Îïÿòü ïðîáëåìû ñ Port Forwarding

**burning shadow** · 30-01-2010, 12:03

Ïîõîæå, ïðîáëåìà íå â ýòîì. Ïîïðîñèë òåõñóïïîðò çàéòè íà ïðîáðàñûâàåìûé ïîðò ÷åðåç ëîêàëüíûé IP ðîóòåðà (10.x.x.x), è âñå ðàâíî ãëóõî êàê â òàíêå. Ôîðâàðäèíã ðàáîòàåò òîëüêî èç LAN çà ðîóòåðîì (192.168.0.x). Â ÷åì ïðîáëåìà ìîæåò áûòü? Íè÷åãî íå ïîíèìàþ. Äóìàë ÷òî íà ñòîðîíå ïðîâàéäåðà êàêàÿ-òî ïðîáëåìà, ïîäêëþ÷èë êàáåëü íàïðÿìóþ â íîóò - âñå ðàáîòàåò, íà ëþáîé ïîðò ìîæíî ïîäêëþ÷èòüñÿ ïî âíåøíåìó IP.

**burning shadow** · 30-01-2010, 12:12

Íà âñÿêèé ñëó÷àé, êîíôèãóðàöèÿ òàêàÿ:

Static IP
IP: 10.44.15.129
Mask: 255.255.255.0
GW: 10.44.15.3

Íèêàêèõ äðóãèõ íàñòðîåê íåò. Íèêàêîãî PPPoE, VPN, è ò.ï.

**Power** · 30-01-2010, 16:24

Ïîêàæèòå ðåçóëüòàò âûïîëíåíèÿ êîìàíä (íà ðîóòåðå)

Code:

iptables-save
ifconfig -a
route -n

**burning shadow** · 30-01-2010, 22:12

[Óäàëèë ðåçóëüòàòû âûïîëíåíèÿ êîìàíä]

**Power** · 30-01-2010, 22:43

1. Âîçìîæíî, âàø íîóòáóê ïîëó÷àåò äðóãîé àéïè, êîãäà ïîäêëþ÷àåòñÿ ê ðîóòåðó ïî wi-fi.

2. ß âèæó, ó âàñ ïðîáðîøåíî 2 ïîðòà: 22/tcp è 80/tcp. Ìîæíî ïîïðîáîâàòü îòñëåäèòü ïàêåòû tcpdump'îì. Åñëè ó âàñ âñ¸ åù¸ ïðîøèâêà 1.9.2.7-d-r..., òî âàì íóæíî ñêà÷àòü tcpdump îòñþäà íà ðîóòåð (èëè íà ôëåøêó, ïîäêëþ÷åííóþ ê ðîóòåðó) è ðàñïàêîâàòü. Åñëè ïðîøèâêà îò Îëåãà, òî îí òàì óæå åñòü.
Äàëåå â îäíîì îêíå çàïóñêàåòå ëîâëþ ïàêåòîâ íà âíåøíåì èíòåðôåéñå:

Code:

tcpdump -npevtttt -i eth1 -s 0 'tcp port 80'

à â äðóãîì îêíå - íà âíóòðåííåì:

Code:

tcpdump -npevtttt -i br0 -s 0 'tcp port 80'

Òåïåðü íàäî, ÷òîáû êòî-òî çàø¸ë ïî âíåøíåìó àäðåñó íà ïîðò 80. Ïîñëå ýòîãî ëîâëþ ïàêåòîâ ìîæíî îñòàíîâèòü (Ctrl+C) è èçó÷èòü ðåçóëüòàòû (èëè ïîêàçàòü èõ çäåñü äëÿ îáùåãî èçó÷åíèÿ).

**burning shadow** · 30-01-2010, 23:06

Originally Posted by Power

1. Âîçìîæíî, âàø íîóòáóê ïîëó÷àåò äðóãîé àéïè, êîãäà ïîäêëþ÷àåòñÿ ê ðîóòåðó ïî wi-fi.

Íîóòáóê íå ïðè÷åì, 192.168.0.1 - ñåðâåð, IP ïðîïèñàí ñòàòè÷åñêèé. Áîëåå òîãî, ïîðò ôîðâàðäèíã ðàáîòàåò, åñëè èç LAN ïîïðîáîâàòü çàéòè íà ïðîáðàñûâàåìûé ïîðò íà âíóòðåííåì IP ðîóòåðà (10.44.15.129). Ò.å. ñ ìîåãî íîóòà, ïîäêëþ÷åííîãî ê ðîóòåðó, ÿ ìîãó ñêàçàòü telnet 10.44.15.129 80 è ïîïàäó íà 192.168.0.1:80 áåç ïðîáëåì. À âîò èç WAN òî æå ñàìîå íå ïðîõîäèò. Òàêîå îùóùåíèå, ÷òî ðîóòåð íå óìååò äåëàòü ïîðò ôîðâàðäèíã äëÿ ñòàòè÷åñêîãî ñîåäèíåíèÿ. ×òî-òî ïîõîæåå óæå âèäåë â òîïèêå ïðî êîðáèíó è ñòàòè÷åñêèé IP.

Originally Posted by Power

2. ß âèæó, ó âàñ ïðîáðîøåíî 2 ïîðòà: 22/tcp è 80/tcp. Ìîæíî ïîïðîáîâàòü îòñëåäèòü ïàêåòû tcpdump'îì. Åñëè ó âàñ âñ¸ åù¸ ïðîøèâêà 1.9.2.7-d-r..., òî âàì íóæíî ñêà÷àòü tcpdump îòñþäà íà ðîóòåð (èëè íà ôëåøêó, ïîäêëþ÷åííóþ ê ðîóòåðó) è ðàñïàêîâàòü. Åñëè ïðîøèâêà îò Îëåãà, òî îí òàì óæå åñòü.
Äàëåå â îäíîì îêíå çàïóñêàåòå ëîâëþ ïàêåòîâ íà âíåøíåì èíòåðôåéñå:

Code:

tcpdump -npevtttt -i eth1 -s 0 'tcp port 80'

à â äðóãîì îêíå - íà âíóòðåííåì:

Code:

tcpdump -npevtttt -i br0 -s 0 'tcp port 80'

Òåïåðü íàäî, ÷òîáû êòî-òî çàø¸ë ïî âíåøíåìó àäðåñó íà ïîðò 80. Ïîñëå ýòîãî ëîâëþ ïàêåòîâ ìîæíî îñòàíîâèòü (Ctrl+C) è èçó÷èòü ðåçóëüòàòû (èëè ïîêàçàòü èõ çäåñü äëÿ îáùåãî èçó÷åíèÿ).

Íàäî áóäåò ïîïðîáîâàòü, ÿ óæå çàëèë îôèöèàëüíóþ 3.0.0.9, è ñ íåé òî÷íî òàêàÿ æå ïðîáëåìà. ß â øîêå, åñëè ÷åñòíî.

**burning shadow** · 30-01-2010, 23:21

Êñòàòè, â îôèöèàëüíîé ïðîøèâêå íà ñòðàíèöå Status & Log / Port Forwarding ïî÷åìó-òî íå îòîáðàæåíî íè îäíîãî ôîðâàðäà, õîòÿ â Virtual Server îíè ïðîïèñàíû.

**burning shadow** · 30-01-2010, 23:36

Íîâûå ïîäðîáíîñòè. Ïîñìîòðåë â ëîãå ôàéðâîëëà íà ñåðâåðå, ïàêåòû äî íåãî äîõîäÿò. Ñëåäîâàòåëüíî, ïàêåòû äðîïàþòñÿ íà ïóòè îáðàòíî. Îñòàëîñü âûÿñíèòü, ãäå è ïî÷åìó.

Edit: Âûÿñíèë. Ïîñûïàþ ãîëîâó ïåïëîì. ß òóïîé äÿòåë. Ñåðâåð ïûòàëñÿ îòâå÷àòü ÷åðåç äðóãîé ãåéò, ïîýòîìó è íå ðàáîòàëî íè÷åãî. Ïðîøó ïðîùåíèÿ, òåìó ìîæíî çàêðûâàòü.

**Sergey1223** · 14-03-2010, 01:37

Ïîëüçóþñü D-Link DIR-320 ñ ïðîøèâêîé Îëåãà 1.9.2.7-10.7. Â ïëàíå äîñòóïà â Èíòåðíåò âñå óñòðàèâàåò, íî âîò âîçíèêëà íåîáõîäèìîñòü äàòü äîñòóï ñíàðóæè ê ñåðâåðó ñ WS2003 è IIS â äîìàøíåé ñåòè, è ýòà ïðîáëåìà ñòàâèò ìåíÿ â òóïèê. Â ëîêàëêå ñòàðòîâàÿ ñòðàíèöà îòêðûâàåòñÿ. Ñ äîñòóïîì ñíàðóæè âðîäå òîæå âñå î÷åâèäíî: ñòîèò DynDNS Updater, èç Èíòåðíåòà myserver.dyndns.org ïèíãóåòñÿ. Íî òîëüêî íå 80-é ïîðò.

Èòàê, íà ðîóòåðå â NAT Settings - Virtual Server óêàçàíî:
Port Range: 80
Local IP: 192.168.0.130 (àéïèøíèê ñåðâåðà â ëîêàëêå)
Protocol: Both

Ðàíüøå WS2003 ñòîÿë ñ ôèêñèðîâàííûì àéïèøíèêîì, ñëåäóÿ ñîâåòàì íà ôîðóìå, ïîìåíÿë åãî íà äèíàìè÷åñêèé, à ïðèñâîåíèå IP ïîâåñèë íà ðîóòåð.

Ïðè ïîïûòêå çàéòè íà myserver.dyndns.org ñíàðóæè ïîëó÷àþ òàéì-àóò. Â ëîãå ðîóòåðà ïîëó÷àþ ñëåäóþùåå:

Mar 14 03:09:58 dnsmasq[73]: DHCPINFORM(br0) 192.168.0.106 00:1b:77:9a:90:46
Mar 14 03:09:58 dnsmasq[73]: DHCPACK(br0) 192.168.0.106 00:1b:77:9a:90:46 FS

È íèêàê íå ìîãó ïîíÿòü, â ÷åì çàòûê? Îáúÿñíèòå ïëèç íóáó...

**bak** · 14-03-2010, 13:21

Port Range: 80
Local IP: 192.168.0.130 (àéïèøíèê ñåðâåðà â ëîêàëêå)
Protocol: Both

Ììì... Local port òîæå â 80. Ip ó ñåðâåðà óêàçàí âðó÷íóþ èëè ðîóòåð àâòîìàòè÷åñêè âûäà¸ò?

Mar 14 03:09:58 dnsmasq[73]: DHCPINFORM(br0) 192.168.0.106 00:1b:77:9a:90:46
Mar 14 03:09:58 dnsmasq[73]: DHCPACK(br0) 192.168.0.106 00:1b:77:9a:90:46 FS

Ýòî âîîáùå íå ïîíÿòíî ïðè ÷åì òóò. Åñëè 00:1b:77:9a:90:46 - ýòî âåá ñåðâåð, òî íàäî ëèáî âðó÷íóþ íà âåá ñåðâåðå ip âûñòàâèòü, ëèáî â IP-Conig >> DHCP Server óêàçàòü âðó÷íóþ êàêîé ip âûäàâàòü ñåðâåðó.

**Power** · 14-03-2010, 15:57

Originally Posted by Sergey1223

Ðàíüøå WS2003 ñòîÿë ñ ôèêñèðîâàííûì àéïèøíèêîì, ñëåäóÿ ñîâåòàì íà ôîðóìå, ïîìåíÿë åãî íà äèíàìè÷åñêèé, à ïðèñâîåíèå IP ïîâåñèë íà ðîóòåð.

À âû ïðîâåðèëè, ÷òî ñåðâåð òåïåðü ïîëó÷àåò àéïè 192.168.0.130?

Ïðîâåðüòå åù¸, ÷òîá áûëî âûñòàâëåíî:
NAT Setting - Virtual Server :: Enable Virtual Server? Yes (íó ìàëî ëè :)
Internet Firewall - WAN & LAN Filter :: WAN to LAN Filter :: Port Forwarding default policy: ACCEPT

È åù¸: çàïðîñû ìîæåò áëîêèðîâàòü ïðîâàéäåð. Ó íåêîòîðûõ ïðîâàéäåðîâ ýòî äàæå íàñòðàèâàåòñÿ.

**Sergey1223** · 16-03-2010, 07:06

Originally Posted by bak

Ììì... Local port òîæå â 80. Ip ó ñåðâåðà óêàçàí âðó÷íóþ èëè ðîóòåð àâòîìàòè÷åñêè âûäà¸ò?

Ýòî âîîáùå íå ïîíÿòíî ïðè ÷åì òóò. Åñëè 00:1b:77:9a:90:46 - ýòî âåá ñåðâåð, òî íàäî ëèáî âðó÷íóþ íà âåá ñåðâåðå ip âûñòàâèòü, ëèáî â IP-Conig >> DHCP Server óêàçàòü âðó÷íóþ êàêîé ip âûäàâàòü ñåðâåðó.

Local Port âûñòàâëÿë, IP ñåðâåðó âûäàâàë è âðó÷íóþ íà íåì æå, è ðîóòåðîì - áåçðåçóëüòàòíî (((

MAC ÿ íåïðàâèëüíûé ïðèâåë, äà - îí âûäàâàëñÿ ðàá. ñòàíöèè.

**Sergey1223** · 16-03-2010, 07:10

Originally Posted by Power

À âû ïðîâåðèëè, ÷òî ñåðâåð òåïåðü ïîëó÷àåò àéïè 192.168.0.130?

Ïðîâåðüòå åù¸, ÷òîá áûëî âûñòàâëåíî:
NAT Setting - Virtual Server :: Enable Virtual Server? Yes (íó ìàëî ëè

Internet Firewall - WAN & LAN Filter :: WAN to LAN Filter :: Port Forwarding default policy: ACCEPT

È åù¸: çàïðîñû ìîæåò áëîêèðîâàòü ïðîâàéäåð. Ó íåêîòîðûõ ïðîâàéäåðîâ ýòî äàæå íàñòðàèâàåòñÿ.

Äà, ó ñåðâåðà IP ýòîò ñàìûé.

NAT Setting - Virtual Server :: Enable Virtual Server? Yes - òàê è áûëî.

Internet Firewall - WAN & LAN Filter :: WAN to LAN Filter :: Port Forwarding default policy: ACCEPT - äåëàëà, äàæå WAN to LAN Filter ïûòàëñÿ îòêëþ÷àòü - íè÷åãî íå èçìåíèëîñü.

Ïðîâàéäåð - ÊîðáèíîÁèëàéí - åãî áðàíäìàóýð îòêëþ÷èë. Ðåçóëüòàò - ïîêà 0, ïðîäîëæàþ áîðîòüñÿ.

**Sergey1223** · 16-03-2010, 07:42

Originally Posted by Power

À âû ïðîâåðèëè, ÷òî ñåðâåð òåïåðü ïîëó÷àåò àéïè 192.168.0.130?

Ïðîâåðüòå åù¸, ÷òîá áûëî âûñòàâëåíî:
NAT Setting - Virtual Server :: Enable Virtual Server? Yes (íó ìàëî ëè

Internet Firewall - WAN & LAN Filter :: WAN to LAN Filter :: Port Forwarding default policy: ACCEPT

È åù¸: çàïðîñû ìîæåò áëîêèðîâàòü ïðîâàéäåð. Ó íåêîòîðûõ ïðîâàéäåðîâ ýòî äàæå íàñòðàèâàåòñÿ.

Ïðîáðîñèë ïîðò 8081 íà 80-é ñåðâåðà - è âñå ïîëó÷èëîñü. Ñòðàííî, ïî÷åìó íå âûøëî ïðîáðîñèòü 80-é íà 80-é æå...

Thread: Îïÿòü ïðîáëåìû ñ Port Forwarding

Thread Tools

Display

Îïÿòü ïðîáëåìû ñ Port Forwarding

Similar Threads

Port Forwarding Issue

Tags for this Thread

Posting Permissions