			0.0.0.0/0		   udp dpt:1900
	 dropNotSyn  tcp  --  0.0.0.0/0			0.0.0.0/0
	 DROP	   udp  --  0.0.0.0/0			0.0.0.0/0		   udp spt:53
	 
	 Chain Ifw (1 references)
	 target	 prot opt source			   destination
	 
	 Chain Reject (4 references)
	 target	 prot opt source			   destination
	 reject	 tcp  --  0.0.0.0/0			0.0.0.0/0		   tcp dpt:113
	 dropBcast  0	--  0.0.0.0/0			0.0.0.0/0
	 ACCEPT	 icmp --  0.0.0.0/0			0.0.0.0/0		   icmp type 3 code 4
	 ACCEPT	 icmp --  0.0.0.0/0			0.0.0.0/0		   icmp type 11
	 dropInvalid  0	--  0.0.0.0/0			0.0.0.0/0
	 reject	 udp  --  0.0.0.0/0			0.0.0.0/0		   multiport dports 135,445
	 reject	 udp  --  0.0.0.0/0			0.0.0.0/0		   udp dpts:137:139
	 reject	 udp  --  0.0.0.0/0			0.0.0.0/0		   udp spt:137 dpts:1024:65535
	 reject	 tcp  --  0.0.0.0/0			0.0.0.0/0		   multiport dports 135,139,445
	 DROP	   udp  --  0.0.0.0/0			0.0.0.0/0		   udp dpt:1900
	 dropNotSyn  tcp  --  0.0.0.0/0			0.0.0.0/0
	 DROP	   udp  --  0.0.0.0/0			0.0.0.0/0		   udp spt:53
	 
	 Chain all2all (0 references)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0		   state RELATED,ESTABLISHED
	 Reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 LOG		0	--  0.0.0.0/0			0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:'
	 reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain dropBcast (2 references)
	 target	 prot opt source			   destination
	 DROP	   0	--  0.0.0.0/0			0.0.0.0/0		   PKTTYPE = broadcast
	 DROP	   0	--  0.0.0.0/0			0.0.0.0/0		   PKTTYPE = multicast
	 
	 Chain dropInvalid (2 references)
	 target	 prot opt source			   destination
	 DROP	   0	--  0.0.0.0/0			0.0.0.0/0		   state INVALID
	 
	 Chain dropNotSyn (2 references)
	 target	 prot opt source			   destination
	 DROP	   tcp  --  0.0.0.0/0			0.0.0.0/0		   tcp flags:!0x17/0x02
	 
	 Chain dynamic (4 references)
	 target	 prot opt source			   destination
	 
	 Chain eth0_fwd (1 references)
	 target	 prot opt source			   destination
	 dynamic	0	--  0.0.0.0/0			0.0.0.0/0		   state INVALID,NEW
	 loc2net	0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain eth0_in (1 references)
	 target	 prot opt source			   destination
	 dynamic	0	--  0.0.0.0/0			0.0.0.0/0		   state INVALID,NEW
	 ACCEPT	 udp  --  0.0.0.0/0			0.0.0.0/0		   udp dpts:67:68
	 loc2fw	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain eth0_out (1 references)
	 target	 prot opt source			   destination
	 ACCEPT	 udp  --  0.0.0.0/0			0.0.0.0/0		   udp dpts:67:68
	 fw2loc	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain fw2loc (1 references)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0		   state RELATED,ESTABLISHED
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain fw2net (1 references)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0		   state RELATED,ESTABLISHED
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain loc2fw (1 references)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0		   state RELATED,ESTABLISHED
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain loc2net (1 references)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0		   state RELATED,ESTABLISHED
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain logdrop (0 references)
	 target	 prot opt source			   destination
	 LOG		0	--  0.0.0.0/0			0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:logdrop:DROP:'
	 DROP	   0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain logreject (0 references)
	 target	 prot opt source			   destination
	 LOG		0	--  0.0.0.0/0			0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:logreject:REJECT:'
	 reject	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain net2all (2 references)
	 target	 prot opt source			   destination
	 ACCEPT	 0	--  0.0.0.0/0			0.0.0.0/0		   state RELATED,ESTABLISHED
	 Drop	   0	--  0.0.0.0/0			0.0.0.0/0
	 LOG		0	--  0.0.0.0/0			0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:'
	 DROP	   0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain ppp0_fwd (1 references)
	 target	 prot opt source			   destination
	 dynamic	0	--  0.0.0.0/0			0.0.0.0/0		   state INVALID,NEW
	 net2all	0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain ppp0_in (1 references)
	 target	 prot opt source			   destination
	 dynamic	0	--  0.0.0.0/0			0.0.0.0/0		   state INVALID,NEW
	 net2all	0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain ppp0_out (1 references)
	 target	 prot opt source			   destination
	 fw2net	 0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain reject (11 references)
	 target	 prot opt source			   destination
	 DROP	   0	--  0.0.0.0/0			0.0.0.0/0		   PKTTYPE = broadcast
	 DROP	   0	--  0.0.0.0/0			0.0.0.0/0		   PKTTYPE = multicast
	 DROP	   0	--  255.255.255.255	  0.0.0.0/0
	 DROP	   0	--  224.0.0.0/4		  0.0.0.0/0
	 REJECT	 tcp  --  0.0.0.0/0			0.0.0.0/0		   reject-with tcp-reset
	 REJECT	 udp  --  0.0.0.0/0			0.0.0.0/0		   reject-with icmp-port-unreachable
	 REJECT	 icmp --  0.0.0.0/0			0.0.0.0/0		   reject-with icmp-host-unreachable
	 REJECT	 0	--  0.0.0.0/0			0.0.0.0/0		   reject-with icmp-host-prohibited
	 
	 Chain shorewall (0 references)
	 target	 prot opt source			   destination
	 
	 Chain smurfs (0 references)
	 target	 prot opt source			   destination
	 LOG		0	--  192.168.1.255		0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
	 DROP	   0	--  192.168.1.255		0.0.0.0/0
	 LOG		0	--  255.255.255.255	  0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
	 DROP	   0	--  255.255.255.255	  0.0.0.0/0
	 LOG		0	--  224.0.0.0/4		  0.0.0.0/0		   LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
	 DROP	   0	--  224.0.0.0/4		  0.0.0.0/0
	 [root@pc1 afaith]#

şi

[root@pc1 afaith]# iptables -t nat -nL
	 Chain PREROUTING (policy ACCEPT)
	 target	 prot opt source			   destination
	 
	 Chain POSTROUTING (policy ACCEPT)
	 target	 prot opt source			   destination
	 ppp0_masq  0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain OUTPUT (policy ACCEPT)
	 target	 prot opt source			   destination
	 
	 Chain ppp0_masq (1 references)
	 target	 prot opt source			   destination
	 MASQUERADE  0	--  192.168.1.0/24	   0.0.0.0/0
	 [root@pc1 afaith]#

îmi e prea lene să descifrez ce e pe acolo,aşa că revin la un firewall minimal (totul pe accept + masquerade)

[root@pc1 afaith]# iptables -nL
	 Chain INPUT (policy ACCEPT)
	 target	 prot opt source			   destination
	 
	 Chain FORWARD (policy ACCEPT)
	 target	 prot opt source			   destination
	 
	 Chain OUTPUT (policy ACCEPT)
	 target	 prot opt source			   destination
	 [root@pc1 afaith]#

[root@pc1 afaith]# iptables -t nat -nL
	 Chain PREROUTING (policy ACCEPT)
	 target	 prot opt source			   destination
	 
	 Chain POSTROUTING (policy ACCEPT)
	 target	 prot opt source			   destination
	 MASQUERADE  0	--  0.0.0.0/0			0.0.0.0/0
	 
	 Chain OUTPUT (policy ACCEPT)
	 target	 prot opt source			   destination
	 [root@pc1 afaith]#

dau repede fuguţa prin vecini să văd ce şi cum şi .. pauză :mellow:
băi.. ce să fie ce să fie ..
mă gândesc la DNS-uri :

[root@pc1 afaith]# cat /etc/resolv.conf
	 nameserver 193.231.100.130 # ppp temp entry
	 nameserver 193.231.100.134 # ppp temp entry
	 [root@pc1 afaith]#

sunt în regulă

mă gândesc apoi la ordinea de rezolvare a unei adrese

	 [root@pc1 afaith]# cat /etc/nsswitch.conf|grep hosts
	 hosts:  files dns
	 [root@pc1 afaith]#

şi-aici e totul în regulă....

să fie din dnsmasq ? păi de rulat rulează,

[root@pc1 afaith]# service dnsmasq status
	 dnsmasq (pid 6930) is running...
	 [root@pc1 afaith]#

la config nu mi-am băgat nasu' de nicio culoare de când l-am instalat, aşa că nu sunt probleme. deci, ce-ar trebui să mai fac ? mă seacă problema asta ... deja ... deja mă scoate din minţi! pur şi simplu nu-mi explic de unde a apărut problema :mellow:

A.Faith
Raspuns: ciudăţenie

şi ping-ul merge în ambele sensuri

Lumea lui A.Faith --> http://afaith.eu
###############################
There is no patch for human stupidity
###############################

join #mandrivaro on FreeNode!

A.Faith
Raspuns: ciudăţenie

problema a intuit-o bigguy92, de pe softpedia :
echo 1 > /proc/sys/net/ipv4/ip_forward

pentru un ***** de comandă, mi-am făcut un car de nervi ... damn it!

Lumea lui A.Faith --> http://afaith.eu
###############################
There is no patch for human stupidity
###############################

join #mandrivaro on FreeNode!

ing. Patkos Csaba
ing. Patkos Csaba's picture
Raspuns: ciudăţenie

TOCMAI ITI RASPUNDEAM.... :), TOTUSI IL LAS POSTAT
===============

;D Nu e chiar asa ciudat.
Parerea mea sa incerci urmatoarele:
- vezi fisierul:

[eddiep@localhost ~]$ cat /proc/sys/net/ipv4/ip_forward
1
[eddiep@localhost ~]$       

Daca nu "1" nu-ti va merge => activeaza forwarding pe placile de retea

- renunta la shorewall, eu nu pot sa-l tin in frau sub nici o forma, prefer varianta manuala

- foloseste snat sau dnat, nu masquarade, in unele situatii ajuta

Csabi's BLOG

Linux registered user # 457717

A.Faith
Raspuns: ciudăţenie [solved]

ing. Patkos Csaba wrote:
TOCMAI ITI RASPUNDEAM.... :), TOTUSI IL LAS POSTAT
===============

;D Nu e chiar asa ciudat.
Parerea mea sa incerci urmatoarele:
- vezi fisierul:

[eddiep@localhost ~]$ cat /proc/sys/net/ipv4/ip_forward
1
[eddiep@localhost ~]$       

Daca nu "1" nu-ti va merge => activeaza forwarding pe placile de retea

- renunta la shorewall, eu nu pot sa-l tin in frau sub nici o forma, prefer varianta manuala

- foloseste snat sau dnat, nu masquarade, in unele situatii ajuta

shorewall folosesc pentru că webmin are un webgui trăznet şi merge brici! până acuma, n-a dat gherlă deloc. când e vorba de probleme, revin la o versiune minimală de iptables şi scot firewall-ul din ecuaţie.
snat şi dnat nu pot folosi, pentru că am ip dinamic alocat prin dhcp de către clicknet (conexiune PPPoE)

Lumea lui A.Faith --> http://afaith.eu
###############################
There is no patch for human stupidity
###############################

join #mandrivaro on FreeNode!

ing. Patkos Csaba
ing. Patkos Csaba's picture
Raspuns: ciudăţenie [solved]

dap, ai dreptate, ... retrag partea cu snat si dnat  ;)

Csabi's BLOG

Linux registered user # 457717

Anonymous
Raspuns: ciudăţenie [solved]

Uite o line care te-ar putea ajuta la configurarea unui firewall sau a unui script care sa faca doar snat sau dnat, in cazul in care ai IP alocat dinamic

ifconfig eth0 | fgrep 'inet addr' | cut -d : -f 2 | cut -d \  -f 1

dupa aceasta linie o sa iti afiseza strict doar IP-ul tau pe interfata eth0 in cazul de mai sus, pt tine fiind vorba de ppp0

Bafta

A.Faith
Raspuns: ciudăţenie [solved]

Claudiu wrote:
Uite o line care te-ar putea ajuta la configurarea unui firewall sau a unui script care sa faca doar snat sau dnat, in cazul in care ai IP alocat dinamic

ifconfig eth0 | fgrep 'inet addr' | cut -d : -f 2 | cut -d \  -f 1

dupa aceasta linie o sa iti afiseza strict doar IP-ul tau pe interfata eth0 in cazul de mai sus, pt tine fiind vorba de ppp0

Bafta

mersi de intenţie, însă explică-mi şi mie (dacă poţi/vrei/ai chef/etc.) care-s avantajele folosiri dnat/snat şi nu a funcţiei masquerade ? (n-o zic ironic, chiar vorbesc serios)

Lumea lui A.Faith --> http://afaith.eu
###############################
There is no patch for human stupidity
###############################

join #mandrivaro on FreeNode!

admin
admin's picture
Raspuns: ciudăţenie [solved]

As of RFC 2663, NAT and IP Masquerading are the same thing. Once upon a time, NAT required your own externally addressable subnet (you'd have had to pay for your own class A, B, or C address block). This is, however, no longer true. Official NAT is now more than happy to work with the nonrouted subnets of 192.168.x.x, 172.16.x.x, and 10.x.x.x . While I used to say that for all intents and purposes, NAT is IP Masquerading is NAT, I can now correctly say that they are indeed the same thing. Linux just insists on calling NAT by the name of IP Masquerading. What did old Will Shakespeare say? A rose by any other name…?

A.Faith
Raspuns: ciudăţenie [solved]

maaxx wrote:
As of RFC 2663, NAT and IP Masquerading are the same thing. Once upon a time, NAT required your own externally addressable subnet (you'd have had to pay for your own class A, B, or C address block). This is, however, no longer true. Official NAT is now more than happy to work with the nonrouted subnets of 192.168.x.x, 172.16.x.x, and 10.x.x.x . While I used to say that for all intents and purposes, NAT is IP Masquerading is NAT, I can now correctly say that they are indeed the same thing. Linux just insists on calling NAT by the name of IP Masquerading. What did old Will Shakespeare say? A rose by any other name…?

mersi maaxx - şi eu sunt de acord 100% cu nenea Shakespeare

Lumea lui A.Faith --> http://afaith.eu
###############################
There is no patch for human stupidity
###############################

join #mandrivaro on FreeNode!