Никто не знает какие порты надо открывать в фаерволе для работы mpd5 соединения?
Этот сервер далеко и локальная сеть к нему идет через туннели ipsec, и вот по этой локалке где разрешены почти все порты.. если в настройках mpd указать внутренний ip тогда соединение сразу поднимается! А вот ломлюсь через внешку по глабалу к тому серверу.. вроде авторизация идет (логи) но затык какой-то, всяко виноват ipfw, а надо сделать дверцу с внешки для пары ppptp соединений.
Логи:
Код: Выделить всё
Sep 27 17:18:24 gate4 mpd: [L-1] Accepting PPTP connection
Sep 27 17:18:24 gate4 mpd: [L-1] Link: OPEN event
Sep 27 17:18:24 gate4 mpd: [L-1] LCP: Open event
Sep 27 17:18:24 gate4 mpd: [L-1] LCP: state change Initial --> Starting
Sep 27 17:18:24 gate4 mpd: [L-1] LCP: LayerStart
Sep 27 17:18:24 gate4 mpd: [L-1] PPTP: attaching to peer's outgoing call
Sep 27 17:18:24 gate4 mpd: [L-1] Link: UP event
Sep 27 17:18:24 gate4 mpd: [L-1] LCP: Up event
Sep 27 17:18:24 gate4 mpd: [L-1] LCP: state change Starting --> Req-Sent
Sep 27 17:18:24 gate4 mpd: [L-1] LCP: SendConfigReq #1
Sep 27 17:18:24 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:24 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:24 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:24 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:24 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:26 gate4 mpd: [L-1] LCP: SendConfigReq #2
Sep 27 17:18:26 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:26 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:26 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:26 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:26 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:28 gate4 mpd: [L-1] LCP: SendConfigReq #3
Sep 27 17:18:28 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:28 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:28 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:28 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:28 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:30 gate4 mpd: [L-1] LCP: SendConfigReq #4
Sep 27 17:18:30 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:30 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:30 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:30 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:30 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:32 gate4 mpd: [L-1] LCP: SendConfigReq #5
Sep 27 17:18:32 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:32 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:32 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:32 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:32 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:34 gate4 mpd: [L-1] LCP: SendConfigReq #6
Sep 27 17:18:34 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:34 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:34 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:34 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:34 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:36 gate4 mpd: [L-1] LCP: SendConfigReq #7
Sep 27 17:18:36 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:36 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:36 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:36 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:36 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:38 gate4 mpd: [L-1] LCP: SendConfigReq #8
Sep 27 17:18:38 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:38 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:38 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:38 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:38 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:40 gate4 mpd: [L-1] LCP: SendConfigReq #9
Sep 27 17:18:40 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:40 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:40 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:40 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:40 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:42 gate4 mpd: [L-1] LCP: SendConfigReq #10
Sep 27 17:18:42 gate4 mpd: [L-1] ACFCOMP
Sep 27 17:18:42 gate4 mpd: [L-1] PROTOCOMP
Sep 27 17:18:42 gate4 mpd: [L-1] MRU 1500
Sep 27 17:18:42 gate4 mpd: [L-1] MAGICNUM f9c958a0
Sep 27 17:18:42 gate4 mpd: [L-1] AUTHPROTO CHAP MSOFTv2
Sep 27 17:18:44 gate4 mpd: [L-1] LCP: parameter negotiation failed
Sep 27 17:18:44 gate4 mpd: [L-1] LCP: state change Req-Sent --> Stopped
Sep 27 17:18:44 gate4 mpd: [L-1] LCP: LayerFinish
Sep 27 17:18:44 gate4 mpd: [L-1] PPTP call terminated
Sep 27 17:18:44 gate4 mpd: [L-1] Link: DOWN event
Sep 27 17:18:44 gate4 mpd: [L-1] LCP: Close event
Sep 27 17:18:44 gate4 mpd: [L-1] LCP: state change Stopped --> Closed
Sep 27 17:18:44 gate4 mpd: [L-1] LCP: Down event
Sep 27 17:18:44 gate4 mpd: [L-1] LCP: state change Closed --> Initial
Sep 27 17:18:44 gate4 mpd: [L-1] Link: SHUTDOWN event
Sep 27 17:18:44 gate4 mpd: [L-1] Link: ShutdownВот что с внешки фаервол пускает пока..
Код: Выделить всё
ext_if= сетевушка смотрящая наружу
ext_ip=внешний ip
ipfw add 508 allow tcp from me 1723 to any keep-state
ipfw add 509 allow gre from any to any
ipfw add 1100 divert natd all from any to ${ext_ip} in via ${ext_if} #Divert Natd all inbound
ipfw add 4001 allow tcp from any to ${ext_ip} dst-port 21,22,25,53,80,113,123,161,222,781 in via ${ext_if}
ipfw add 4002 allow udp from any to ${ext_ip} dst-port 53,123,161 in via ${ext_if}
ipfw add 4003 allow tcp from any to ${ext_ip} dst-port 1024-65535 in via ${ext_if}
ipfw add 4004 allow udp from any to ${ext_ip} dst-port 1024-65535 in via ${ext_if}
ipfw add 4005 allow icmp from any to ${ext_ip} in via ${ext_if}
ipfw add 4006 allow udp from ${ext_ip} 53,123,161 to any out xmit ${ext_if}
ipfw add 4007 allow tcp from ${ext_ip} 21,22,25,53,80,113,123,161,222,781 to any out xmit ${ext_if}
ipfw add 4008 allow tcp from ${ext_ip} 1024-65535 to any out xmit ${ext_if}
ipfw add 4009 allow udp from ${ext_ip} 1024-65535 to any out xmit ${ext_if}Вот не знаю что еще открыть
Посоветуйте, чего... Может уже кто сталкивался.
