内网不能用迅雷，被PF防火墙拦了，怎么设置为内网可以使用迅雷呢

1soft

内网不能用迅雷，被PF防火墙拦了，怎么设置为内网可以使用迅雷呢
迅雷里的bt emule 端口我开放了  可以下载，
迅雷的资源站连接不了 开了3076端口也没用

1soft

用IE可以下
迅雷可以下载BT内容，我防火墙开了迅雷里的BT端口

防火墙还开了udp 3076 8000




迅雷本身的资源不能下了


迅雷下载
http://cn.download.nvidia.com/Wi ... ernational_whql.exe



提示错误

线程
2007-09-24 03:12:35 连接cn.download.nvidia.com:80...
2007-09-24 03:12:56 发生错误，等待5秒后重试...
任务信息
2007-09-24 03:12:35 开始连接......
2007-09-24 03:12:35 开始搜索候选资源......
2007-09-24 03:12:56 搜索候选资源发生错误，稍后重试搜索
2007-09-24 03:13:00 用户取消下载



我在工作站192.168.0.31
服务器192.168.0.11
在工作站SSH到服务器里 tcpdump 命令后看到的信息


12:28:34.732711 192.168.0.11.ssh > 192.168.0.31.1225: P 585216:585380(164) ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.732779 192.168.0.11.ssh > 192.168.0.31.1225: P 585380:585544(164) ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.732832 192.168.0.31.1225 > 192.168.0.11.ssh: . ack 585380 win 15760 (DF)
12:28:34.732869 192.168.0.11.ssh > 192.168.0.31.1225: P 585544:585708(164) ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.732933 192.168.0.11.ssh > 192.168.0.31.1225: P 585708:585840(132) ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.732985 192.168.0.31.1225 > 192.168.0.11.ssh: . ack 585708 win 15432 (DF)
12:28:34.733017 192.168.0.11.ssh > 192.168.0.31.1225: P 585840:585972(132) ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.733083 192.168.0.11.ssh > 192.168.0.31.1225: P 585972:586120(14 ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.733134 192.168.0.31.1225 > 192.168.0.11.ssh: . ack 585972 win 15168 (DF)
12:28:34.733169 192.168.0.11.ssh > 192.168.0.31.1225: P 586120:586268(14 ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.733231 192.168.0.11.ssh > 192.168.0.31.1225: P 586268:586400(132) ack 8477 win 17520 (DF) [tos 0x10]
12:28:34.733287 192.168.0.31.1225 > 192.168.0.11.ssh: . ack 586268 win 16384 (DF)

[ 本帖最后由 1soft 于 2007-9-24 03:22 编辑 ]

1soft

ext_if="em0"
int_if="fxp0"
nat on $ext_if from $int_if:network to any -> $ext_if

rdr on $ext_if proto udp from any to $ext_if port 3076 -> 192.168.0.31 port 3076
rdr on $ext_if proto udp from any to $ext_if port 8000 -> 192.168.0.31 port 8000
rdr on $ext_if proto tcp from any to $ext_if port 3077 -> 192.168.0.31 port 3077
rdr on $ext_if proto udp from any to $ext_if port 3078 -> 192.168.0.31 port 3078
rdr on $ext_if proto tcp from any to $ext_if port 80 -> 192.168.0.31 port 80
rdr on $ext_if proto udp from any to $ext_if port 15000 -> 192.168.0.31 port 15000
rdr on $ext_if proto tcp from any to $ext_if port 22812 -> 192.168.0.31 port 22812
rdr on $ext_if proto tcp from any to $ext_if port 23888 -> 192.168.0.31 port 23888

pass on $int_if proto 47 from any to any  keep state
pass in quick on $ext_if proto tcp from any to any keep state
pass in quick on $int_if from $int_if:network to any keep state
pass in all
pass out all

[ 本帖最后由 1soft 于 2007-9-24 23:10 编辑 ]

1soft

这样修改后迅雷里还是一样错误提示

1soft

这句也加了，还是不行

1soft

现在可以了，规矩这样的

ext_if="em0"
int_if="fxp0"
nat on $ext_if from $int_if:network to any -> $ext_if
rdr pass on $ext_if proto tcp from any to $ext_if port 1723 -> 192.168.0.31 port 1723
rdr pass on $ext_if proto 47 from any to $ext_if -> 192.168.0.31
rdr on $ext_if proto tcp from any to $ext_if port 10671 -> 192.168.0.31 port 10671
rdr on $ext_if proto tcp from any to $ext_if port 19777 -> 192.168.0.31 port 19777
rdr on $ext_if proto tcp from any to $ext_if port 3210 -> 192.168.0.31 port 3210
rdr on $ext_if proto tcp from any to $ext_if port 3214 -> 192.168.0.31 port 3214
rdr on $ext_if proto tcp from any to $ext_if port 31 -> 192.168.0.31 port 31

rdr on $ext_if proto tcp from any to $ext_if port 25087 -> 192.168.0.31 port 25087
rdr on $ext_if proto tcp from any to $ext_if port 31625 -> 192.168.0.31 port 31625
rdr on $ext_if proto tcp from any to $ext_if port 6112 -> 192.168.0.31 port 6112
rdr on $ext_if proto udp from any to $ext_if port 53 -> 192.168.0.31 port 53
rdr on $ext_if proto tcp from any to $ext_if port 5200 -> 192.168.0.31 port 5200
rdr on $ext_if proto tcp from any to $ext_if port 6200 -> 192.168.0.31 port 6200

rdr on $ext_if proto tcp from any to any port 3076 ->192.168.0.31 port 3076


rdr on $ext_if proto udp from any to $ext_if port 8000 -> 192.168.0.31 port 8000
rdr on $ext_if proto tcp from any to $ext_if port 6643 -> 192.168.0.31 port 6643
rdr on $ext_if proto udp from any to $ext_if port 6653 -> 192.168.0.31 port 6653
rdr on $ext_if proto udp from any to $ext_if port 15000 -> 192.168.0.31 port 15000
rdr on $ext_if proto tcp from any to $ext_if port 22812 -> 192.168.0.31 port 22812
rdr on $ext_if proto tcp from any to $ext_if port 23888 -> 192.168.0.31 port 23888
pass out quick on $int_if from any to any keep state
pass out on $ext_if proto udp all keep state
pass on $int_if proto 47 from any to any  keep state
pass in quick on $ext_if proto tcp from any to any keep state
pass in quick on $int_if from $int_if:network to any keep state
pass in all
pass out all