Íàñòðîéêà DynDNS íà ðîóòåðå Asus

[Rify]

http://www.dyndns.com/ - çàâåäè àêêàóíò è ïðîïèøè â âåá-ìîðäå. Âñ¸. Ó ìåíÿ òîæå èï äèíàìè÷åñêèé, dyndns èñïîëüçóþ.

[slavamvr]

Ñïàñèáî! Îáÿçàòåëüíî âå÷åðîì ïîïðîáóþ!

[slavamvr]

Ïîïðîáîâàë.Ïîíÿòíî , ÷òî íè÷åãî íå ïîíÿòíî! Hostname ñîçäàë, Wildcard íå çíàþ ÷òî òàêîå, íóæíî ñîçäàâàòü è èñïîëüçîâàòü èëè íåò.Íî ñàìîå ãëàâíîå íå ïîíÿòíî, êàê áóäåò îñóùåñòâëÿòñÿ ïðèâÿçêà ïðè ñìåíå IP ? Ïîìîãèòå, êòî ìîæåò !!!

[slavamvr]

Âñåì ñïàñèáî! Âñå çàðàáîòàëî !!!

[bocman]

Äîáðîå âðåìÿ ñóòîê!
Ïîíèìàþ, ÷òî âîïðîñ äîâîëüíî ñòàíäàðòíûé, íî íà ôîðóìå íàøåë òîëüêî îäíó òåìó.

Åñòü ìàøèíà, äîïóñòèì 192.168.1.10
íà êîòîðîé ñòîèò Windows ñ òåðìèíàëüíîé ñëóæáîé, íà êîòîðûé íàäî ïîïàñòü èç èíåòà, òàê æå èìååòñÿ ðåàëüíûé ip.

Êàê ïðîáðîñèòü ïðàâèëüíî ïîðò RDP (îí îäèí? è â îäíó èëè îáå ñòîðîíû?) ÷òî áû ÿ ìîã èç èíåòà äîñòó÷àòüñÿ äî óêàçàííîé âèíäîâîé ìàøèíû óäàëåííûì ðàáî÷èì ñòîëîì? Æåëàòåëüíî íå èñïîëüçóÿ web-èíòåðôåéñ äëÿ íàñòðîéêè.

Çàðàíåå ñïàñèáî!

[Less]

 ôàéë post-firewall äîáàâèòü:

PHP Code:

#RDP
iptables -t nat -I PREROUTING -i $WAN_IF -p tcp -d $WAN_IP --dport 3389 -j DNAT --to-destination 192.168.1.10:3389
iptables -t nat -I PREROUTING -o $WAN_IF -p tcp -s 192.168.1.10 --sport 3389 -j DNAT --to-destination $WAN_IP
iptables -I FORWARD -i $WAN_IF -p tcp -m tcp -d 192.168.1.10 --dport 3389 -j ACCEPT
iptables -I FORWARD -o $WAN_IF -p tcp -m tcp -s 192.168.1.10 --sport 3389 -j ACCEPT 


$WAN_IF - èíòåðôåéñ vlan1, ppp0...
$WAN_IP - âíåøíèé àäðåñ

[lll123lll]

NAT Setting ->VirtualServer

Port Range 3333
Local IP 192.168.1.10
Local Port 3389
Protocol TCP
Description RDPName


Ïðè ïîäêëþ÷åíèè óêàçàòü âíåøíèéIP:3333
ãäå âíåøíèé ip àäðåñ ïîëó÷åííûé îò ïðîâàéäåðà
3333 - ëþáîé ñâîáîäíûé âíåøíèé ïîðò (èáî îòêðûâàòü íàïðÿìóþ 3389 ìîâåòîí)
îí äîëæåí áûòü "áåëûì" ò.å. âèäèìûì èç âíåøíåé ñåòè
òàê æå ìîæíî âêëþ÷èòü DDNS
IP Config -> Miscellaneous -> Enable the DDNS Client
÷òîáû àäðåñ ïîëó÷åííûé ðîóòåðîì ñîîáùàëñÿ âíåøíåìó ñåðâèñó
è åãî îòòåëü ìîæíî áûëî áðàòü óêàçûâàÿ âìåñòî àäðåñà äîìåííîå èìÿ

åñëè ïðîâàéäåð ìàñêèðóåò àäðåñ
òî îí äîëæåí âî âñåõ ñâîèõ øëþçàõ ïðîáðîñèòü ïîðò (â äàííîì ñëó÷àå 3333)
ïðîïèñàâ ìàðøðóò êîíêðåòíîãî êîìïà\ðîóòåðà âî âíóòðåííåé ñåòè ñ êîòîðûì äîëæíî ïðîèñõîäèòü ñîåäèíåíèå ïî ýòîìó ïîðòó

[Less]

Äîáàâëþ

Code:

iptables -t nat -I PREROUTING -i $WAN_IF -p tcp -d $WAN_IP -s $WORK_IP --dport 3389 -j DNAT --to-destination 192.168.1.10:3389

-s $WORK_IP Ðîçðåøàåò ïîäêëþ÷åíèå òîëüêî ñ äàíîãî àäðåñà íà Âàø àäðåñ:ïîðò.

[bocman]

Äîáàâëþ

Code:

iptables -t nat -I PREROUTING -i $WAN_IF -p tcp -d $WAN_IP -s $WORK_IP --dport 3389 -j DNAT --to-destination 192.168.1.10:3389

-s $WORK_IP Ðîçðåøàåò ïîäêëþ÷åíèå òîëüêî ñ äàíîãî àäðåñà íà Âàø àäðåñ:ïîðò.

Áîëüøîå ñïàñèáî! ýòî òî ÷òî ìíå íóæíî!
à åñëè ìíå ïîíàäîáèòñÿ çàõîäèòü ïîä íå ñòàíäàðòíûì ïîðòîì òî êàê ýòî ïðîïèñàòü? (è åñëè çíàåòå, òî ãäå ìîæíî óêàçàòü ýòîò íåñòàíäàðòíûé ïîðò ïðè ïîäêëþ÷åíèè â windows?)

[bocman]

$WAN_IF - èíòåðôåéñ vlan1, ppp0...

à êàê óçíàòü, êàêîé ó ìåíÿ èíòåðôåéñ WAN?
ñïåöèàëüíî íè÷åãî íå ìåíÿë, íî íàñòðàèâàë VPN,÷åðåç âåá-ìîðäó

[Less]

Êîìàíäà
ifconfig â êîíñîëå.

Code:

eth0      Link encap:Ethernet  HWaddr 00:0F:20:CF:8B:42
          inet addr:217.149.127.10  Bcast:217.149.127.63  Mask:255.255.255.192
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2472694671 errors:1 dropped:0 overruns:0 frame:0
          TX packets:44641779 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1761467179 (1679.8 Mb)  TX bytes:2870928587 (2737.9 Mb)
          Interrupt:28

eth0 è åñòü $WAN_IF (èõ áóäåò íåñêîëüêî, ñìîòðèòå êàêîé èíòåðôåéñ èìååò Âàø âíåøíèé àäðåñ).
inet addr:217.149.127.10 - ñîîòâåòñòâåííî àäðåñ

Íåñòàíäàðòíûé ïîðò îí ìîæåò áûòü ëþáûì â äèàïàçîíå 1024:65535.

Óêàçûâàòü â âèíäîâñ Âàì íå íóæíî, Âû óêàçûâàåòå --dport 3389 òóò è ïðîïèøûòå ëþáîé êîòîðûé Âàì ïîäõîäèò èç äèàïàçîíà (ãëàâíîå ÷òî áû îí íå ãäå íå áëîêèðîâàëñÿ) à äàëüøå âñ¸ êàê áûëî -j DNAT --to-destination 192.168.1.10:3389

[ParadoxRus]

Ó ìåíÿ ÷òî-òî ïîõîæåå áûëî... Ïîòîì ÿ çàáèë è ðàáîòàþ ñ dyndns ÷åðåç êîíñîëü òîëüêî - â âåáå ïðàêòè÷åñêè âñ¸ âûêëþ÷åíî: ftp, samba, dyndns - îíî êðèâîå êàêîå òî ïî óìîë÷àíèþ... íàäî ðàøïèëåì äîäåëûâàòü... ÿ á âîîáùå ïðåäëîæèë - ïîóáèðàòü âñå íàôèã ýòî èç ñòàíäàðòíîé ïðîøèâêè, âñå ðàâíî íóæíî âñå ìåíÿòü ðóêàìè...

[Rify]

Òîæå åñòü íåîáõîäèìîñòü ïðîáðîñèòü ïîðò, íî äëÿ äðóãèõ öåëåé.
Âîïðîñ òàêîé. Ïðîâàéäåð ïðåäîñòàâëÿåò äèíàìè÷åñêèé IP.
×òî æå òîãäà çäåñü óêàçàòü? $WAN_IP

[Less]

Òîæå åñòü íåîáõîäèìîñòü ïðîáðîñèòü ïîðò, íî äëÿ äðóãèõ öåëåé.
Âîïðîñ òàêîé. Ïðîâàéäåð ïðåäîñòàâëÿåò äèíàìè÷åñêèé IP.
×òî æå òîãäà çäåñü óêàçàòü? $WAN_IP

 íà÷àëå ôàéëà post-firewall äîáàâèòü

Code:

$WAN_IP=`nvram get wan_ipaddr`

Íî äëÿ íà÷àëà íóæíî ïðîñòî âûïîëíèòü êîìàíäó

Code:

nvram get wan_ipaddr

÷òîáû ïðîâåðèòü îòäà¸ò ëè îí Âàø âíåøíèé àääðåñ.

[bocman]

åùå îäèí âîïðîñ ïî ïðîáðîñó ïîðòîâ, òîëüêî óæå ftp è http,
ÿ ñäåëàë òàê:

# port-forvarding to web-server
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 8081 -j DNAT --to-destination 192.168.0.2:80
iptables -I FORWARD -i ppp0 -p tcp -m tcp -d 192.168.0.2 --dport 80 -j ACCEPT
iptables -I FORWARD -o ppp0 -p tcp -m tcp -s 192.168.0.2 --sport 80 -j ACCEPT
iptables -t nat -A POSTROUTING -p tcp -o ppp0 -s 192.168.0.2 --sport 80 -j SNAT --to-source $my_WAN_IP
# end of port-forwarding to web-server

# port-forvarding for ftp
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 21 -j DNAT --to-destination 192.168.0.2:21
iptables -I FORWARD -i ppp0 -p tcp -m tcp -d 192.168.0.2 --dport 21 -j ACCEPT
iptables -I FORWARD -o ppp0 -p tcp -m tcp -s 192.168.0.2 --sport 21 -j ACCEPT
iptables -t nat -A POSTROUTING -p tcp -o ppp0 -s 192.168.0.2 --sport 21 -j SNAT --to-source $my_WAN_IP
# end of port-forwarding for ftp


âñå ðàáîòàåò èç âíå, íî èç âíóòðåííåé ñåòêè ñîîòâåòñâåííî íå ðàáîòàåò.
êàê äîáèòüñÿ ÷òî áû è èç ëîêàëêè ÿ ìîã ïîïàäàòü íà ftp è http ÷åðåç âíåøíèé èíòåðôåéñ?