论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2006-08-22 23:36 |只看该作者 |倒序浏览

OPBENBSD+PF做NAT\r\nPF.CONF \r\n:\r\next_if=\"em1\"\r\nint_if=\"em0\"\r\ntable <spamd> persist\r\ntable <spamd-white> persist\r\nset skip on lo\r\nscrub in\r\nnat-anchor \"ftp-proxy/*\"\r\nrdr-anchor \"ftp-proxy/*\"\r\nnat on em1 from any to any -> (em1) \r\n#rdr on em0 inet proto tcp from 61.234.228.139 to any port 80 -> 127.0.0.1 port 3128 \r\nrdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021\r\nrdr pass on $ext_if proto tcp from <spamd> to port smtp \\\r\n -> 127.0.0.1 port spamd\r\nrdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \\\r\n -> 127.0.0.1 port spamd\r\nrdr pass on $ext_if proto tcp from any to port 21 \\\r\n -> 127.0.0.1 port 8021 \r\nanchor \"ftp-proxy/*\"\r\n#block in\r\npass out keep state\r\npass quick on $int_if\r\nantispoof quick for { lo $int_if }\r\npass in on $ext_if proto tcp to ($ext_if) port ssh keep state\r\npass in log on $ext_if proto tcp to ($ext_if) port smtp keep state\r\npass out log on $ext_if proto tcp from ($ext_if) to port smtp keep state\r\n\r\nIFCONFIG\r\n:\r\nlo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33224\r\n groups: lo \r\n inet 127.0.0.1 netmask 0xff000000 \r\n inet6 ::1 prefixlen 128\r\n inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6\r\nem0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500\r\n lladdr 00:04:23:b4:42:16\r\n media: Ethernet autoselect (100baseTX full-duplex)\r\n status: active\r\n inet 192.168.88.2 netmask 0xffffff00 broadcast 192.168.88.255\r\n inet6 fe80::204:23ff:feb4:4216%em0 prefixlen 64 scopeid 0x1\r\nem1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500\r\n lladdr 00:0e:0c:a1:bd:7a\r\n groups: egress \r\n media: Ethernet autoselect (100baseTX full-duplex)\r\n status: active\r\n inet 222.240.132.149 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet6 fe80::20e:cff:fea1:bd7a%em1 prefixlen 64 scopeid 0x2\r\n inet 222.240.132.150 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet 222.240.132.151 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet 222.240.132.152 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet 222.240.132.153 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet 222.240.132.154 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet 222.240.132.155 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet 222.240.132.156 netmask 0xffffff00 broadcast 222.240.132.255\r\n inet 222.240.132.157 netmask 0xffffff00 broadcast 222.240.132.255\r\npflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224\r\npfsync0: flags=0<> mtu 1460\r\n groups: carp \r\nenc0: flags=0<> mtu 1536\r\n\r\n\r\nROUTE\r\n:\r\nDestination Gateway Flags Refs Use Mtu Interface\r\ndefault 222.240.132.145 UGS 1 36462524 - em1\r\n61.234/15 192.168.88.1 UGS 0 1456600 - em0\r\nloopback localhost UGRS 0 0 33224 lo0\r\nlocalhost localhost UH 9 72 33224 lo0\r\n192.168.88/24 link#1 UC 3 0 - em0\r\n192.168.88.1 00:09:11:da:08:ab UHLc 2 0 - em0\r\n192.168.88.2 00:04:23:b4:42:16 UHLc 0 1570 - lo0\r\n192.168.88.6 00:09:11:da:08:ab UHLc 0 12669 - em0\r\n222.51/16 192.168.88.1 UGS 1 47460853 - em0\r\n222.240.132/24 link#2 UC 2 0 - em1\r\n222.240.132.145 00:12:80:b7:b6:00 UHLc 1 30 - em1\r\nnat 00:0e:0c:a1:bd:7a UHLc 0 38 - lo0\r\n222.240.132.150 localhost UGHS 0 92 33224 lo0\r\n222.240.132.151 localhost UGHS 0 24 33224 lo0\r\n222.240.132.152 localhost UGHS 0 6 33224 lo0\r\n222.240.132.153 localhost UGHS 0 30 33224 lo0\r\n222.240.132.154 localhost UGHS 0 32 33224 lo0\r\n222.240.132.155 localhost UGHS 0 104 33224 lo0\r\n222.240.132.156 localhost UGHS 0 32 33224 lo0\r\n222.240.132.157 localhost UGHS 0 25 33224 lo0\r\nBASE-ADDRESS.MCAST localhost URS 0 0 33224 lo0\r\n\r\n但是我在客户端下的PING DNS出现下面情况\r\n\r\n>> Main# ping 202.103.96.112 32\r\n[host 202.103.96.112, max tries 32, delay 1000 msec]\r\n#0 got ICMP Destination Unreachable from 192.168.88.2.\r\n202.103.96.112: #1 timed out.\r\n#0 got ICMP Destination Unreachable from 192.168.88.2.\r\n202.103.96.112: #2 timed out.\r\n#0 got ICMP Destination Unreachable from 192.168.88.2.\r\n202.103.96.112: #3 timed out.\r\n202.103.96.112: #4 timed out.\r\n202.103.96.112: #5 timed out.\r\n#0 got ICMP Destination Unreachable from 192.168.88.2.\r\n202.103.96.112: #6 timed out.\r\n#0 got ICMP Destination Unreachable from 192.168.88.2.\r\n202.103.96.112: #7 timed out.\r\n202.103.96.112: #8 ok, RTT 4 msec.\r\n202.103.96.112: #9 ok, RTT 5 msec.\r\n202.103.96.112: #10 ok, RTT 3 msec.\r\n202.103.96.112: #11 ok, RTT 4 msec.\r\n202.103.96.112: #12 ok, RTT 4 msec.\r\n202.103.96.112: #13 ok, RTT 3 msec.\r\n202.103.96.112: #14 ok, RTT 4 msec.\r\n\r\n请求各位大大紧急帮助

追忆逝水流年

丰衣足食

论坛徽章:: 0

2楼 [报告]

发表于 2006-08-24 12:08 |只看该作者

我没看你的配置，根据以往的经验，ICMP Destination Unreachable from 192.168.88.2.\r\n\r\n1是192.168.88.2上没有相关路由，或者是有路由但是到下一跳的IP报文不可达。

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

返回列表

Chinaunix › 论坛 › 备份版区 › 企业网管技术交流区 › ICMP Destination Unreachable 的问题,紧急求助

ICMP Destination Unreachable 的问题,紧急求助 [复制链接]

浏览过的版块