FreeBSD server installed concise Raiders (onions turn) Please retain the information reproduced writer Onions Recently more and more friends to create their own use FreeBSD powerful network server functions, in this process may encounter some troubles. For everybody detours, some here used briefly sought the services installed. Basic network installed : Defaultrouter= "192.168.0.1" Gateway_enable= "yes" Hostname= "xxxhost.xxxdomain.com" Ifconfig_rl0= "inet 192.168.0.1 netmask 255.255.255.0" NIC to within rl0 : You need to write according to your actual card equipment. How to set up an ADSL line in FreeBSD I have published such an article, I was not here in the memo. Refer to the following : How FreeBSD installed ADSL line (in FreeBSD 4.4 under test) FreeBSD has installed ADSL Internet access on the part of the article is wrong, the document released here onions. 1. Document editing /etc/ppp/ppp.conf Default : Log Phase tun command set Enable dns Adsl : Set device PPPoE : Equipment; NIC members that the equipment Set speed sync Set mru 1492 Set mtu 1492 Set dial Set Login Add default HISADDR Accounts were set authname Set authkey password Papchap : Accounts were set authname Set authkey password 2. Editor /boot/defaults/loader.conf Ng_pppoe_load= "yes" Virtual Dial : ppp -background adsl See : ifconfig tun0 pseudo-testing equipment tied to the IP address that the success of the ISP distribution If switched on the automatic dial-up, it should be amended /etc/rc.conf increase about Fields : Ppp_enable= "yes" Ppp_mode= "ddial" Ppp_profile= "adsl" Second buffer - DNS 1. Editor /etc/resolv.conf Domain xxxxx.com Nameserver 127.0.0.1 Nameserver xxx.xxx.xxx.xxx.xxx Nameserver xxx.xxx.xxx.xxx.xxx (The latter two in the general dial automatically generated, it is ISP's domain name server analysis addresses. They must be placed before 127.0.0.1) 2. Localhost.rev document creation Chmod 744 /etc/namedb/make-localhost (script to be enforceable) Cd /etc/namedb . /make-localhost 3. Editor /etc/namedb/named.conf Options -- Directory "/etc/namedb"; Forward only; Forwarders ( Xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx;                 }; };                                                                                                                                                 Zone. " "-- Type hint; File "named.root"; };                                                                                                                                                 Zone "0.0.127.IN-ADDR.ARPA" -- Type master; File "localhost.rev"; }; Note : The top two inside two nameserver addresses xxx.xxx.xxx.xxx is /etc/resolv.conf 4. Laws /etc/rc.conf Named_enable= adding "yes" Transparent Proxy set up three It is assumed that you have already installed and put to use good proxy, the proxy if you are not familiar with the case, I set up the proxy will be posted later. Internet use is generally done ipfw firewall, but I think ipfilter ipfw more convenient and handy, use ipfilter here. 1. Editor /boot/defaults/loader.conf Networking modules in adding : Ipl_load= "yes" 2. Creating /etc/ipfilter.rules (ipfilter rules), an example is given here just to set the rules according to their specific needs. Block in name from any log on to any foreign NIC Block out who log on from any to any foreign NIC NIC who log on outside pass out proto icmp all keep state NIC who log on outside pass out from any to any keep state proto tcp/udp NIC name on outside pass in proto tcp from any to any port = ftp-data keep state NIC outside pass in on who ftp-data proto tcp from any port to any port = "; 1023 keep state Pass card were all in on time Pass out on all members within the NIC NIC who log on foreign return-rst block in proto tcp from any to any flags S/SA Block return-icmp (net-unr) in NIC who log on outside proto udp from any to any 3. Creating /etc/ipnat.rules (NAT rules) Rdr who 0.0.0.0/0 port network adapter within 80 ->; 192.168.0.1 port 3128 tcp/udp Note : ip address 192.168.0.1 as the internal network adapter, and assume your proxy to the port 3128, instead of the actual change will be good enough. 4. Editor /etc/rc.conf adding : Ipfilter_enable= "yes" Ipfilter_rules= "/etc/ipfilter.rules" Ipnat_enable= "yes" Ipnat_rules= "/etc/ipnat.rules" Here, the whole set up transparent proxy installed basically completed, and normal services to ensure that your proxy switched automatically activated. Then restart the server. Gateway and DNS service to the client computer devices have changed addresses within the NIC ip address (where I was 192.168.0.1) will be good enough. FreeBSD server installed concise Raiders (onions turn) ... [size=14][color=#551717] Thank landlord sharing, support! [/color][/size] FreeBSD server installed concise Raiders (onions turn) Thank you, the landlord does not take hard work, we wish to ask the question, automatically activated every time the PPP and named after, renewable resolv.conf, nameservcer will not 127.0.0.1. This caching DNS influential? I do not like 127.0.0.1 caching DNS can also work. Looking forward to some high-end proxy explain, for example, only certain documents cache, the cache is not zip&rar 2.5.1 seems to be that there are 4.8 ipfilter in frbsd Denial of Service Bug? Core Compiler efficiency 吗?? not use ipfilter FreeBSD server installed concise Raiders (onions turn) Ipfilter not translated kernel? ! , I have to test below. FreeBSD server installed concise Raiders (onions turn) [quote][i] Note from the original "ihweb" ]ipfilter not translated kernel? ! , I have to test below. [/quote [/i] Released : Kernel can not be translated? Told me after the test results. Thank you. FreeBSD server installed concise Raiders (onions turn) [quote][i] Original note from the "Shi Huang Tiger" ][quote:3be53196c9= "ihweb" ]ipfilter not translated kernel? ! , I have to test below. [/quote [/i] Released : Kernel can not be translated? Told me after the test results. Thank you. [/quote] Wow Fuck! Not even really a translation of! ! ! ! ! (Pairs FBSD 4.7 release) FreeBSD server installed concise Raiders (onions turn) Even God! ! Even the names ipfw can do load. FreeBSD server installed concise Raiders (onions turn) O.K., good~~ FreeBSD server installed concise Raiders (onions turn) Zhengo on the issue, the same can not 127.0.0.1 DNS cache, which is correct. Theoretically it may not only play a buffer role may only play the role switch jump, it is my guess that may not be correct, but I looked up some information in English, this allegation. Store module theoretically efficient use ipfilter not translated into higher core, but in most circumstances are not obvious, can be assured and if the high demand for efficient translation may kernel. Store module which I found by the general information only people translation core, but there has not ipl loader.conf document, but there are the so hard disk, so I tried it, confirmed my thoughts. Ipfilter can not even ipfw kernel can be extrapolated without translation. At play architecture, which has set up six months ago, I realized that my little has been written on this. I will continue to air these days I made some simple setup and line experience and study. FreeBSD server installed concise Raiders (onions turn) Wow 噻, the BSD version of the crop-growing, D : D : FreeBSD server installed concise Raiders (onions turn) Ha Ha Ha : : : : : : When I discovered 5.0 release can be extrapolated, can be extrapolated today to 4.7! ! Ha Ha Ha : : : : good, so the test can do so many things! ! Ha Ha Ha : : : : : : Cool! ! FreeBSD server installed concise Raiders (onions turn) On, the loss to the Eastern, the translation of several core. : Twisted : FreeBSD server installed concise Raiders (onions turn) Support to! FreeBSD server installed concise Raiders (onions turn) [quote][i] Original note from the "Shi Huang Tiger"] on, the loss to the Eastern, the translation of several core. : : Twisted:[/quote published [/i] I also, have translated Once again he was exhausted. FreeBSD server installed concise Raiders (onions turn) I wonder if you tried not onion, according to your DNS usage, I will be starting from resolv.conf that every renewable, Nameservers 127.0.0.1 be covered, I forced from after adding, Resolv.conf copy to the increase in the nameserver 127.0.0.1 dns.conf Cp /etc/resolv.conf /etc/dns.conf In rc.conf, 1976 Named_enable= "yes" Named_flags= "t /etc dns.conf" Found that some games dns explained Would you try MU specific, and not 127.0.0.1 on nothing more than test in frbsd4.8 NAT + ppp named +dhcpd+squid on ADSL now, in addition to the above problems are DNS, No other issue. Is there any other ways to make resolv.conf Lane 127.0.0.1 coverage can not be retained. If no solution according to theory, nothing 127.0.0.1 in the dns cache with no adsl ppp Lane, the local telecommunications dns client directly write as fast as broadband is concerned. In addition, he also used dns proxy caching, the effect is self-evident. 202.96.128.68 127.0.0.1 61.144.56.101 dns_nameservers increase in squid.conf Tim dns to the local telecommunications two behind, do not know resolv.conf. FreeBSD server installed concise Raiders (onions turn) [quote][i] Note from the original "ihweb" [/i] released : I also, have translated Once again he was exhausted. [/quote] Instead /etc/rc you do not look good, /etc/defaults/rc.conf :!: Once again he was exhausted and authorization are not lazy : P oh FreeBSD server installed concise Raiders (onions turn) [quote][i] Note from the original "i2era" ][quote:ccdf08f5a7= "ihweb" [/i] released : I also, have translated Once again he was exhausted. [/quote] Instead /etc/rc you do not look good, /etc/defaults/rc.conf :!: Once again he was exhausted and authorization are not lazy P[/quote] yelled : Oh, this long knowledge! ! FreeBSD server installed concise Raiders (onions turn) Answer : zhengo After reopening, resolv.conf will be automatically renewable, 127.0.0.1 would be deleted temporarily only temporary, or I did not expect. In addition, the proxy address on the inside of the plane where a dns_nameservers can play almost the same effect. Moment, I still have not found any website, I rarely went to games sites may be right. I have also seen some not visit the website, was later found inside the ppp.conf mru, mtu installed, or designated for 1492 will be deleted from the normal. You take a look inside your ppp.conf whether such a problem, whether it is normal for deletion. FreeBSD server installed concise Raiders (onions turn) I mtu, mru=1492 Visit the website is no problem because of the use of proxy But online games regularly update, manufacturers generally use of the domain name at, it should be explained dns It is useless to the proxy games with the configuration that is not in front of me, dns mistake. Anyway, let me resolv.conf not 127.0.0.1, no problem NAT+named+squid transparency, the use of the Internet dns cache, the use of transponders on the game DNS Not any problems in practical application. . If there is no ppp lan broadband Lane, but lan Debugging And the results of the same problems encountered by ppp FreeBSD server installed concise Raiders (onions turn) Good test : [ Closed window ]