Alexco
Well-Known Member
Juten Tach auch liebe Mitstreiter!
Ich versuche hier mittels MPD (3.18 mittels PKG) meinen I-Net Router einen Tunnel zu schenken.
Leider will das nicht ganz so.
Software: FreeBSD 5.3, MPD 3.18 und als Firewall PF, Generic Kernel.
Als Client vom Internet aus versucht sich ein Laptop mit Mac OS X 10.3.
Firewall rules:
mpd.conf:
mpd.links:
Und das sagt mir mpd bei einem Verbindungsversuch:
Aber leider hilft mir das nicht wirklich weiter.
Irgendwo klemmts da. Hat jemand nen heissen Tip?
Besten Dank,
Alex
Ich versuche hier mittels MPD (3.18 mittels PKG) meinen I-Net Router einen Tunnel zu schenken.
Leider will das nicht ganz so.
Software: FreeBSD 5.3, MPD 3.18 und als Firewall PF, Generic Kernel.
Als Client vom Internet aus versucht sich ein Laptop mit Mac OS X 10.3.
Firewall rules:
Code:
pfctl -s rules
No ALTQ support in kernel
ALTQ related functions disabled
scrub in all fragment reassemble
scrub out all random-id max-mss 1440 fragment reassemble
pass quick proto gre all
block drop out log on ng0 all
block drop in log on ng0 all
block return-rst out log on ng0 proto tcp all
block return-rst in log on ng0 proto tcp all
block return-icmp(port-unr, port-unr) out log on ng0 proto udp all
block return-icmp(port-unr, port-unr) in log on ng0 proto udp all
pass in quick on lo0 all
pass out quick on lo0 all
pass in on fxp0 from any to <allowhost>
pass out on fxp0 from <allowhost> to any
pass in on rl0 from any to <allowhost>
pass out on rl0 from <allowhost> to any
block drop in log quick on ng0 from <badhost> to any
block drop in quick on ng0 inet proto tcp all flags FPU/FPU
block drop out log quick inet proto tcp from any to 207.46.104.20
block drop out log quick proto tcp from any to any port = 1863
pass in quick on ng0 inet proto tcp from any to any port = ftp flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = ssh flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = pptp flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = 4662 flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = 4711 flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = 6881 flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = 6882 flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = 6883 flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto tcp from any to any port = 6884 flags S/FSRA keep state label "ServicesTCP"
pass in quick on ng0 inet proto udp from any to any port = ftp keep state label"ServicesUDP"
pass in quick on ng0 inet proto udp from any to any port = ssh keep state label"ServicesUDP"
pass in quick on ng0 inet proto udp from any to any port = rfa keep state label"ServicesUDP"
pass out log on ng0 inet proto tcp all flags S/SA keep state
pass out log on ng0 inet proto udp all keep state
pass out log on ng0 inet proto icmp all keep statempd.conf:
Code:
pptp0:
new -i ng1 pptp0 pptp0
set iface disable on-demand
set iface enable proxy-arp
set iface mtu 1400
set iface idle 0
set bundle enable multilink
set bundle enable compression
set bundle yes crypt-reqd
set link mtu 1400
set link mru 1400
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 60 180
set ipcp yes vjcomp
set ipcp ranges 192.168.1.201/32 192.168.1.100/32
set ipcp dns 192.168.6.200
set ipcp nbns 192.168.6.200
set ccp yes mppc
set ccp yes mpp-compress
set ccp no mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-statelessmpd.links:
Code:
pptp0:
set link type pptp
set pptp self 0
set pptp mode passive
set pptp enable incoming
set pptp disable originateUnd das sagt mir mpd bei einem Verbindungsversuch:
Code:
Multi-link PPP for FreeBSD, by Archie L. Cobbs.
Based on iij-ppp, by Toshiharu OHNO.
mpd: pid 558, version 3.18 (root@freebsd.org 06:43 3-Oct-2004)
[pptp0:pptp0] set debug 1
[pptp0:pptp0] log +bund
[pptp0:pptp0] log +console
[pptp0:pptp0] log +lcp
[pptp0:pptp0] log +auth
[pptp0:pptp0] mpd: PPTP connection from 153.96.69.249:52050
pptp0: attached to connection with 153.96.69.249:52050
[pptp0] IFACE: Open event
[pptp0] IPCP: Open event
[pptp0] IPCP: state change Initial --> Starting
[pptp0] IPCP: LayerStart
[pptp0] IPCP: Open event
[pptp0] bundle: OPEN event in state CLOSED
[pptp0] opening link "pptp0"...
[pptp0] link: OPEN event
[pptp0] LCP: Open event
[pptp0] LCP: state change Initial --> Starting
[pptp0] LCP: LayerStart
[pptp0] device: OPEN event in state DOWN
[pptp0] attaching to peer's outgoing call
[pptp0] device is now in state OPENING
[pptp0] device: UP event in state OPENING
[pptp0] device is now in state UP
[pptp0] link: UP event
[pptp0] link: origination is remote
[pptp0] LCP: Up event
[pptp0] LCP: state change Starting --> Req-Sent
[pptp0] LCP: phase shift DEAD --> ESTABLISH
[pptp0] LCP: SendConfigReq #1
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
pptp0-0: ignoring SetLinkInfo
[pptp0] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: state change Req-Sent --> Ack-Sent
[pptp0] LCP: SendConfigReq #2
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: rec'd Configure Request #1 link 0 (Ack-Sent)
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigReq #3
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: SendConfigReq #4
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: rec'd Configure Request #1 link 0 (Ack-Sent)
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigReq #5
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: rec'd Configure Request #1 link 0 (Ack-Sent)
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigReq #6
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: SendConfigReq #7
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: rec'd Configure Request #1 link 0 (Ack-Sent)
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigReq #8
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: rec'd Configure Request #1 link 0 (Ack-Sent)
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigReq #9
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: SendConfigReq #10
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 031d063a
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 40 f6 2c 95 e6
[pptp0] LCP: rec'd Configure Request #1 link 0 (Ack-Sent)
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: SendConfigAck #1
ACCMAP 0x00000000
MAGICNUM 41295dfa
PROTOCOMP
ACFCOMP
[pptp0] LCP: state change Ack-Sent --> Stopped
[pptp0] LCP: LayerFinish
[pptp0] LCP: parameter negotiation failed
[pptp0] LCP: LayerFinish
[pptp0] device: CLOSE event in state UP
pptp0-0: clearing call
pptp0-0: killing channel
[pptp0] PPTP call terminated
[pptp0] IFACE: Close event
[pptp0] IPCP: Close event
[pptp0] IPCP: state change Starting --> Initial
[pptp0] IPCP: LayerFinish
[pptp0] IFACE: Close event
pptp0: closing connection with 153.96.69.249:52050
[pptp0] netgraph: sendto(bypass.link0): No such file or directory
[pptp0] IFACE: Close event
[pptp0] device is now in state CLOSING
[pptp0] bundle: CLOSE event in state OPENED
[pptp0] closing link "pptp0"...
[pptp0] device: CLOSE event in state CLOSING
[pptp0] device is now in state CLOSING
[pptp0] link: CLOSE event
[pptp0] LCP: Close event
[pptp0] LCP: state change Stopped --> Closed
[pptp0] device: DOWN event in state CLOSING
[pptp0] device is now in state DOWN
[pptp0] link: DOWN event
[pptp0] LCP: Down event
[pptp0] LCP: state change Closed --> Initial
[pptp0] LCP: phase shift ESTABLISH --> DEAD
[pptp0] device: DOWN event in state DOWN
[pptp0] device is now in state DOWN
[pptp0] link: DOWN event
[pptp0] LCP: Down event
pptp0: ctrl connection closed by peer
pptp0: killing connection with 153.96.69.249:52050Aber leider hilft mir das nicht wirklich weiter.
Irgendwo klemmts da. Hat jemand nen heissen Tip?
Besten Dank,
Alex