View Single Post
Old 20th September 2011
n4p1 n4p1 is offline
New User
 
Join Date: Mar 2010
Posts: 9
Default

I check and do everything what you say and this dosent work....

pf disabled: pfctl -d

mpath enabled (in sysctl.conf) and route added via hostname.if. OpenBSD rebooted. One more time: pfctl -d.
Then:

Code:
[15:02:43][root@xxx:~]# route -n show -inet
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
default            178.x.y.z    UGSP       3     1263     -     8 em0
default            87.x.y.z       UGSP       1      212     -     8 pppoe0
10.8.0/24          10.8.0.2           UGS        0        0     -     8 tun0
10.8.0.2           10.8.0.1           UH         1        0     -     4 tun0
87.105.104.1       78.w.x.y        UH         0        0     -     4 pppoe0
127/8              127.0.0.1          UGRS       0        0 33200     8 lo0
127.0.0.1          127.0.0.1          UH         1        7 33200     4 lo0
178.x.y/24     link#1             UC         1        0     -     4 em0
178.x.y.z    00:1b:21:0b:45:6c  UHLc       1        0     -     4 em0
192.168.1/24       link#3             UC         5        0     -     4 fxp0
192.168.1.186      00:26:9e:78:2b:55  UHLc       1        3     -     4 fxp0
192.168.1.217      00:10:a7:22:ee:c1  UHLc       0     1018     -     4 fxp0
192.168.1.234      00:26:18:ef:86:47  UHLc       0       76     -     4 fxp0
192.168.1.248      00:24:7e:dd:e0:c8  UHLc       1      471     -     4 fxp0
192.168.1.255      link#3             UHLc       1       50     -     4 fxp0
224/4              127.0.0.1          URS        0        0 33200     8 lo0
[15:03:02][root@xxx:~]#
tcpdump from remote connection to ssh:

Code:
Connection to ssh (pppoe0) from internet:
[15:07:20][root@xxx:~]# tcpdump -i pppoe0 port 50022
tcpdump: listening on pppoe0, link-type PPP_ETHER
15:07:37.081892 79.x.y.z.1112 > 78.w.x.y.50022: S 0:0(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)
15:07:40.009122 79.x.y.z.1112 > 78.w.x.y.50022: S 0:0(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)
15:07:45.070270 79.x.y.z.1112 > 78.w.x.y.50022: R 1:1(0) win 0
15:07:45.872714 79.x.y.z.1112 > 78.w.x.y.50022: S 0:0(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)

[15:06:32][root@xxx:~]# tcpdump -i em0 port 50022
tcpdump: listening on em0, link-type EN10MB
15:07:37.081928 78.w.x.y.50022 > 79.x.y.z.1112: S 4021557824:4021557824(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:40.009147 78.w.x.y.50022 > 79.x.y.z.1112: S 4021557824:4021557824(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:40.081000 78.w.x.y.50022 > 79.x.y.z.1112: S 4021557824:4021557824(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:45.872741 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:48.869635 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:54.882299 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:08:06.907544 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
Connection refused. As we can see packet pass in via pppoe0 and try pass out via em0.

Code:
Connection to ssh (em0) from internet:
[15:08:52][root@xxx:~]# tcpdump -i pppoe0 port 50022
tcpdump: listening on pppoe0, link-type PPP_ETHER

[15:08:52][root@xxx:~]# tcpdump -i em0 port 50022
tcpdump: listening on em0, link-type EN10MB
15:09:02.576896 79.x.y.z.1113 > 178.w.x.y.50022: S 651286537:651286537(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)
15:09:02.576950 178.w.x.y.50022 > 79.x.y.z.1113: S 1761386290:1761386290(0) ack 651286538 win 16384 <mss 1460,nop,nop,sackOK> (DF)
15:09:02.901824 79.x.y.z.1113 > 178.w.x.y.50022: . ack 1 win 64240 (DF)
15:09:02.914818 178.w.x.y.50022 > 79.x.y.z.1113: P 1:22(21) ack 1 win 17602 (DF)
15:09:04.966413 79.x.y.z.1113 > 178.w.x.y.50022: P 1:29(28) ack 22 win 64219 (DF)
15:09:04.968072 178.w.x.y.50022 > 79.x.y.z.1113: P 22:878(856) ack 29 win 17602 (DF)
15:09:04.982650 79.x.y.z.1113 > 178.w.x.y.50022: P 29:541(512) ack 22 win 64219 (DF)
15:09:05.005865 79.x.y.z.1113 > 178.w.x.y.50022: P 541:669(128) ack 22 win 64219 (DF)
15:09:05.005896 178.w.x.y.50022 > 79.x.y.z.1113: . ack 669 win 17474 (DF)
15:09:05.120993 79.x.y.z.1113 > 178.w.x.y.50022: P 669:685(16) ack 878 win 63363 (DF)
15:09:05.128536 178.w.x.y.50022 > 79.x.y.z.1113: P 878:1414(536) ack 685 win 17602 (DF)
15:09:05.462415 79.x.y.z.1113 > 178.w.x.y.50022: . ack 1414 win 64240 (DF)
15:09:05.472540 79.x.y.z.1113 > 178.w.x.y.50022: P 685:1197(512) ack 1414 win 64240 (DF)
15:09:05.472734 79.x.y.z.1113 > 178.w.x.y.50022: P 1197:1213(16) ack 1414 win 64240 (DF)
15:09:05.472764 178.w.x.y.50022 > 79.x.y.z.1113: . ack 1213 win 17586 (DF)
15:09:05.571596 178.w.x.y.50022 > 79.x.y.z.1113: P 1414:2518(1104) ack 1213 win 17602 (DF)
15:09:05.854983 79.x.y.z.1113 > 178.w.x.y.50022: . ack 2518 win 63136 (DF)
15:09:05.932382 79.x.y.z.1113 > 178.w.x.y.50022: P 1213:1229(16) ack 2518 win 63136 (DF)
15:09:05.932562 79.x.y.z.1113 > 178.w.x.y.50022: P 1229:1281(52) ack 2518 win 63136 (DF)
15:09:05.932595 178.w.x.y.50022 > 79.x.y.z.1113: . ack 1281 win 17550 (DF)
15:09:05.932724 178.w.x.y.50022 > 79.x.y.z.1113: P 2518:2570(52) ack 1281 win 17602 (DF)
15:09:06.251843 79.x.y.z.1113 > 178.w.x.y.50022: . ack 2570 win 63084 (DF)
Connection established.

79.x.y.z - My home ip
178.w.x.y - OpenBSD em0
78.w.x.y - OpenBSD pppoe0

Also there is no mygate file:
Code:
[15:16:19][root@zgkim:~]# ls /etc/mygate
ls: /etc/mygate: No such file or directory
Reply With Quote