l0rd
25.05.06, 21:41
Hi, hab mal wieder ein Problemchen mit meinem Router
nachdem die Festplatte, auf der Fli4l 2* lief abgenippelt war hab ich mich zur Installation von der neueren Version entschlossen... Läuft auch alles soweit, bis auf das Portforwarding...:(
Wenn ich die TCP-Ports 4661-4664 auf den Rechner mit der IP 192.168.6.52 weiterleiten möchte, dann müsste ich laut Manual (S. 73) eine Zeile wie PREROUTING_LIST_1='prot:tcp dynamic:4661-4664 DNAT:192.168.6.52' in die Konfiguration eintragen... nur leider kommen die Ports trotzdem nicht an:/
bei Version 2.* musste zusätzlich zu den PORTFW-Einträgen auch ncoh die der Firewall angepasst werden, ist das immer noch so? ich finde solch einen Eintrag nicht:(
hier mal meine base.conf
##-----------------------------------------------------------------------------
## base.txt - fli4l configuration parameters 3.0.1
##
## You can edit/change this file with any text editor.
##
## P L E A S E R E A D T H E D O C U M E N T A T I O N ,
## S E E R E A D M E . T X T
##
## B I T T E U N B E D I N G T D I E D O K U M E N T A T I O N
## L E S E N , S I E H E R E A D M E . T X T
##
## Creation: 26.06.2001 fm
## Last Update: $Id: base.txt 11071 2006-02-23 13:46:01Z hh $
##
## Copyright (c) 2001-2005 Frank Meyer <frank@fli4l.de>
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or
## (at your option) any later version.
##-----------------------------------------------------------------------------
#------------------------------------------------------------------------------
# General settings:
#------------------------------------------------------------------------------
HOSTNAME='fli4l' # name of fli4l router
PASSWORD='*******' # password for root login (console, sshd, imond)
BOOT_TYPE='hd' # boot device: fd, fdx2, dualfd, hd, cd, ls120,
# integrated, attached, netboot, pxeboot
# (cd, cdemul, hd and ls120 need an
# installed opt hd)
MOUNT_BOOT='rw' # mount boot device (floppy): ro, rw, no
TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0'
# description of local time zone,
# don't touch without reading documentation
KERNEL_VERSION='2.4.32' # kernel version
KERNEL_BOOT_OPTION='' # append option to kernel command line
COMP_TYPE_KERNEL='gzip' # compression-type for kernel: gzip, bzip2
COMP_TYPE_ROOTFS='gzip' # compression-type for rootfs: gzip, bzip2
IP_CONNTRACK_MAX='' # override maximum limit of connection
# tracking entries
POWEROFF_ON_HALT='no' # power off after shutting down the machine
REAL_MODE_POWEROFF='no' # switch to real mode before invoking
# apm power off
#------------------------------------------------------------------------------
# Localisation
#------------------------------------------------------------------------------
LOCALE='de' # defines the default language for several
# components, such as menu and httpd
#------------------------------------------------------------------------------
# Mount extra floppy drive to /floppy:
#------------------------------------------------------------------------------
OPT_MOUNTFLOPPY='no' # mount extra floppy drive: first, second, no
#------------------------------------------------------------------------------
# Console settings (serial console, blank time):
#------------------------------------------------------------------------------
CONSOLE_BLANK_TIME='' # time in minutes (1-60) to blank
# console; '0' = never, '' = system default
SER_CONSOLE='no' # use serial interface instead of or as
# additional output device and main input device
SER_CONSOLE_IF='0' # serial interface to use, 0 for ttyS0 (COM1)
SER_CONSOLE_RATE='9600' # baudrate for serial console
SER_BEEP='no' # enable beep after boot and shutdown
#------------------------------------------------------------------------------
# Debug Settings:
#------------------------------------------------------------------------------
DEBUG_STARTUP='no' # write an execution trace of the boot
DEBUG_LOG='' # sequence to file DEBUG_LOG or console if
# DEBUG_LOG is empty
#------------------------------------------------------------------------------
# Show service menu after login:
#------------------------------------------------------------------------------
OPT_MENU='yes' # service menu for users
MENU_LANGUAGE='' # language for the service menu; defaults to
# 'LOCALE' if left empty
#------------------------------------------------------------------------------
# Keyboard layout
#------------------------------------------------------------------------------
KEYBOARD_LOCALE='auto' # auto: use most common keyboard layout for
# the language specified in 'LOCALE'
OPT_MAKEKBL='no' # set to 'yes' to make a new local keyboard
# layout map on the fli4l-router
#------------------------------------------------------------------------------
# Ethernet card drivers:
#
#------------------------------------------------------------------------------
NET_DRV_N='1' # number of ethernet drivers to load, usually 1
NET_DRV_1='8139too' # 1st driver: name (e.g. NE2000 PCI clone)
NET_DRV_1_OPTION='' # 1st driver: additional option
#------------------------------------------------------------------------------
# Ether networks used with IP protocol:
#------------------------------------------------------------------------------
IP_NET_N='1' # number of IP ethernet networks, usually 1
IP_NET_1='192.168.6.1/24' # IP address of your n'th ethernet card and
# netmask in CIDR (no. of set bits)
IP_NET_1_DEV='eth0' # required: device name like ethX
#------------------------------------------------------------------------------
# Additional routes, optional
#------------------------------------------------------------------------------
IP_ROUTE_N='0' # number of additional routes
#------------------------------------------------------------------------------
# Packetfilter configuration; there are two styles, old and new -
# you have to choose one of them.
#
# Please choose the new packet filter configuration, the old one is
# deprecated and only provided for compatibility reasons. During boot
# up the configuration will be translated to the new configuration,
# printed to the screen and written to bootmsg.txt to allow for an
# easy migration to the new config style.
#
# Old style packet filter config - set ORIG_FW_CONFIG='yes' to use
# this version
#------------------------------------------------------------------------------
ORIG_FW_CONFIG='no'
#------------------------------------------------------------------------------
# New style packet filter config - set NEW_FW_CONFIG='yes' to use this
# version
#------------------------------------------------------------------------------
NEW_FW_CONFIG='yes' # new style packet filter config: yes/no
INPUT_POLICY='REJECT' # be nice and use reject as policy
INPUT_ACCEPT_DEF='yes' # use default rule set
INPUT_LOG='no' # don't log anything
INPUT_REJ_LIMIT='1/second:5' # reject 1 connection per second; allow a
# burst of 5 events; otherwise
# drop packet
INPUT_UDP_REJ_LIMIT='1/second:5' # reject 1 udp packet per second; allow a
# burst of 5 events; otherwise drop packet
INPUT_LIST_N='1'
INPUT_LIST_1='IP_NET_1 ACCEPT' # allow all hosts in the local
# network access to the router
INPUT_LIST_2='tmpl:samba DROP NOLOG' # drop (or reject) samba access
# without logging, otherwise the log
# file will be filled with useless
# entries
FORWARD_POLICY='REJECT' # be nice and use reject as policy
FORWARD_ACCEPT_DEF='yes' # use default rule set
FORWARD_LOG='no' # don't log anything
FORWARD_REJ_LIMIT='1/second:5' # reject 1 connection per second; allow a
# burst of 5 events; otherwise
# drop packet
FORWARD_UDP_REJ_LIMIT='1/second:5' # reject 1 udp packet per second; allow
# a burst of 5 events; otherwise
# drop packet
FORWARD_LIST_N='2'
FORWARD_LIST_1='tmpl:samba DROP' # drop samba traffic if it tries
# to leave the subnet
FORWARD_LIST_2='IP_NET_1 ACCEPT' # accept everything else
POSTROUTING_LIST_N='1'
POSTROUTING_LIST_1='IP_NET_1 MASQUERADE' # masquerade traffic leaving
# the subnet
PREROUTING_LIST_N='1'
PREROUTING_LIST_1='prot:tcp dynamic:4661-4664 DNAT:192.168.6.52'
#------------------------------------------------------------------------------
# Simple DMZ setup for dial-up based routers -- see documentation
#------------------------------------------------------------------------------
OPT_DMZ='no'
#------------------------------------------------------------------------------
# Optional package: PORTFW
#------------------------------------------------------------------------------
PORTFW_N='0' # how many portforwardings to set up
#------------------------------------------------------------------------------
# Masq modules
#------------------------------------------------------------------------------
MASQ_MODULE_N='1' # load n masq modules (default: only ftp)
MASQ_MODULE_1='ftp' # ftp
MASQ_MODULE_1_OPTION='' # options, see documentation
#------------------------------------------------------------------------------
# Domain configuration:
#------------------------------------------------------------------------------
DOMAIN_NAME='wes.lan' # your domain name
DNS_FORWARDERS='212.185.252.73 194.25.0.69' # DNS servers of your provider,
# e.g. ns.n-ix.net
OPT_DNS='yes' # start dns server: yes or no
DNS_TRIGGER_DIAL_IN='yes' # trigger a dial-in before
# forwarding requests
DNS_LISTENIP_N='0' # if 0 then listen on all interfaces
DNS_LISTENIP_1='IP_NET_1_IPADDR' # first IP to listen on
DNS_VERBOSE='no' # log queries into syslog
DNS_MX_SERVER='' # fqdn of the mx for your DOMAIN
DNS_FORBIDDEN_N='0' # number of forbidden domains
DNS_FORBIDDEN_1='foo.bar' # 1st forbidden domain
DNS_FORBIDDEN_2='bar.foo' # 2nd forbidden domain
DNS_REDIRECT_N='0' # number of redirected domains
DNS_REDIRECT_1='foo.bar.foo' # 1st redirected domain
DNS_REDIRECT_1_IP='192.168.6.100' # IP of redirected domain
DNS_BOGUS_PRIV='yes' # fake reverse lookups for RFC1918
# private address ranges
DNS_FILTERWIN2K='yes' # filters useless windows-originated DNS
# requests and blocks all SRV requests
# Special DNS configuration
#--------------------------
DNS_SPECIAL_N='0' # number of special
# dns servers, normally 0
HOSTS_N='10' # number of hosts in your domain
# 1st host:
HOST_1_NAME='fli4l' # name or aliasname e.g. "HOSTNAME"
HOST_1_IP='192.168.6.1' # IP or aliasname e.g. "IP_NET_1_IPADDR"
HOST_1_ALIAS_N='2' # number of optional alias names
HOST_1_ALIAS_1='router.wes.lan' # 1st optional alias name
HOST_1_ALIAS_2='gateway.wes.lan'
# 2nd host:
HOST_2_NAME='netgear' # name
HOST_2_IP='192.168.6.2' # IP # optional mac address used by dhcpd
# 3rd host:
HOST_3_NAME='wlan' # name
HOST_3_IP='192.168.6.3'
HOST_3_ALIAS_N='1'
HOST_3_ALIAS_1='accesspoint.wes.lan'
# 4th host:
HOST_4_NAME='ibook' # name
HOST_4_IP='192.168.6.51' # IP
HOST_4_DHCPTYP='mac'
HOST_4_MAC='00:14:51:7a:58:3b'
HOST_4_ALIAS_N='1'
HOST_4_ALIAS_1='mobile.******.wes.lan'
HOST_5_NAME='******dose'
HOST_5_IP='192.168.6.52'
HOST_5_DHCPTYP='mac'
HOST_5_MAC='00:0c:6e:e1:bb:bd'
HOST_5_ALIAS_N='1'
HOST_5_ALIAS_1='workstation.******.wes.lan'
HOST_6_NAME='*******xbox'
HOST_6_IP='192.168.6.53'
HOST_6_DHCPTYP='mac'
HOST_6_MAC='00:50:f2:85:88:97'
HOST_6_ALIAS_N='1'
HOST_6_ALIAS_1='xbox.******.wes.lan'
HOST_7_NAME='****'
HOST_7_IP='192.168.6.61'
HOST_7_DHCPTYP='mac'
HOST_7_MAC='00:04:61:49:d3:42'
HOST_7_ALIAS_N='1'
HOST_7_ALIAS_1='workstation.*********.wes.lan'
HOST_8_NAME='******'
HOST_8_IP='192.168.6.71'
HOST_8_DHCPTYP='mac'
HOST_8_MAC='00:b0:d0:a1:23:0e'
HOST_8_ALIAS_N='1'
HOST_8_ALIAS_1='workstation.********.wes.lan'
HOST_9_NAME='office'
HOST_9_IP='192.168.6.81'
HOST_9_DHCPTYP='mac'
HOST_9_MAC='00:50:bf:77:bd:ff'
HOST_9_ALIAS_N='1'
HOST_9_ALIAS_1='office.public.wes.lan'
HOST_10_NAME='empore'
HOST_10_IP='192.168.6.82'
HOST_10_DHCPTYP='mac'
HOST_10_MAC='00:a0:cc:7a:e4:6e'
HOST_10_ALIAS_N='1'
HOST_10_ALIAS_1='empore.public.wes.lan'
#------------------------------------------------------------------------------
# DNSMASQ-DHCP server
#------------------------------------------------------------------------------
OPT_DNSDHCP='yes' # activate DHCP server: yes or no
DNSDHCP_LS_TIME_DYN='3600' # default time for dynamic leases: 1 hour
DNSDHCP_MAX_LS_TIME_DYN='7200' # max time for dynamic leases: 2 hours
DNSDHCP_LS_TIME_FIX='86400' # default time for fix leases: 1 day
DNSDHCP_MAX_LS_TIME_FIX='604800' # max time for fix leases: 1 week
DNSDHCP_LEASES_DIR='/boot' # don't touch this until you
# have read the manual!
DNSDHCP_WINSSERVER_1='' # IP-address of 1st external wins-server
# (don't use if OPT_NMBD='yes'!)
DNSDHCP_WINSSERVER_2='' # IP-address of 2nd external wins-server
# (don't use if OPT_NMBD='yes'!)
# Parameters for local Networks
# -----------------------------
DNSDHCP_RANGE_1_START='192.168.6.100' # start-IP of n'th ethernet,
# see IP_NET_N
DNSDHCP_RANGE_1_END='192.168.6.200' # end-IP of n'th ethernet,
# see IP_NET_N
DNSDHCP_RANGE_1_DNS_SERVER='' # if empty the IP of interface
# IP_NET_N is used;
# if set to 'none' no
# dns-server is transmitted
DNSDHCP_RANGE_1_NTP_SERVER='' # if empty and OPT_CHRONY='yes'
# the IP of interface IP_NET_N
# is used; if set to 'none' no
# ntp-server is transmitted
DNSDHCP_RANGE_1_GATEWAY='' # if empty the IP of interface
# IP_NET_N is used;
# if set to 'none' no
# gateway is transmitted
# Parameters for extra Networks (via relay)
# -----------------------------------------
DNSDHCP_EXTRA_RANGE_N='0' # number of extra ranges
DNSDHCP_EXTRA_RANGE_1_START='192.168.8.2' # start-IP of n'th extra range
DNSDHCP_EXTRA_RANGE_1_END='192.168.8.50' # end-IP of n'th extra range
DNSDHCP_EXTRA_RANGE_1_NETMASK='255.255.255.0' # netmask for extra range
DNSDHCP_EXTRA_RANGE_1_DNS_SERVER='192.168.8.1' # DNS Server for extra range
DNSDHCP_EXTRA_RANGE_1_NTP_SERVER='' # NTP Server for extra range
DNSDHCP_EXTRA_RANGE_1_GATEWAY='192.168.8.1' # default gateway for
# extra range
DNSDHCP_EXTRA_RANGE_1_DEVICE='eth0' # device used to reach extra network
# Deny hosts from dhcp-Access
# ---------------------------
DNSDHCP_DENY_MAC_N='0' # number of denied MAC addresses
DNSDHCP_DENY_MAC_1='00:01:02:03:04:05' # MAC address is denied from DHCP
#------------------------------------------------------------------------------
# imond configuration:
#------------------------------------------------------------------------------
START_IMOND='yes' # start imond: yes or no
IMOND_USE_ORIG='yes' # use the original version of imond instead
# of the development version: yes or no
IMOND_PORT='5000' # port (tcp), don't open it to the outside
IMOND_PASS='' # imond-password, may be empty
IMOND_ADMIN_PASS='******' # imond-admin-password, may be empty
IMOND_LED='' # tty for led: com1 - com4 or empty
IMOND_BEEP='yes' # beep if connection going up/down
IMOND_LOG='no' # log /var/log/imond.log: yes or no
IMOND_LOGDIR='/var/log' # log-directory, e.g. /var/log
IMOND_ENABLE='yes' # accept "enable/disable" commands
IMOND_DIAL='yes' # accept "dial/hangup" commands
IMOND_ROUTE='yes' # accept "route" command
IMOND_REBOOT='yes' # accept "reboot" command
#------------------------------------------------------------------------------
# Generic circuit configuration:
#------------------------------------------------------------------------------
IP_DYN_ADDR='yes' # use dyn. IP addresses (most providers do)
DIALMODE='auto' # standard dialmode: auto, manual, or off
#------------------------------------------------------------------------------
# optional package: syslogd
#------------------------------------------------------------------------------
OPT_SYSLOGD='no' # start syslogd: yes or no
SYSLOGD_DEST_N='1' # number of destinations
SYSLOGD_DEST_1='*.* /dev/console' # n'th prio & destination of syslog msgs
SYSLOGD_DEST_2='*.* @192.168.6.2' # example: loghost 192.168.6.2
SYSLOGD_DEST_3='kern.info /var/log/dial.log' # example: log infos to file
#------------------------------------------------------------------------------
# Optional package: klogd
#------------------------------------------------------------------------------
OPT_KLOGD='no' # start klogd: yes or no
#------------------------------------------------------------------------------
# Optional package: y2k correction
#------------------------------------------------------------------------------
OPT_Y2K='no' # y2k correction: yes or no
Y2K_DAYS='0' # correct hardware y2k-bug: add x days
#------------------------------------------------------------------------------
# Optional package: PNP
#------------------------------------------------------------------------------
OPT_PNP='no' # install isapnp tools: yes or no
hoffe, dass ich grad eben beim suchen nicht den Thread übersehen habe, in dem genau meine Frage schon beantwortet worden ist;)
thx 4 answer
Justus
// EDIT: hat sich erledigt, sorry...;)
nachdem die Festplatte, auf der Fli4l 2* lief abgenippelt war hab ich mich zur Installation von der neueren Version entschlossen... Läuft auch alles soweit, bis auf das Portforwarding...:(
Wenn ich die TCP-Ports 4661-4664 auf den Rechner mit der IP 192.168.6.52 weiterleiten möchte, dann müsste ich laut Manual (S. 73) eine Zeile wie PREROUTING_LIST_1='prot:tcp dynamic:4661-4664 DNAT:192.168.6.52' in die Konfiguration eintragen... nur leider kommen die Ports trotzdem nicht an:/
bei Version 2.* musste zusätzlich zu den PORTFW-Einträgen auch ncoh die der Firewall angepasst werden, ist das immer noch so? ich finde solch einen Eintrag nicht:(
hier mal meine base.conf
##-----------------------------------------------------------------------------
## base.txt - fli4l configuration parameters 3.0.1
##
## You can edit/change this file with any text editor.
##
## P L E A S E R E A D T H E D O C U M E N T A T I O N ,
## S E E R E A D M E . T X T
##
## B I T T E U N B E D I N G T D I E D O K U M E N T A T I O N
## L E S E N , S I E H E R E A D M E . T X T
##
## Creation: 26.06.2001 fm
## Last Update: $Id: base.txt 11071 2006-02-23 13:46:01Z hh $
##
## Copyright (c) 2001-2005 Frank Meyer <frank@fli4l.de>
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or
## (at your option) any later version.
##-----------------------------------------------------------------------------
#------------------------------------------------------------------------------
# General settings:
#------------------------------------------------------------------------------
HOSTNAME='fli4l' # name of fli4l router
PASSWORD='*******' # password for root login (console, sshd, imond)
BOOT_TYPE='hd' # boot device: fd, fdx2, dualfd, hd, cd, ls120,
# integrated, attached, netboot, pxeboot
# (cd, cdemul, hd and ls120 need an
# installed opt hd)
MOUNT_BOOT='rw' # mount boot device (floppy): ro, rw, no
TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0'
# description of local time zone,
# don't touch without reading documentation
KERNEL_VERSION='2.4.32' # kernel version
KERNEL_BOOT_OPTION='' # append option to kernel command line
COMP_TYPE_KERNEL='gzip' # compression-type for kernel: gzip, bzip2
COMP_TYPE_ROOTFS='gzip' # compression-type for rootfs: gzip, bzip2
IP_CONNTRACK_MAX='' # override maximum limit of connection
# tracking entries
POWEROFF_ON_HALT='no' # power off after shutting down the machine
REAL_MODE_POWEROFF='no' # switch to real mode before invoking
# apm power off
#------------------------------------------------------------------------------
# Localisation
#------------------------------------------------------------------------------
LOCALE='de' # defines the default language for several
# components, such as menu and httpd
#------------------------------------------------------------------------------
# Mount extra floppy drive to /floppy:
#------------------------------------------------------------------------------
OPT_MOUNTFLOPPY='no' # mount extra floppy drive: first, second, no
#------------------------------------------------------------------------------
# Console settings (serial console, blank time):
#------------------------------------------------------------------------------
CONSOLE_BLANK_TIME='' # time in minutes (1-60) to blank
# console; '0' = never, '' = system default
SER_CONSOLE='no' # use serial interface instead of or as
# additional output device and main input device
SER_CONSOLE_IF='0' # serial interface to use, 0 for ttyS0 (COM1)
SER_CONSOLE_RATE='9600' # baudrate for serial console
SER_BEEP='no' # enable beep after boot and shutdown
#------------------------------------------------------------------------------
# Debug Settings:
#------------------------------------------------------------------------------
DEBUG_STARTUP='no' # write an execution trace of the boot
DEBUG_LOG='' # sequence to file DEBUG_LOG or console if
# DEBUG_LOG is empty
#------------------------------------------------------------------------------
# Show service menu after login:
#------------------------------------------------------------------------------
OPT_MENU='yes' # service menu for users
MENU_LANGUAGE='' # language for the service menu; defaults to
# 'LOCALE' if left empty
#------------------------------------------------------------------------------
# Keyboard layout
#------------------------------------------------------------------------------
KEYBOARD_LOCALE='auto' # auto: use most common keyboard layout for
# the language specified in 'LOCALE'
OPT_MAKEKBL='no' # set to 'yes' to make a new local keyboard
# layout map on the fli4l-router
#------------------------------------------------------------------------------
# Ethernet card drivers:
#
#------------------------------------------------------------------------------
NET_DRV_N='1' # number of ethernet drivers to load, usually 1
NET_DRV_1='8139too' # 1st driver: name (e.g. NE2000 PCI clone)
NET_DRV_1_OPTION='' # 1st driver: additional option
#------------------------------------------------------------------------------
# Ether networks used with IP protocol:
#------------------------------------------------------------------------------
IP_NET_N='1' # number of IP ethernet networks, usually 1
IP_NET_1='192.168.6.1/24' # IP address of your n'th ethernet card and
# netmask in CIDR (no. of set bits)
IP_NET_1_DEV='eth0' # required: device name like ethX
#------------------------------------------------------------------------------
# Additional routes, optional
#------------------------------------------------------------------------------
IP_ROUTE_N='0' # number of additional routes
#------------------------------------------------------------------------------
# Packetfilter configuration; there are two styles, old and new -
# you have to choose one of them.
#
# Please choose the new packet filter configuration, the old one is
# deprecated and only provided for compatibility reasons. During boot
# up the configuration will be translated to the new configuration,
# printed to the screen and written to bootmsg.txt to allow for an
# easy migration to the new config style.
#
# Old style packet filter config - set ORIG_FW_CONFIG='yes' to use
# this version
#------------------------------------------------------------------------------
ORIG_FW_CONFIG='no'
#------------------------------------------------------------------------------
# New style packet filter config - set NEW_FW_CONFIG='yes' to use this
# version
#------------------------------------------------------------------------------
NEW_FW_CONFIG='yes' # new style packet filter config: yes/no
INPUT_POLICY='REJECT' # be nice and use reject as policy
INPUT_ACCEPT_DEF='yes' # use default rule set
INPUT_LOG='no' # don't log anything
INPUT_REJ_LIMIT='1/second:5' # reject 1 connection per second; allow a
# burst of 5 events; otherwise
# drop packet
INPUT_UDP_REJ_LIMIT='1/second:5' # reject 1 udp packet per second; allow a
# burst of 5 events; otherwise drop packet
INPUT_LIST_N='1'
INPUT_LIST_1='IP_NET_1 ACCEPT' # allow all hosts in the local
# network access to the router
INPUT_LIST_2='tmpl:samba DROP NOLOG' # drop (or reject) samba access
# without logging, otherwise the log
# file will be filled with useless
# entries
FORWARD_POLICY='REJECT' # be nice and use reject as policy
FORWARD_ACCEPT_DEF='yes' # use default rule set
FORWARD_LOG='no' # don't log anything
FORWARD_REJ_LIMIT='1/second:5' # reject 1 connection per second; allow a
# burst of 5 events; otherwise
# drop packet
FORWARD_UDP_REJ_LIMIT='1/second:5' # reject 1 udp packet per second; allow
# a burst of 5 events; otherwise
# drop packet
FORWARD_LIST_N='2'
FORWARD_LIST_1='tmpl:samba DROP' # drop samba traffic if it tries
# to leave the subnet
FORWARD_LIST_2='IP_NET_1 ACCEPT' # accept everything else
POSTROUTING_LIST_N='1'
POSTROUTING_LIST_1='IP_NET_1 MASQUERADE' # masquerade traffic leaving
# the subnet
PREROUTING_LIST_N='1'
PREROUTING_LIST_1='prot:tcp dynamic:4661-4664 DNAT:192.168.6.52'
#------------------------------------------------------------------------------
# Simple DMZ setup for dial-up based routers -- see documentation
#------------------------------------------------------------------------------
OPT_DMZ='no'
#------------------------------------------------------------------------------
# Optional package: PORTFW
#------------------------------------------------------------------------------
PORTFW_N='0' # how many portforwardings to set up
#------------------------------------------------------------------------------
# Masq modules
#------------------------------------------------------------------------------
MASQ_MODULE_N='1' # load n masq modules (default: only ftp)
MASQ_MODULE_1='ftp' # ftp
MASQ_MODULE_1_OPTION='' # options, see documentation
#------------------------------------------------------------------------------
# Domain configuration:
#------------------------------------------------------------------------------
DOMAIN_NAME='wes.lan' # your domain name
DNS_FORWARDERS='212.185.252.73 194.25.0.69' # DNS servers of your provider,
# e.g. ns.n-ix.net
OPT_DNS='yes' # start dns server: yes or no
DNS_TRIGGER_DIAL_IN='yes' # trigger a dial-in before
# forwarding requests
DNS_LISTENIP_N='0' # if 0 then listen on all interfaces
DNS_LISTENIP_1='IP_NET_1_IPADDR' # first IP to listen on
DNS_VERBOSE='no' # log queries into syslog
DNS_MX_SERVER='' # fqdn of the mx for your DOMAIN
DNS_FORBIDDEN_N='0' # number of forbidden domains
DNS_FORBIDDEN_1='foo.bar' # 1st forbidden domain
DNS_FORBIDDEN_2='bar.foo' # 2nd forbidden domain
DNS_REDIRECT_N='0' # number of redirected domains
DNS_REDIRECT_1='foo.bar.foo' # 1st redirected domain
DNS_REDIRECT_1_IP='192.168.6.100' # IP of redirected domain
DNS_BOGUS_PRIV='yes' # fake reverse lookups for RFC1918
# private address ranges
DNS_FILTERWIN2K='yes' # filters useless windows-originated DNS
# requests and blocks all SRV requests
# Special DNS configuration
#--------------------------
DNS_SPECIAL_N='0' # number of special
# dns servers, normally 0
HOSTS_N='10' # number of hosts in your domain
# 1st host:
HOST_1_NAME='fli4l' # name or aliasname e.g. "HOSTNAME"
HOST_1_IP='192.168.6.1' # IP or aliasname e.g. "IP_NET_1_IPADDR"
HOST_1_ALIAS_N='2' # number of optional alias names
HOST_1_ALIAS_1='router.wes.lan' # 1st optional alias name
HOST_1_ALIAS_2='gateway.wes.lan'
# 2nd host:
HOST_2_NAME='netgear' # name
HOST_2_IP='192.168.6.2' # IP # optional mac address used by dhcpd
# 3rd host:
HOST_3_NAME='wlan' # name
HOST_3_IP='192.168.6.3'
HOST_3_ALIAS_N='1'
HOST_3_ALIAS_1='accesspoint.wes.lan'
# 4th host:
HOST_4_NAME='ibook' # name
HOST_4_IP='192.168.6.51' # IP
HOST_4_DHCPTYP='mac'
HOST_4_MAC='00:14:51:7a:58:3b'
HOST_4_ALIAS_N='1'
HOST_4_ALIAS_1='mobile.******.wes.lan'
HOST_5_NAME='******dose'
HOST_5_IP='192.168.6.52'
HOST_5_DHCPTYP='mac'
HOST_5_MAC='00:0c:6e:e1:bb:bd'
HOST_5_ALIAS_N='1'
HOST_5_ALIAS_1='workstation.******.wes.lan'
HOST_6_NAME='*******xbox'
HOST_6_IP='192.168.6.53'
HOST_6_DHCPTYP='mac'
HOST_6_MAC='00:50:f2:85:88:97'
HOST_6_ALIAS_N='1'
HOST_6_ALIAS_1='xbox.******.wes.lan'
HOST_7_NAME='****'
HOST_7_IP='192.168.6.61'
HOST_7_DHCPTYP='mac'
HOST_7_MAC='00:04:61:49:d3:42'
HOST_7_ALIAS_N='1'
HOST_7_ALIAS_1='workstation.*********.wes.lan'
HOST_8_NAME='******'
HOST_8_IP='192.168.6.71'
HOST_8_DHCPTYP='mac'
HOST_8_MAC='00:b0:d0:a1:23:0e'
HOST_8_ALIAS_N='1'
HOST_8_ALIAS_1='workstation.********.wes.lan'
HOST_9_NAME='office'
HOST_9_IP='192.168.6.81'
HOST_9_DHCPTYP='mac'
HOST_9_MAC='00:50:bf:77:bd:ff'
HOST_9_ALIAS_N='1'
HOST_9_ALIAS_1='office.public.wes.lan'
HOST_10_NAME='empore'
HOST_10_IP='192.168.6.82'
HOST_10_DHCPTYP='mac'
HOST_10_MAC='00:a0:cc:7a:e4:6e'
HOST_10_ALIAS_N='1'
HOST_10_ALIAS_1='empore.public.wes.lan'
#------------------------------------------------------------------------------
# DNSMASQ-DHCP server
#------------------------------------------------------------------------------
OPT_DNSDHCP='yes' # activate DHCP server: yes or no
DNSDHCP_LS_TIME_DYN='3600' # default time for dynamic leases: 1 hour
DNSDHCP_MAX_LS_TIME_DYN='7200' # max time for dynamic leases: 2 hours
DNSDHCP_LS_TIME_FIX='86400' # default time for fix leases: 1 day
DNSDHCP_MAX_LS_TIME_FIX='604800' # max time for fix leases: 1 week
DNSDHCP_LEASES_DIR='/boot' # don't touch this until you
# have read the manual!
DNSDHCP_WINSSERVER_1='' # IP-address of 1st external wins-server
# (don't use if OPT_NMBD='yes'!)
DNSDHCP_WINSSERVER_2='' # IP-address of 2nd external wins-server
# (don't use if OPT_NMBD='yes'!)
# Parameters for local Networks
# -----------------------------
DNSDHCP_RANGE_1_START='192.168.6.100' # start-IP of n'th ethernet,
# see IP_NET_N
DNSDHCP_RANGE_1_END='192.168.6.200' # end-IP of n'th ethernet,
# see IP_NET_N
DNSDHCP_RANGE_1_DNS_SERVER='' # if empty the IP of interface
# IP_NET_N is used;
# if set to 'none' no
# dns-server is transmitted
DNSDHCP_RANGE_1_NTP_SERVER='' # if empty and OPT_CHRONY='yes'
# the IP of interface IP_NET_N
# is used; if set to 'none' no
# ntp-server is transmitted
DNSDHCP_RANGE_1_GATEWAY='' # if empty the IP of interface
# IP_NET_N is used;
# if set to 'none' no
# gateway is transmitted
# Parameters for extra Networks (via relay)
# -----------------------------------------
DNSDHCP_EXTRA_RANGE_N='0' # number of extra ranges
DNSDHCP_EXTRA_RANGE_1_START='192.168.8.2' # start-IP of n'th extra range
DNSDHCP_EXTRA_RANGE_1_END='192.168.8.50' # end-IP of n'th extra range
DNSDHCP_EXTRA_RANGE_1_NETMASK='255.255.255.0' # netmask for extra range
DNSDHCP_EXTRA_RANGE_1_DNS_SERVER='192.168.8.1' # DNS Server for extra range
DNSDHCP_EXTRA_RANGE_1_NTP_SERVER='' # NTP Server for extra range
DNSDHCP_EXTRA_RANGE_1_GATEWAY='192.168.8.1' # default gateway for
# extra range
DNSDHCP_EXTRA_RANGE_1_DEVICE='eth0' # device used to reach extra network
# Deny hosts from dhcp-Access
# ---------------------------
DNSDHCP_DENY_MAC_N='0' # number of denied MAC addresses
DNSDHCP_DENY_MAC_1='00:01:02:03:04:05' # MAC address is denied from DHCP
#------------------------------------------------------------------------------
# imond configuration:
#------------------------------------------------------------------------------
START_IMOND='yes' # start imond: yes or no
IMOND_USE_ORIG='yes' # use the original version of imond instead
# of the development version: yes or no
IMOND_PORT='5000' # port (tcp), don't open it to the outside
IMOND_PASS='' # imond-password, may be empty
IMOND_ADMIN_PASS='******' # imond-admin-password, may be empty
IMOND_LED='' # tty for led: com1 - com4 or empty
IMOND_BEEP='yes' # beep if connection going up/down
IMOND_LOG='no' # log /var/log/imond.log: yes or no
IMOND_LOGDIR='/var/log' # log-directory, e.g. /var/log
IMOND_ENABLE='yes' # accept "enable/disable" commands
IMOND_DIAL='yes' # accept "dial/hangup" commands
IMOND_ROUTE='yes' # accept "route" command
IMOND_REBOOT='yes' # accept "reboot" command
#------------------------------------------------------------------------------
# Generic circuit configuration:
#------------------------------------------------------------------------------
IP_DYN_ADDR='yes' # use dyn. IP addresses (most providers do)
DIALMODE='auto' # standard dialmode: auto, manual, or off
#------------------------------------------------------------------------------
# optional package: syslogd
#------------------------------------------------------------------------------
OPT_SYSLOGD='no' # start syslogd: yes or no
SYSLOGD_DEST_N='1' # number of destinations
SYSLOGD_DEST_1='*.* /dev/console' # n'th prio & destination of syslog msgs
SYSLOGD_DEST_2='*.* @192.168.6.2' # example: loghost 192.168.6.2
SYSLOGD_DEST_3='kern.info /var/log/dial.log' # example: log infos to file
#------------------------------------------------------------------------------
# Optional package: klogd
#------------------------------------------------------------------------------
OPT_KLOGD='no' # start klogd: yes or no
#------------------------------------------------------------------------------
# Optional package: y2k correction
#------------------------------------------------------------------------------
OPT_Y2K='no' # y2k correction: yes or no
Y2K_DAYS='0' # correct hardware y2k-bug: add x days
#------------------------------------------------------------------------------
# Optional package: PNP
#------------------------------------------------------------------------------
OPT_PNP='no' # install isapnp tools: yes or no
hoffe, dass ich grad eben beim suchen nicht den Thread übersehen habe, in dem genau meine Frage schon beantwortet worden ist;)
thx 4 answer
Justus
// EDIT: hat sich erledigt, sorry...;)