26 Odpowiedź przez hxc

  • hxc
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-10-11
  • Posty: 49

Odp: [Pomoc] Multiroom przez VPN

Proszę:

root@Gargoyle:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=48 time=48.622 ms
64 bytes from 8.8.8.8: seq=1 ttl=48 time=47.455 ms
64 bytes from 8.8.8.8: seq=2 ttl=48 time=47.337 ms
64 bytes from 8.8.8.8: seq=3 ttl=48 time=47.010 ms
^Z[1]+  Stopped                    ping 8.8.8.8
root@Gargoyle:~# ping 77.255.249.68
PING 77.255.249.68 (77.255.249.68): 56 data bytes
64 bytes from 77.255.249.68: seq=0 ttl=64 time=3.061 ms
64 bytes from 77.255.249.68: seq=1 ttl=64 time=1.599 ms
64 bytes from 77.255.249.68: seq=2 ttl=64 time=1.629 ms
64 bytes from 77.255.249.68: seq=3 ttl=64 time=1.604 ms
^Z[2]+  Stopped                    ping 77.255.249.68
root@Gargoyle:~# iptables -v -L
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
 2991  259K bw_ingress  all  --  br-lan any     anywhere             anywhere   
 2950  256K delegate_input  all  --  any    any     anywhere             anywhere

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 bw_ingress  all  --  br-lan any     anywhere             anywhere   
    0     0 delegate_forward  all  --  any    any     anywhere             anywhere

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
 1539  814K delegate_output  all  --  any    any     anywhere             anywhere

Chain MINIUPNPD (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain bw_ingress (2 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0            all  --  any    any     anywhere             anywhere            bandwidth --id total1-download-2-449 --type combined --current_bandwidth 0 --reset_interval 2 --reset_time 2 --intervals_to_save 449
    0     0            all  --  any    any     anywhere             anywhere            match-set local_addr_set dst bandwidth --id bdist1-download-minute-15 --type individual_dst --reset_interval minute --intervals_to_save 15
    0     0            all  --  any    any     anywhere             anywhere            bandwidth --id total2-download-minute-359 --type combined --current_bandwidth 0 --reset_interval minute --intervals_to_save 359
    0     0            all  --  any    any     anywhere             anywhere            match-set local_addr_set dst bandwidth --id bdist2-download-900-24 --type individual_dst --reset_interval 900 --reset_time 900 --intervals_to_save 24
    0     0            all  --  any    any     anywhere             anywhere            bandwidth --id total3-download-180-479 --type combined --current_bandwidth 0 --reset_interval 180 --reset_time 180 --intervals_to_save 479
    0     0            all  --  any    any     anywhere             anywhere            match-set local_addr_set dst bandwidth --id bdist3-download-hour-24 --type individual_dst --reset_interval hour --intervals_to_save 24
    0     0            all  --  any    any     anywhere             anywhere            bandwidth --id total4-download-7200-359 --type combined --current_bandwidth 0 --reset_interval 7200 --reset_time 7200 --intervals_to_save 359
    0     0            all  --  any    any     anywhere             anywhere            match-set local_addr_set dst bandwidth --id bdist4-download-day-31 --type individual_dst --reset_interval day --intervals_to_save 31
    0     0            all  --  any    any     anywhere             anywhere            bandwidth --id total5-download-day-365 --type combined --current_bandwidth 0 --reset_interval day --intervals_to_save 365
    0     0            all  --  any    any     anywhere             anywhere            match-set local_addr_set dst bandwidth --id bdist5-download-month-12 --type individual_dst --reset_interval month --intervals_to_save 12

Chain delegate_forward (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 forwarding_rule  all  --  any    any     anywhere             anywhere            /* user chain for forwarding */
    0     0 ACCEPT     all  --  any    any     anywhere             anywhere            ctstate RELATED,ESTABLISHED
    0     0 zone_lan_forward  all  --  br-lan any     anywhere             anywhere
    0     0 zone_vpn_forward  all  --  tun0   any     anywhere             anywhere
    0     0 reject     all  --  any    any     anywhere             anywhere    

Chain delegate_input (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     all  --  lo     any     anywhere             anywhere    
 2950  256K input_rule  all  --  any    any     anywhere             anywhere            /* user chain for input */
 1222  123K ACCEPT     all  --  any    any     anywhere             anywhere            ctstate RELATED,ESTABLISHED
  118  6136 syn_flood  tcp  --  any    any     anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN
 1728  133K zone_lan_input  all  --  br-lan any     anywhere             anywhere
    0     0 zone_vpn_input  all  --  tun0   any     anywhere             anywhere

Chain delegate_output (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     all  --  any    lo      anywhere             anywhere    
 1539  814K output_rule  all  --  any    any     anywhere             anywhere            /* user chain for output */
 1444  806K ACCEPT     all  --  any    any     anywhere             anywhere            ctstate RELATED,ESTABLISHED
   95  7252 zone_lan_output  all  --  any    br-lan  anywhere             anywhere
    0     0 zone_vpn_output  all  --  any    tun0    anywhere             anywhere

Chain forwarding_lan_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain forwarding_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain forwarding_vpn_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain forwarding_wan_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain input_lan_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain input_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain input_vpn_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain input_wan_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:openvpn
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:openvpn

Chain output_lan_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain output_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain output_vpn_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain output_wan_rule (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain reject (2 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 REJECT     tcp  --  any    any     anywhere             anywhere            reject-with tcp-reset
    0     0 REJECT     all  --  any    any     anywhere             anywhere            reject-with icmp-port-unreachable

Chain syn_flood (1 references)
 pkts bytes target     prot opt in     out     source               destination 
  118  6136 RETURN     tcp  --  any    any     anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50
    0     0 DROP       all  --  any    any     anywhere             anywhere    

Chain zone_lan_dest_ACCEPT (1 references)
 pkts bytes target     prot opt in     out     source               destination 
   95  7252 ACCEPT     all  --  any    br-lan  anywhere             anywhere    

Chain zone_lan_forward (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     all  --  br-lan br-lan  anywhere             anywhere    
    0     0 forwarding_lan_rule  all  --  any    any     anywhere             anywhere            /* user chain for forwarding */
    0     0 zone_wan_dest_ACCEPT  all  --  any    any     anywhere             anywhere            /* forwarding lan -> wan */
    0     0 zone_vpn_dest_ACCEPT  all  --  any    any     anywhere             anywhere            /* forwarding lan -> vpn */
    0     0 zone_lan_src_REJECT  all  --  any    any     anywhere             anywhere

Chain zone_lan_input (1 references)
 pkts bytes target     prot opt in     out     source               destination 
 1728  133K input_lan_rule  all  --  any    any     anywhere             anywhere            /* user chain for input */
 1728  133K zone_lan_src_ACCEPT  all  --  any    any     anywhere             anywhere

Chain zone_lan_output (1 references)
 pkts bytes target     prot opt in     out     source               destination 
   95  7252 output_lan_rule  all  --  any    any     anywhere             anywhere            /* user chain for output */
   95  7252 zone_lan_dest_ACCEPT  all  --  any    any     anywhere             anywhere

Chain zone_lan_src_ACCEPT (1 references)
 pkts bytes target     prot opt in     out     source               destination 
 1728  133K ACCEPT     all  --  br-lan any     anywhere             anywhere    

Chain zone_lan_src_REJECT (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 reject     all  --  br-lan any     anywhere             anywhere    

Chain zone_vpn_dest_ACCEPT (2 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     all  --  any    tun0    anywhere             anywhere    

Chain zone_vpn_forward (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 forwarding_vpn_rule  all  --  any    any     anywhere             anywhere            /* user chain for forwarding */
    0     0 zone_wan_dest_ACCEPT  all  --  any    any     anywhere             anywhere            /* forwarding vpn -> wan */
    0     0 zone_vpn_src_ACCEPT  all  --  any    any     anywhere             anywhere

Chain zone_vpn_input (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 input_vpn_rule  all  --  any    any     anywhere             anywhere            /* user chain for input */
    0     0 zone_vpn_src_ACCEPT  all  --  any    any     anywhere             anywhere

Chain zone_vpn_output (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 output_vpn_rule  all  --  any    any     anywhere             anywhere            /* user chain for output */
    0     0 zone_vpn_dest_ACCEPT  all  --  any    any     anywhere             anywhere

Chain zone_vpn_src_ACCEPT (2 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     all  --  tun0   any     anywhere             anywhere    

Chain zone_wan_dest_ACCEPT (3 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain zone_wan_forward (0 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 MINIUPNPD  all  --  any    any     anywhere             anywhere    
    0     0 forwarding_wan_rule  all  --  any    any     anywhere             anywhere            /* user chain for forwarding */
    0     0 zone_wan_src_REJECT  all  --  any    any     anywhere             anywhere

Chain zone_wan_input (0 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 input_wan_rule  all  --  any    any     anywhere             anywhere            /* user chain for input */
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:bootpc /* Allow-DHCP-Renew */
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere            icmp echo-request /* Allow-Ping */
    0     0 zone_wan_src_REJECT  all  --  any    any     anywhere             anywhere

Chain zone_wan_output (0 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 output_wan_rule  all  --  any    any     anywhere             anywhere            /* user chain for output */
    0     0 zone_wan_dest_ACCEPT  all  --  any    any     anywhere             anywhere

Chain zone_wan_src_REJECT (2 references)
 pkts bytes target     prot opt in     out     source               destination 
root@Gargoyle:~#

27 Odpowiedź przez Cezary

  • Skąd: Warszawa
  • Zarejestrowany: 2006-02-25
  • Posty: 116,074

Odp: [Pomoc] Multiroom przez VPN

Masz coś mało pakietów złapanych na firewallu. Sprawdź to przekierowanie na 2640.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

Cezary's Strona

28 Odpowiedź przez hxc

  • hxc
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-10-11
  • Posty: 49

Odp: [Pomoc] Multiroom przez VPN

Dałem trochę w zapasie:

PunBB bbcode test

29 Odpowiedź przez Cezary

  • Skąd: Warszawa
  • Zarejestrowany: 2006-02-25
  • Posty: 116,074

Odp: [Pomoc] Multiroom przez VPN

Ale tak nie może być. Nie możesz kilka razy tego samego portu przekierować na różne adresy. Zostaw tylko dwa ostatnie wpisy. (na 192.168.1.2)

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

Cezary's Strona

30 Odpowiedź przez hxc

  • hxc
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-10-11
  • Posty: 49

Odp: [Pomoc] Multiroom przez VPN

Okej, zostawiam więc tak:

PunBB bbcode test

mam próbować znów się łączyć?

31 Odpowiedź przez Cezary

  • Skąd: Warszawa
  • Zarejestrowany: 2006-02-25
  • Posty: 116,074

Odp: [Pomoc] Multiroom przez VPN

Próbuj.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

Cezary's Strona

32 Odpowiedź przez hxc

  • hxc
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-10-11
  • Posty: 49

Odp: [Pomoc] Multiroom przez VPN

Witam ponownie,
próbowaliśmy i próbowaliśmy aż wreszcie się udało. Dziękuję za pomoc - Cezary.

PunBB bbcode test

Tylko teraz jak to dokładniej sprawdzić? Czy mogę dostać się w jakiś sposób do routera podłączonego w Domu 2? Czy ma to znaczenie pod jakie wyjście LAN podepnę dekodery (żeby widziały się w jednej sieci)?

Dziękuje.

33 Odpowiedź przez Cezary

  • Skąd: Warszawa
  • Zarejestrowany: 2006-02-25
  • Posty: 116,074

Odp: [Pomoc] Multiroom przez VPN

Jeżeli odpowiednio ustawiłeś to powinno się dać pingować sprzęty w tamtej sieci.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

Cezary's Strona

34 Odpowiedź przez woytas73 (edytowany przez woytas73 2013-12-04 22:46:27)

  • Zarejestrowany: 2013-12-02
  • Posty: 16

Odp: [Pomoc] Multiroom przez VPN

czy tunel nie powinien byc typu TAP? tunery musza miec taka sama podsiec (musza smigac broadcasty) a to mozemy osiagnac na poziomie 2 a nie 3. Jesli mam racje to jak zmusic zmiane interfejsu z TUN na TAP w kreatorze?

@Cezary czyli most poszedl standardowy routowalny z dajacym inne podsieci dla kazdego z tunerow? Pytam Ciebie bo pomagales koledze i moze cos pamietasz smile bo zgodnie z zalozeniami tunelu vpn adresacja na kazdym koncu powinna byc rozna a mr wymaga takiej samej
No chyba ze @hnx ma mr po mac'u to wtedy wszystko jedno

35 Odpowiedź przez Cezary

  • Skąd: Warszawa
  • Zarejestrowany: 2006-02-25
  • Posty: 116,074

Odp: [Pomoc] Multiroom przez VPN

W gargoyle nie ma tap. Jest tylko tun.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

Cezary's Strona