Temat: Problem z Proxy ARP
Witam. Mam problem taki iż każdy komp ma neta ale mimo iż z internetu jest ping to nie można "wbić" się na kompa który na przykład ma www na 80 porcie.
robiłem wg http://rpc.one.pl/index.php/lista-artyk … czne-w-lan
tylko zamiast podawania ip kazego dawalem 1.2.3.4/27, czy to może być problem?
A i pominolem mac adresy
nmap mi zwraca
Starting Nmap 5.00 ( [url]http://nmap.org[/url] ) at 2013-02-02 21:23 CET
All 1000 scanned ports on 5-226-79-120.ip.netia.com.pl (5.226.79.120) are filtered
MAC Address: 7A:EA:17:FB:62:89 (Unknown)plik firewall.user
iptables -N forwarding_proxyarp_lan
iptables -N forwarding_proxyarp_wan
iptables -I FORWARD 3 -i eth1 -o eth0 -j forwarding_proxyarp_lan
iptables -I FORWARD 3 -i eth0 -o eth1 -j forwarding_proxyarp_wan
iptables -A forwarding_proxyarp_wan -d 5.226.79.96/27 -j ACCEPT
iptables -A forwarding_proxyarp_lan -p tcp -s 5.226.79.96/27 -j ACCEPT
iptables -t nat -I zone_wan_nat -d 5.226.79.96/27 -j ACCEPTkawalek /etc/config/network
config interface loopback
option ifname lo
option proto static
option ipaddr 127.0.0.1
option netmask 255.0.0.0
config interface wan
option ifname eth0
option proto static
option ipaddr 5.226.79.99
option netmask 255.255.255.224
option gateway 5.226.79.97
option dns 153.19.250.100
config interface lan
option ifname eth1
option proto static
option ipaddr 192.168.1.1
option netmask 255.255.255.0
config 'route'
option 'interface' 'lan'
option 'netmask' '255.255.255.255'
option 'target' '5.226.79.100'
config 'route'
option 'interface' 'lan'
option 'netmask' '255.255.255.255'
option 'target' '5.226.79.101'
config 'route'
option 'interface' 'lan'
option 'netmask' '255.255.255.255'
option 'target' '5.226.79.102'
config 'route'
option 'interface' 'lan'
option 'netmask' '255.255.255.255'
option 'target' '5.226.79.103'sysctl.conf
kernel.panic=3
net.ipv4.conf.default.arp_ignore=1
net.ipv4.conf.all.arp_ignore=1
net.ipv4.ip_forward=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_responses=1
net.ipv4.tcp_ecn=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=120
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_timestamps=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_dsack=1
net.ipv6.conf.all.forwarding=1
net.netfilter.nf_conntrack_acct=1
net.netfilter.nf_conntrack_checksum=0
net.netfilter.nf_conntrack_max=16384
net.netfilter.nf_conntrack_tcp_timeout_established=3600
net.netfilter.nf_conntrack_udp_timeout=60
net.netfilter.nf_conntrack_udp_timeout_stream=180
# disable bridge firewalling by default
net.bridge.bridge-nf-call-arptables=0
net.bridge.bridge-nf-call-ip6tables=0
net.bridge.bridge-nf-call-iptables=0
net.ipv4.conf.eth0.proxy_arp=1
net.ipv4.conf.eth1.proxy_arp=1linux, wordpress , moj blog 
www.8px.pl
www.8px.pl