Originally Posted by
md5sum
ifconfig -a
iptables -L -n -v
iptables -L -n -v -t nat
ping 192.168.0.0 (пинговаться не должно)
arp -a
Версия прошивки ?
Прошивка: 1.9.2.7-10
Локальный IP не 192.168.2.52, а 192.168.2.5
Code:
[admin@Emily root]$ ifconfig -a
br0 Link encap:Ethernet HWaddr xxxxxxxxx
inet addr:192.168.9.148 Bcast:192.168.15.255 Mask:255.255.240.0
inet6 addr: fe80::21f:c6ff:fe60:cee2/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2483 errors:0 dropped:0 overruns:0 frame:0
TX packets:1963 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:242128 (236.4 KiB) TX bytes:1248451 (1.1 MiB)
eth0 Link encap:Ethernet HWaddr xxxxxxxxxxxx
inet6 addr: fe80::21f:c6ff:fe60:cee2/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30046 errors:0 dropped:0 overruns:0 frame:0
TX packets:2956 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:3933317 (3.7 MiB) TX bytes:421628 (411.7 KiB)
Interrupt:4 Base address:0x1000
eth1 Link encap:Ethernet HWaddr xxxxxxxxxxxxxx
inet6 addr: fe80::21f:c6ff:fe60:cee2/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2483 errors:0 dropped:0 overruns:0 frame:139
TX packets:2180 errors:1 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:276912 (270.4 KiB) TX bytes:1286626 (1.2 MiB)
Interrupt:12 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:333 errors:0 dropped:0 overruns:0 frame:0
TX packets:333 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:28594 (27.9 KiB) TX bytes:28594 (27.9 KiB)
sit0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vlan0 Link encap:Ethernet HWaddr xxxxxxxxxxxxxx
inet6 addr: fe80::21f:c6ff:fe60:cee2/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:771 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:165942 (162.0 KiB)
vlan1 Link encap:Ethernet HWaddr xxxxxxxxxxxx
inet addr:MY_REAL_IP Bcast:XXX.XXX.62.127 Mask:255.255.255.128
inet6 addr: fe80::20d:87ff:fe0f:11a/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30029 errors:0 dropped:0 overruns:0 frame:0
TX packets:2183 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3391543 (3.2 MiB) TX bytes:255538 (249.5 KiB)
vlan1:0 Link encap:Ethernet HWaddr xxxxxxxxxxxxxx
inet addr:192.168.2.5 Bcast:192.168.2.255 Mask:255.255.240.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Code:
[admin@Emily root]$ iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2 285 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
448 42078 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
26 1560 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
237 67529 ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
266 37365 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 771 packets, 53387 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.9.155 udp dpt:16402
0 0 ACCEPT all -- * vlan1 0.0.0.0/0 192.168.0.0/20
0 0 ACCEPT all -- br0 br0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
2948 1289K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 DROP all -- !br0 vlan1 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT
0 0 DROP all -- * br0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 730 packets, 120K bytes)
pkts bytes target prot opt in out source destination
Chain MACS (0 references)
pkts bytes target prot opt in out source destination
Chain SECURITY (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 limit: avg 1/sec burst 5
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04 limit: avg 1/sec burst 5
0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logaccept (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix `ACCEPT '
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix `DROP '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
[admin@Emily root]$ iptables -L -n -v -t nat
Chain PREROUTING (policy ACCEPT 8093 packets, 841K bytes)
pkts bytes target prot opt in out source destination
205 21814 VSERVER all -- * * 0.0.0.0/0 MY_REAL_IP
Chain POSTROUTING (policy ACCEPT 28 packets, 1652 bytes)
pkts bytes target prot opt in out source destination
0 0 SNAT all -- * vlan1 0.0.0.0/0 192.168.0.0/20 to:192.168.2.5
322 28942 SNAT all -- * vlan1 !MY_REAL_IP 0.0.0.0/0 to:MY_REAL_IP
28 1653 SNAT all -- * br0 192.168.0.0/20 192.168.0.0/20 to:192.168.9.148
Chain OUTPUT (policy ACCEPT 56 packets, 3305 bytes)
pkts bytes target prot opt in out source destination
Chain VSERVER (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53194 to:192.168.1.155:16402
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12411 to:192.168.1.195:12411
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:12411 to:192.168.1.195:12411
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53195 to:192.168.9.155:16402
[admin@Emily root]$ ping 192.168.0.0
PING 192.168.0.0 (192.168.0.0): 56 data bytes
--- 192.168.0.0 ping statistics ---
10 packets transmitted, 0 packets received, 100% packet loss
[admin@Emily root]$ arp -a
-sh: arp: not found