Архивировано

Эта тема находится в архиве и закрыта для публикации сообщений.

Mr Lonely Wolf

Последняя точка в решении проблем VPN for freebsd

Рекомендованные сообщения

Парни, зачем так сложно?

 

1. # cat >> /etc/ppp/ppp.conf <<EOF

corbina:

set dial

set login

set timeout 0

set ifaddr 0 0

resolv restore

set authname тут–ясно–что

set authkey не–дождётесь

set device "!/usr/local/sbin/pptp vpn.corbina.net --nolaunchpppd --loglevel 0 --nobuffer --logstring pptp"

EOF

 

2. # cat >> /etc/ppp/ppp.linkup <<EOF

corbina:

!bg /etc/ppp/corbina start HISADDR

EOF

 

3. # cat >> /etc/ppp/ppp.linkdown <<EOF

corbina:

!bg /etc/ppp/corbina stop HISADDR

EOF

 

4. # cat >> /etc/ppp/corbina <<EOF

#!/bin/sh

 

hisaddr="$2"

default_router=$(route -n -q get default | awk '$1=="gateway:"{print $2}')

 

case "$1" in

start)

route delete -host "${hisaddr}"

route add -host "${hisaddr}" "${default_router}"

route delete default

route add default "${hisaddr}"

;;

stop)

route delete default

route add default "${default_router}"

route delete -host "${hisaddr}"

;;

esac

EOF

 

5. # portinstall net/pptpclient

 

6. # dhclient bfe0 # ну или как у вас называется сетевая карта

 

7. # ppp corbina

 

В начале некоторых строк форум зохавал пробелы. Я блондинка?

 

P.S. FreeBSD 6.2-STABLE.

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Скачал mpd-4.2.2.tar.gz с http://www.freebsd.org/cgi/ports.cgi?query=mpd&stype=all&sektion=net

Положил в /usr/ports/distfiles, зашел в /usr/ports/net/mpd4, набрал

# make

система полезла в инет за mpd4-4.0b4.tar.gz. Как мне поставить mpd 4.2.2 ?

 

FreeBSD 6.2

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

система полезла в инет за mpd4-4.0b4.tar.gz. Как мне поставить mpd 4.2.2 ?

FreeBSD 6.2

cd /usr/ports && make update

Но с штатным ppp и pptpclient из портов получается более изящная схема.

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Более изящная и гибкая схема получается как раз с мпд :)

Ну да не будем спорить, каждому своя рубашка ближе к телу.

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

народ может кто мне на мыло (matveef@gmail.com) выслать нормальны рабочий в питер конфиг mdp?

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Скачал mpd-4.2.2.tar.gz с http://www.freebsd.org/cgi/ports.cgi?query=mpd&stype=all&sektion=net

Положил в /usr/ports/distfiles, зашел в /usr/ports/net/mpd4, набрал

# make

система полезла в инет за mpd4-4.0b4.tar.gz. Как мне поставить mpd 4.2.2 ?

 

FreeBSD 6.2

Как бы, если совсем нет инета -то качай все что он просит под себя включая и порты тоже =)

а вообще рекомендую cvsup в последствии, и собирай пакеты на будующее ;-) шоп потом не парится при переустановках

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

у меня были проблемы другого рода (FreeBSD+mpd 3.18 - в качестве роутера) - некоторые сайты не открывались... из под winXP. помогло исправление MTU, по этой статье, к сожалению не нашел способа, как это исправить автоматом, силами mpd/freebsd...

 

Спасибо! Помогло! :rofl:

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Как все сложно. :(

Где вы такие FreeBSD находите? Юзайте Mac OSX - это самая простая FreeBSD :):(

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Непонятная проблема :ded_snegurochka2:

MPD 3.18 конфиги отсюда - ВПН поднимается инет, пинги есть, но через полторы - две минуты MPD рвет соеденение.

 

pptp0: no reply to EchoRequest after 60 sec

pptp0: killing connection with 83.102.254.249:1723

pptp0-0: killing channel

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Непонятная проблема <_<

 

Неоднократно разбиралось - не роута до vpn сервера.

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Неоднократно разбиралось - не роута до vpn сервера.

 

Да есть роут, конекчусь к конкретному серверу 83.102.254.249

Routing tables

 

Internet:

Destination Gateway Flags Refs Use Netif Expire

default 83.102.254.249 UGSc 2 12 ng0

10 10.115.0.17 UGSc 0 390578843 fxp1

10.115/16 link#2 UC 1 0 fxp1

10.115.0.17 00:1a:6c:10:ad:46 UHLW 16 27 fxp1 1197

10.115.27.191 127.0.0.1 UGHS 0 0 lo0

83.102/24 10.115.0.17 UGSc 0 0 fxp1

83.102.232/24 10.115.0.17 UGSc 0 0 fxp1

83.102.254.249 10.115.0.17 UGHS 2 6 fxp1

83.102.255.226 10.115.0.17 UGHS 0 699056 fxp1

85.21.29.242 10.115.0.17 UGHS 0 0 fxp1

85.21.52.254 10.115.0.17 UGHS 0 0 fxp1

85.21.79/24 10.115.0.17 UGSc 0 4112 fxp1

85.21.88.130 10.115.0.17 UGHS 0 0 fxp1

85.21.90/24 10.115.0.17 UGSc 0 0 fxp1

85.21.138.210 10.115.0.17 UGHS 0 0 fxp1

85.21.138.214 10.115.0.17 UGHS 0 0 fxp1

85.102.146.96 10.115.0.17 UGHS 0 0 fxp1

89.179.0.162 lo0 UHS 0 0 lo0

89.179.117.64/28 10.115.0.17 UGSc 0 0 fxp1

127.0.0.1 127.0.0.1 UH 2 7348 lo0

192.168.0/28 link#3 UC 1 0 ep0

192.168.0.1 00:11:95:c1:eb:e7 UHLW 1 539 ep0 1141

192.168.1 link#1 UC 2 0 fxp0

192.168.1.7 00:16:17:b3:3a:65 UHLW 3 119860458 fxp0 801

192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 0 633 fxp0

195.14.0/16 10.115.0.17 UGSc 1 5111 fxp1

 

Internet6:

Destination Gateway Flags Netif Expire

::1 ::1 UH lo0

fe80::%fxp0/64 link#1 UC fxp0

fe80::290:27ff:fe24:a0ab%fxp0 00:90:27:24:a0:ab UHL lo0

fe80::%fxp1/64 link#2 UC fxp1

fe80::290:27ff:fe24:a930%fxp1 00:90:27:24:a9:30 UHL lo0

fe80::%ep0/64 link#3 UC ep0

fe80::2a0:24ff:fed2:5ff6%ep0 00:a0:24:d2:5f:f6 UHL lo0

fe80::%lo0/64 fe80::1%lo0 Uc lo0

fe80::1%lo0 link#4 UHL lo0

fe80::%ng0/64 fe80::290:27ff:fe24:a0ab%ng0 Uc ng0

fe80::290:27ff:fe24:a0ab%ng0 link#7 UHL lo0

ff01::/32 ::1 U lo0

ff02::%fxp0/32 link#1 UC fxp0

ff02::%fxp1/32 link#2 UC fxp1

ff02::%ep0/32 link#3 UC ep0

ff02::%lo0/32 ::1 UC lo0

ff02::%ng0/32 fe80::290:27ff:fe24:a0ab%ng0 UC ng0

 

 

как выяснилось почемуто ехореквесты идут через другово провайдера :)

server# tcpdump -i ep0

tcpdump: listening on ep0

22:42:59.621029 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:201 A:202 ppp: Echo-Req(10), Magic-Num=86be6bff

22:43:09.861000 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:202 A:203 ppp: Echo-Req(11), Magic-Num=86be6bff

22:43:20.101435 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:203 A:204 ppp: Echo-Req(12), Magic-Num=86be6bff

22:43:30.340903 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:204 A:205 ppp: Echo-Req(13), Magic-Num=86be6bff

22:43:30.574466 adsl.codasrv > vpn6-l0.spb.corbina.net.pptp: FP 1308212597:1308212613(16) ack

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

как выяснилось почемуто ехореквесты идут через другово провайдера :

 

NAT ?

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

Всем привет после обновление фри с версии 6.2 до 7.0-BETA1 mpd перестала запускать стартовые скрипты при поднятие интерфейса

 

set iface up-script /usr/local/etc/mpd/io-up.sh

 

то есть отчётливо видно что при поднятие интерфейса необходимо стартануть данный скрипт, скажу одно то что до обновление всё нормально стартовала теперь же нет, весь софт с нуля. Щас приходиться скрипты стартавать в ручную чтобы хоть как-то иметь связь с внешним миром, хотелось бы услышать Ваши предположения.

 

Всем привет после обновление фри с версии 6.2 до 7.0-BETA1 mpd перестала запускать стартовые скрипты при поднятие интерфейса
set iface up-script /usr/local/etc/mpd/io-up.sh

то есть отчётливо видно что при поднятие интерфейса необходимо стартануть данный скрипт, скажу одно то что до обновление всё нормально стартовала теперь же нет, весь софт с нуля. Щас приходиться скрипты стартавать в ручную чтобы хоть как-то иметь связь с внешним миром, хотелось бы услышать Ваши предположения.

Зайди в консоль mpd, выбери нужный линк на корбину и напиши show iface. Потом дропни вывод обратно в тему. Сие даст знать проблема в неправильно оформленном конфиге (например юзаются пробелы вместо табов) или в скрипте.

 

ps, версия mpd какая?

 

 


[vpn4] link vpn
[vpn4] CONSOLE: root: link vpn
[vpn] show iface
[vpn] CONSOLE: root: show iface
Interface configuration:
	Name			: ng0
	Maximum MTU	 : 1500 bytes
	Idle timeout	: 0 seconds
	Session timeout : 0 seconds
	Event scripts
	  up-script	 : "/usr/local/etc/mpd4/io-up.sh"
	  down-script   : "/usr/local/etc/mpd4/io-down.sh"
Interface options:
	on-demand	   disable
	proxy-arp	   disable
	tcpmssfix	   disable
	tee			 disable
	nat			 disable
	netflow-in	  disable
	netflow-out	 disable
	ipacct		  disable
Static routes via peer:
	0.0.0.0/0
Interface status:
	Admin status	: CLOSED
	Status		  : UP
	MTU			 : 1460 bytes
	IP Addresses	: 89.178.43.221/32 -> 172.1.1.1
[vpn]

 

 

egorka# mpd4 -v

Version 4.3 (root@egorka.homeip.net 12:41 20-Nov-2007)

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах
up-script : "/usr/local/etc/mpd4/io-up.sh"down-script : "/usr/local/etc/mpd4/io-down.sh"
Ссылку/скрипт, пожалуйста. Будем препарировать.

 

%cat io-up.sh

#!/bin/sh

/sbin/route delete 85.21.0.6

/sbin/route add 85.21.0.6 10.197.80.1

/sbin/route delete default

/sbin/route add default 172.1.1.1

/sbin/natd -u -s -m -p 8669 -n ng0 -P /var/run/natd2.pid

/sbin/ipfw delete 80

/sbin/ipfw delete 90

/sbin/ipfw add 80 deny ip from 10.197.0.0/16 to any via ng0

/sbin/ipfw add 90 divert 8669 ip from any to any via ng0

 

 

%cat io-down.sh

#!/bin/sh

/sbin/ipfw delete 80

/sbin/ipfw delete 90

/sbin/route delete 85.21.0.6

/sbin/route delete default

/sbin/route add default 10.197.80.1

/bin/kill -3 `cat /var/run/natd2.pid`

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах
eXecute bit стоит? в логе IFACE: Up event есть? попробуй поменять в mpd.conf:
-"/usr/local/etc/mpd4/io-up.sh"
-"/usr/local/etc/mpd4/io-down.sh"
+"sh -x >/var/log/mpd_up-script.log 2>&1 /usr/local/etc/mpd4/io-up.sh"
+"sh -x >/var/log/mpd_down-script.log 2>&1 /usr/local/etc/mpd4/io-down.sh"

(кавычки не забудь тоже, иначе с первым пробелом имя файла скрипта и закончится)

Запусти mpd, останови и скинь в тему содержимое обоих файлов. Если какой-то команде что-то не нравится, то в логе об этом будет упоминание. Если какого-то файла не будет, значит причина в mpd и нужен будет mpd.{conf,links} вместо с полным логом, т.к. дело до скрипта так и не дошло. Если обоих файлов не будет, то, возможно, опция up-script не понимает длинные аргументы, спецсимволы или прочее; в таком случае оба скрипта надо запихнуть в такую конструкцию:

{ set -x

<here goes original script>

set +x; } \
>/var/log/mpd_up-script.log 2>&1 # ...down-script.log соответственно для другого скрипта

 

 

создаються файлы, но они пустые

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах
Да есть роут, конекчусь к конкретному серверу 83.102.254.249

Routing tables

 

Internet:

Destination Gateway Flags Refs Use Netif Expire

default 83.102.254.249 UGSc 2 12 ng0

10 10.115.0.17 UGSc 0 390578843 fxp1

10.115/16 link#2 UC 1 0 fxp1

10.115.0.17 00:1a:6c:10:ad:46 UHLW 16 27 fxp1 1197

10.115.27.191 127.0.0.1 UGHS 0 0 lo0

83.102/24 10.115.0.17 UGSc 0 0 fxp1

83.102.232/24 10.115.0.17 UGSc 0 0 fxp1

83.102.254.249 10.115.0.17 UGHS 2 6 fxp1

83.102.255.226 10.115.0.17 UGHS 0 699056 fxp1

85.21.29.242 10.115.0.17 UGHS 0 0 fxp1

85.21.52.254 10.115.0.17 UGHS 0 0 fxp1

85.21.79/24 10.115.0.17 UGSc 0 4112 fxp1

85.21.88.130 10.115.0.17 UGHS 0 0 fxp1

85.21.90/24 10.115.0.17 UGSc 0 0 fxp1

85.21.138.210 10.115.0.17 UGHS 0 0 fxp1

85.21.138.214 10.115.0.17 UGHS 0 0 fxp1

85.102.146.96 10.115.0.17 UGHS 0 0 fxp1

89.179.0.162 lo0 UHS 0 0 lo0

89.179.117.64/28 10.115.0.17 UGSc 0 0 fxp1

127.0.0.1 127.0.0.1 UH 2 7348 lo0

192.168.0/28 link#3 UC 1 0 ep0

192.168.0.1 00:11:95:c1:eb:e7 UHLW 1 539 ep0 1141

192.168.1 link#1 UC 2 0 fxp0

192.168.1.7 00:16:17:b3:3a:65 UHLW 3 119860458 fxp0 801

192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 0 633 fxp0

195.14.0/16 10.115.0.17 UGSc 1 5111 fxp1

 

Internet6:

Destination Gateway Flags Netif Expire

::1 ::1 UH lo0

fe80::%fxp0/64 link#1 UC fxp0

fe80::290:27ff:fe24:a0ab%fxp0 00:90:27:24:a0:ab UHL lo0

fe80::%fxp1/64 link#2 UC fxp1

fe80::290:27ff:fe24:a930%fxp1 00:90:27:24:a9:30 UHL lo0

fe80::%ep0/64 link#3 UC ep0

fe80::2a0:24ff:fed2:5ff6%ep0 00:a0:24:d2:5f:f6 UHL lo0

fe80::%lo0/64 fe80::1%lo0 Uc lo0

fe80::1%lo0 link#4 UHL lo0

fe80::%ng0/64 fe80::290:27ff:fe24:a0ab%ng0 Uc ng0

fe80::290:27ff:fe24:a0ab%ng0 link#7 UHL lo0

ff01::/32 ::1 U lo0

ff02::%fxp0/32 link#1 UC fxp0

ff02::%fxp1/32 link#2 UC fxp1

ff02::%ep0/32 link#3 UC ep0

ff02::%lo0/32 ::1 UC lo0

ff02::%ng0/32 fe80::290:27ff:fe24:a0ab%ng0 UC ng0

 

 

как выяснилось почемуто ехореквесты идут через другово провайдера :blink:

server# tcpdump -i ep0

tcpdump: listening on ep0

22:42:59.621029 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:201 A:202 ppp: Echo-Req(10), Magic-Num=86be6bff

22:43:09.861000 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:202 A:203 ppp: Echo-Req(11), Magic-Num=86be6bff

22:43:20.101435 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:203 A:204 ppp: Echo-Req(12), Magic-Num=86be6bff

22:43:30.340903 vpn6-l0.spb.corbina.net > adsl: gre [KSAv1] ID:6a87 S:204 A:205 ppp: Echo-Req(13), Magic-Num=86be6bff

22:43:30.574466 adsl.codasrv > vpn6-l0.spb.corbina.net.pptp: FP 1308212597:1308212613(16) ack

Та же проблема.. имеется второй интерфейс с IP из другой сети, но впн сервак почему-то спрашивает эхо-реквесты у него. По всей видимости это мпд передаёт этот ip как локальный... Как фиксить пока не понял...

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

есть проблема:

freeBSD 7.0-RELEASE-p10 + mpd5

 

логиниться нормально, получает адрес и намертво виснет после этого, показав надпись UP event. не успевает даже писать в лог.

в посте ниже

 

cat /etc/rc.conf

cat /usr/local/etc/mpd5/mpd.conf

cat /usr/local/etc/mpd5/io-up-pptp.sh

cat /usr/local/etc/mpd5/io-down-pptp.sh

cat /usr/src/sys/i386/conf/MYKERN_130309

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах
есть проблема:

freeBSD 7.0-RELEASE-p10 + mpd5

 

логиниться нормально, получает адрес и намертво виснет после этого, показав надпись UP event. не успевает даже писать в лог.

в прикремленном файле

 

cat /etc/rc.conf

cat /usr/local/etc/mpd5/mpd.conf

cat /usr/local/etc/mpd5/io-up-pptp.sh

cat /usr/local/etc/mpd5/io-down-pptp.sh

cat /usr/src/sys/i386/conf/MYKERN_130309

для начало конфиг выложи в читаемой форме (кодировка млин заточена в нем) затем просмотре вот эту тему я кидал посто по настройки vpn pptp freebsd 7.0 release mpd4.3 суть таже ,http://homenet.corbina.net/index.php?showtopic=225366 :)

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах

/etc/rc.conf

# Net Config
ifconfig_rl0="DHCP" # "inet 192.168.0.2  netmask 255.255.255.0"
ifconfig_rl1="DHCP" # "inet 192.168.1.1  netmask 255.255.255.0"
#defaultrouter="192.168.1.1"
hostname="srv.freebsp"

linux_enable="YES"

# Net Daemons
sshd_enable="YES"
apache22_enable="YES"
mysql_enable="YES"
#mpd_enable="YES"
pureftpd_enable="YES"
webmin_enable="YES"


firewall_enable="YES"
firewall_script="/usr/local/etc/rc.firewall"
firewall_type="custom"
firewall_logging="YES"

#rus
font8x8="cp866-8x8"
font8x14="cp866-8x14"
font8x16="cp866-8x16"
scrnmap="koi8-r2cp866"
keymap="ru.koi8-r"

 

/usr/local/etc/mpd5/mpd5.conf

#################################################################
#	MPD configuration file
# This file defines the configuration for mpd: what the
# bundles are, what the links are in those bundles, how
# the interface should be configured, various PPP parameters,
# etc. It contains commands just as you would type them
# in at the console. Lines without padding are labels. Lines
# starting with a "#" are comments.
#################################################################

startup:
# configure mpd users
set user FreeBSP pass admin
# configure the console
set console self 127.0.0.1 5005
set console open
# configure the web server
set web self 0.0.0.0 5006
set web open

#
# Default configuration is "dialup"

default:
load pptp_client


common:
# Enable multilink protocol
set link disable multilink
# Allow peer to authenticate us
set link disable chap pap
set link accept chap pap
# Set inifinite redial attempts
set link max-redial 0

pptp_client:
#
# PPTP client: only outgoing calls, auto reconnect,
# ipcp-negotiated address, one-sided authentication,
# default route points on ISP's end
#

create bundle static B1

#	set bundle enable compression
#	set ccp yes mppc
#	set mppc yes e40
#	set mppc yes e128
#	set link enable crypd-reqd
#	set mppc yes stateless

#	set iface route default
       set iface up-script /usr/local/etc/mpd5/io-up-pptp.sh
       set iface down-script /usr/local/etc/mpd5/io-down-pptp.sh 
##	set iface idle 0
set iface enable tcpmssfix

#	set ipcp no vjcomp
#	set ipcp ranges 0.0.0.0/0 0.0.0.0/0

create link static L1 pptp	
set link action bundle B1
#	set link disable miltilink
#	set link enable noretry

set auth authname uname
set auth password pass

##	set link no pap 
#	set link enable chap
##	set link max-redial 0
set link mtu 1460
set link keep-alive 20 75
##	set link disable incoming

set pptp peer vpn.corbina.net
set pptp enable originate
set pptp disable windowing
open

 

/usr/local/etc/mpd5/io-up-pptp.sh

#LocalGW=`cat /var/db/dhclient.leases.* | awk '/option routers/ { print (substr($3, 1, length($3)-1)) }' | tail -n 1`
#Today=`date "+%Y-%m-%d"`
#TimeNow=`date "+%H:%M:%S"`

#echo $4

#route delete $4
#route add $4 10.72.128.1
#route delete default
#route add default $4

#echo $4 > /tmp/pptp_GW
# echo $4 > /var/log/Corbina/pptp_GW.$Today
#echo $Today $TimeNow -PPTP- pptpGW = $4 WAN-IP = $3 >> /var/log/Corbina/vpn.log
exit 0

 

/usr/local/etc/mpd5/io-down-pptp.sh

#LocalGW=`cat /tmp/Current_Local_GW`

#vpnGW=`cat /tmp/pptp_GW`
#route delete $vpnGW
#route delete default
#route add default $LocalGW

 

конфиг ядра

#
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
#    [url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html"]http://www.FreeBSD.org/doc/en_US.ISO8859-1...fig-config.html[/url]
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.474.2.2.2.1 2008/02/06 03:24:28 scottl Exp $

#@cpu		I486_CPU
#@cpu		I586_CPU
cpu		I686_CPU
ident		MYKERN_130109

# To statically compile in device wiring instead of /boot/device.hints
#hints		"GENERIC.hints"		# Default places to look for devices.

#@makeoptions	DEBUG=-g		# Build kernel with gdb(1) debug symbols

options 	SCHED_4BSD		# 4BSD scheduler
options 	PREEMPTION		# Enable kernel thread preemption
options 	INET			# InterNETworking
#@options 	INET6			# IPv6 communications protocols
#@options 	SCTP			# Stream Control Transmission Protocol
options 	FFS			# Berkeley Fast Filesystem
options 	SOFTUPDATES		# Enable FFS soft updates support
options 	UFS_ACL			# Support for access control lists
options 	UFS_DIRHASH		# Improve performance on big directories
options 	UFS_GJOURNAL		# Enable gjournal-based UFS journaling
#@options 	MD_ROOT			# MD is a potential root device
options 	NFSCLIENT		# Network Filesystem Client
options 	NFSSERVER		# Network Filesystem Server
#@options 	NFS_ROOT		# NFS usable as /, requires NFSCLIENT
#@options 	MSDOSFS			# MSDOS Filesystem
#@options 	CD9660			# ISO 9660 Filesystem
options 	PROCFS			# Process filesystem (requires PSEUDOFS)
options 	PSEUDOFS		# Pseudo-filesystem framework
options 	GEOM_PART_GPT		# GUID Partition Tables.
options 	GEOM_LABEL		# Provides labelization
options 	COMPAT_43TTY		# BSD 4.3 TTY compat [KEEP THIS!]
options 	COMPAT_FREEBSD4		# Compatible with FreeBSD4
options 	COMPAT_FREEBSD5		# Compatible with FreeBSD5
options 	COMPAT_FREEBSD6		# Compatible with FreeBSD6
#@options 	SCSI_DELAY=5000		# Delay (in ms) before probing SCSI
options 	KTRACE			# ktrace(1) support
options 	SYSVSHM			# SYSV-style shared memory
options 	SYSVMSG			# SYSV-style message queues
options 	SYSVSEM			# SYSV-style semaphores
options 	_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options 	KBD_INSTALL_CDEV	# install a CDEV entry in /dev
options 	ADAPTIVE_GIANT		# Giant mutex is adaptive.
options 	STOP_NMI		# Stop CPUS using NMI instead of IPI
options 	AUDIT			# Security event auditing

#@ IPFW && MPD via NETGRAPH
options		IPFIREWALL
options		IPFIREWALL_VERBOSE
options 	IPDIVERT
options 	IPFIREWALL_FORWARD
options 	DUMMYNET

#nat
options 	IPFIREWALL_NAT

options 	LIBALIAS

options 	NETGRAPH
options 	NETGRAPH_ASYNC
options 	NETGRAPH_BPF
options 	NETGRAPH_CAR
options 	NETGRAPH_DEFLATE
options 	NETGRAPH_ETHER
options 	NETGRAPH_IFACE
options 	NETGRAPH_KSOCKET
options 	NETGRAPH_L2TP
options 	NETGRAPH_MPPC_ENCRYPTION
options 	NETGRAPH_PPP
options 	NETGRAPH_PPPOE
options 	NETGRAPH_PPTPGRE
options 	NETGRAPH_NAT
options 	NETGRAPH_NETFLOW
options 	NETGRAPH_PRED1
options 	NETGRAPH_SOCKET
options 	NETGRAPH_TCPMSS
options 	NETGRAPH_TEE
options 	NETGRAPH_TTY
options 	NETGRAPH_VJC


# To make an SMP kernel, the next two lines are needed
#@options 	SMP			# Symmetric MultiProcessor Kernel
#@device		apic			# I/O APIC

# CPU frequency control
device		cpufreq

# Bus support.
device		eisa
device		pci

# Floppy drives
device		fdc

# ATA and ATAPI devices
device		ata
device		atadisk		# ATA disk drives
#@device		ataraid		# ATA RAID drives
device		atapicd		# ATAPI CDROM drives
#@device		atapifd		# ATAPI floppy drives
#@device		atapist		# ATAPI tape drives
options 	ATA_STATIC_ID	# Static device numbering

# SCSI Controllers
#@device		ahb		# EISA AHA1742 family
#@device		ahc		# AHA2940 and onboard AIC7xxx devices
#@options 	AHC_REG_PRETTY_PRINT	# Print register bitfields in debug
				# output.  Adds ~128k to driver.
#@device		ahd		# AHA39320/29320 and onboard AIC79xx devices
#@options 	AHD_REG_PRETTY_PRINT	# Print register bitfields in debug
				# output.  Adds ~215k to driver.
#@device		amd		# AMD 53C974 (Tekram DC-390(T))
#@device		hptiop		# Highpoint RocketRaid 3xxx series
#@device		isp		# Qlogic family
#device 	ispfw		# Firmware for QLogic HBAs- normally a module
#@device		mpt		# LSI-Logic MPT-Fusion
#device		ncr		# NCR/Symbios Logic
#@device		sym		# NCR/Symbios Logic (newer chipsets + those of `ncr')
#@device		trm		# Tekram DC395U/UW/F DC315U adapters

#@device		adv		# Advansys SCSI adapters
#@device		adw		# Advansys wide SCSI adapters
#@device		aha		# Adaptec 154x SCSI adapters
#@device		aic		# Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
#@device		bt		# Buslogic/Mylex MultiMaster SCSI adapters

#@device		ncv		# NCR 53C500
#@device		nsp		# Workbit Ninja SCSI-3
#@device		stg		# TMC 18C30/18C50

# SCSI peripherals
device		scbus		# SCSI bus (required for SCSI)
#@device		ch		# SCSI media changers
device		da		# Direct Access (disks)
#@device		sa		# Sequential Access (tape etc)
#@device		cd		# CD
#@device		pass		# Passthrough device (direct SCSI access)
#@device		ses		# SCSI Environmental Services (and SAF-TE)

# RAID controllers interfaced to the SCSI subsystem
#@device		amr		# AMI MegaRAID
#@device		arcmsr		# Areca SATA II RAID
#@device		asr		# DPT SmartRAID V, VI and Adaptec SCSI RAID
#@device		ciss		# Compaq Smart RAID 5*
#@device		dpt		# DPT Smartcache III, IV - See NOTES for options
#@device		hptmv		# Highpoint RocketRAID 182x
#@device		hptrr		# Highpoint RocketRAID 17xx, 22xx, 23xx, 25xx
#@device		iir		# Intel Integrated RAID
#@device		ips		# IBM (Adaptec) ServeRAID
#@device		mly		# Mylex AcceleRAID/eXtremeRAID
#@device		twa		# 3ware 9000 series PATA/SATA RAID

# RAID controllers
#@device		aac		# Adaptec FSA RAID
#@device		aacp		# SCSI passthrough for aac (requires CAM)
#@device		ida		# Compaq Smart RAID
#@device		mfi		# LSI MegaRAID SAS
#@device		mlx		# Mylex DAC960 family
#@device		pst		# Promise Supertrak SX6000
#@device		twe		# 3ware ATA RAID

# atkbdc0 controls both the keyboard and the PS/2 mouse
device		atkbdc		# AT keyboard controller
device		atkbd		# AT keyboard
device		psm		# PS/2 mouse

device		kbdmux		# keyboard multiplexer

device		vga		# VGA video card driver

#@device		splash		# Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device		sc

device		agp		# support several AGP chipsets

# Power management support (see NOTES for more options)
#device		apm
# Add suspend/resume support for the i8254.
device		pmtimer

# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
#@device		cbb		# cardbus (yenta) bridge
#@device		pccard		# PC Card (16-bit) bus
#@device		cardbus		# CardBus (32-bit) bus

# Serial (COM) ports
device		sio		# 8250, 16[45]50 based serial ports
device		uart		# Generic UART driver

# Parallel port
device		ppc
device		ppbus		# Parallel port bus (required)
device		lpt		# Printer
device		plip		# TCP/IP over parallel
device		ppi		# Parallel port interface device
#device		vpo		# Requires scbus and da

# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to sio, uart and/or ppc drivers):
#device		puc

# PCI Ethernet NICs.
#@device		de		# DEC/Intel DC21x4x (``Tulip'')
#@device		em		# Intel PRO/1000 adapter Gigabit Ethernet Card
#@device		ixgb		# Intel PRO/10GbE Ethernet Card
#@device		le		# AMD Am7900 LANCE and Am79C9xx PCnet
#@device		txp		# 3Com 3cR990 (``Typhoon'')
#@device		vx		# 3Com 3c590, 3c595 (``Vortex'')

# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device		miibus		# MII bus support
#@device		bce		# Broadcom BCM5706/BCM5708 Gigabit Ethernet
#@device		bfe		# Broadcom BCM440x 10/100 Ethernet
#@device		bge		# Broadcom BCM570xx Gigabit Ethernet
#@device		dc		# DEC/Intel 21143 and various workalikes
#@device		fxp		# Intel EtherExpress PRO/100B (82557, 82558)
#@device		lge		# Level 1 LXT1001 gigabit Ethernet
#@device		msk		# Marvell/SysKonnect Yukon II Gigabit Ethernet
#@device		nfe		# nVidia nForce MCP on-board Ethernet
#@device		nge		# NatSemi DP83820 gigabit Ethernet
#device		nve		# nVidia nForce MCP on-board Ethernet Networking
#@device		pcn		# AMD Am79C97x PCI 10/100 (precedence over 'le')
#@device		re		# RealTek 8139C+/8169/8169S/8110S
device		rl		# RealTek 8129/8139
#@device		sf		# Adaptec AIC-6915 (``Starfire'')
device		sis		# Silicon Integrated Systems SiS 900/SiS 7016
#@device		sk		# SysKonnect SK-984x & SK-982x gigabit Ethernet
#@device		ste		# Sundance ST201 (D-Link DFE-550TX)
#@device		stge		# Sundance/Tamarack TC9021 gigabit Ethernet
#@device		ti		# Alteon Networks Tigon I/II gigabit Ethernet
#@device		tl		# Texas Instruments ThunderLAN
#@device		tx		# SMC EtherPower II (83c170 ``EPIC'')
#@device		vge		# VIA VT612x gigabit Ethernet
device		vr		# VIA Rhine, Rhine II
#@device		wb		# Winbond W89C840F
#@device		xl		# 3Com 3c90x (``Boomerang'', ``Cyclone'')

# ISA Ethernet NICs.  pccard NICs included.
#@device		cs		# Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
#@device		ed		# NE[12]000, SMC Ultra, 3c503, DS8390 cards
#@device		ex		# Intel EtherExpress Pro/10 and Pro/10+
#@device		ep		# Etherlink III based cards
#@device		fe		# Fujitsu MB8696x based cards
#@device		ie		# EtherExpress 8/16, 3C507, StarLAN 10 etc.
#@device		sn		# SMC's 9000 series of Ethernet chips
#@device		xe		# Xircom pccard Ethernet

# Wireless NIC cards
#@device		wlan		# 802.11 support
#@device		wlan_wep	# 802.11 WEP support
#@device		wlan_ccmp	# 802.11 CCMP support
#@device		wlan_tkip	# 802.11 TKIP support
#@device		wlan_amrr	# AMRR transmit rate control algorithm
#@device		wlan_scan_ap	# 802.11 AP mode scanning
#@device		wlan_scan_sta	# 802.11 STA mode scanning
#@device		an		# Aironet 4500/4800 802.11 wireless NICs.
#@device		ath		# Atheros pci/cardbus NIC's
#@device		ath_hal		# Atheros HAL (Hardware Access Layer)
#@device		ath_rate_sample	# SampleRate tx rate control for ath
#@device		awi		# BayStack 660 and others
#@device		ral		# Ralink Technology RT2500 wireless NICs.
#@device		wi		# WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device		wl		# Older non 802.11 Wavelan wireless NIC.

# Pseudo devices.
device		loop		# Network loopback
device		random		# Entropy device
device		ether		# Ethernet support
#@device		sl		# Kernel SLIP
#@device		ppp		# Kernel PPP
#@device		tun		# Packet tunnel.
device		pty		# Pseudo-ttys (telnet etc)
#@device		md		# Memory "disks"
#@device		gif		# IPv6 and IPv4 tunneling
#@device		faith		# IPv6-to-IPv4 relaying (translation)
device		firmware	# firmware assist module

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device		bpf		# Berkeley packet filter

# USB support
device		uhci		# UHCI PCI->USB interface
device		ohci		# OHCI PCI->USB interface
device		ehci		# EHCI PCI->USB interface (USB 2.0)
device		usb		# USB Bus (required)
#device		udbp		# USB Double Bulk Pipe devices
device		ugen		# Generic
device		uhid		# "Human Interface Devices"
device		ukbd		# Keyboard
#@device		ulpt		# Printer
device		umass		# Disks/Mass storage - Requires scbus and da
device		ums		# Mouse
#@device		ural		# Ralink Technology RT2500USB wireless NICs
#@device		rum		# Ralink Technology RT2501USB wireless NICs
#@device		urio		# Diamond Rio 500 MP3 player
#@device		uscanner	# Scanners
# USB Ethernet, requires miibus
#@device		aue		# ADMtek USB Ethernet
#@device		axe		# ASIX Electronics USB Ethernet
#@device		cdce		# Generic USB over Ethernet
#@device		cue		# CATC USB Ethernet
#@device		kue		# Kawasaki LSI USB Ethernet
#@device		rue		# RealTek RTL8150 USB Ethernet

# FireWire support
#@device		firewire	# FireWire bus code
#@device		sbp		# SCSI over FireWire (Requires scbus and da)
#@device		fwe		# Ethernet over FireWire (non-standard!)
#@device		fwip		# IP over FireWire (RFC 2734,3146)
#@device		dcons		# Dumb console driver
#@device		dcons_crom	# Configuration ROM for dcons

 

uname -a

FreeBSD srv.freebsp 7.0-RELEASE-p10 FreeBSD 7.0-RELEASE-p10 #0: Sat Mar 14 00:19:28 MSK 2009 root@srv.freebsp:/usr/obj/usr/src/sys/MYKERN_130309 i386

 

PS mpd 4.3 от 5.2 достаточно сильно отличаются

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах
/etc/rc.conf

# Net Config
ifconfig_rl0="DHCP" # "inet 192.168.0.2  netmask 255.255.255.0"
ifconfig_rl1="DHCP" # "inet 192.168.1.1  netmask 255.255.255.0"
#defaultrouter="192.168.1.1"
hostname="srv.freebsp"

linux_enable="YES"

# Net Daemons
sshd_enable="YES"
apache22_enable="YES"
mysql_enable="YES"
#mpd_enable="YES"
pureftpd_enable="YES"
webmin_enable="YES"


firewall_enable="YES"
firewall_script="/usr/local/etc/rc.firewall"
firewall_type="custom"
firewall_logging="YES"

#rus
font8x8="cp866-8x8"
font8x14="cp866-8x14"
font8x16="cp866-8x16"
scrnmap="koi8-r2cp866"
keymap="ru.koi8-r"

 

/usr/local/etc/mpd5/mpd5.conf

#################################################################
#	MPD configuration file
# This file defines the configuration for mpd: what the
# bundles are, what the links are in those bundles, how
# the interface should be configured, various PPP parameters,
# etc. It contains commands just as you would type them
# in at the console. Lines without padding are labels. Lines
# starting with a "#" are comments.
#################################################################

startup:
# configure mpd users
set user FreeBSP pass admin
# configure the console
set console self 127.0.0.1 5005
set console open
# configure the web server
set web self 0.0.0.0 5006
set web open

#
# Default configuration is "dialup"

default:
load pptp_client


common:
# Enable multilink protocol
set link disable multilink
# Allow peer to authenticate us
set link disable chap pap
set link accept chap pap
# Set inifinite redial attempts
set link max-redial 0

pptp_client:
#
# PPTP client: only outgoing calls, auto reconnect,
# ipcp-negotiated address, one-sided authentication,
# default route points on ISP's end
#

create bundle static B1

#	set bundle enable compression
#	set ccp yes mppc
#	set mppc yes e40
#	set mppc yes e128
#	set link enable crypd-reqd
#	set mppc yes stateless

#	set iface route default
       set iface up-script /usr/local/etc/mpd5/io-up-pptp.sh
       set iface down-script /usr/local/etc/mpd5/io-down-pptp.sh 
##	set iface idle 0
set iface enable tcpmssfix

#	set ipcp no vjcomp
#	set ipcp ranges 0.0.0.0/0 0.0.0.0/0

create link static L1 pptp	
set link action bundle B1
#	set link disable miltilink
#	set link enable noretry

set auth authname uname
set auth password pass

##	set link no pap 
#	set link enable chap
##	set link max-redial 0
set link mtu 1460
set link keep-alive 20 75
##	set link disable incoming

set pptp peer vpn.corbina.net
set pptp enable originate
set pptp disable windowing
open

 

/usr/local/etc/mpd5/io-up-pptp.sh

#LocalGW=`cat /var/db/dhclient.leases.* | awk '/option routers/ { print (substr($3, 1, length($3)-1)) }' | tail -n 1`
#Today=`date "+%Y-%m-%d"`
#TimeNow=`date "+%H:%M:%S"`

#echo $4

#route delete $4
#route add $4 10.72.128.1
#route delete default
#route add default $4

#echo $4 > /tmp/pptp_GW
# echo $4 > /var/log/Corbina/pptp_GW.$Today
#echo $Today $TimeNow -PPTP- pptpGW = $4 WAN-IP = $3 >> /var/log/Corbina/vpn.log
exit 0

 

/usr/local/etc/mpd5/io-down-pptp.sh

#LocalGW=`cat /tmp/Current_Local_GW`

#vpnGW=`cat /tmp/pptp_GW`
#route delete $vpnGW
#route delete default
#route add default $LocalGW

 

конфиг ядра

#
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
#    [url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html"]http://www.FreeBSD.org/doc/en_US.ISO8859-1...fig-config.html[/url]
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.474.2.2.2.1 2008/02/06 03:24:28 scottl Exp $

#@cpu		I486_CPU
#@cpu		I586_CPU
cpu		I686_CPU
ident		MYKERN_130109

# To statically compile in device wiring instead of /boot/device.hints
#hints		"GENERIC.hints"		# Default places to look for devices.

#@makeoptions	DEBUG=-g		# Build kernel with gdb(1) debug symbols

options 	SCHED_4BSD		# 4BSD scheduler
options 	PREEMPTION		# Enable kernel thread preemption
options 	INET			# InterNETworking
#@options 	INET6			# IPv6 communications protocols
#@options 	SCTP			# Stream Control Transmission Protocol
options 	FFS			# Berkeley Fast Filesystem
options 	SOFTUPDATES		# Enable FFS soft updates support
options 	UFS_ACL			# Support for access control lists
options 	UFS_DIRHASH		# Improve performance on big directories
options 	UFS_GJOURNAL		# Enable gjournal-based UFS journaling
#@options 	MD_ROOT			# MD is a potential root device
options 	NFSCLIENT		# Network Filesystem Client
options 	NFSSERVER		# Network Filesystem Server
#@options 	NFS_ROOT		# NFS usable as /, requires NFSCLIENT
#@options 	MSDOSFS			# MSDOS Filesystem
#@options 	CD9660			# ISO 9660 Filesystem
options 	PROCFS			# Process filesystem (requires PSEUDOFS)
options 	PSEUDOFS		# Pseudo-filesystem framework
options 	GEOM_PART_GPT		# GUID Partition Tables.
options 	GEOM_LABEL		# Provides labelization
options 	COMPAT_43TTY		# BSD 4.3 TTY compat [KEEP THIS!]
options 	COMPAT_FREEBSD4		# Compatible with FreeBSD4
options 	COMPAT_FREEBSD5		# Compatible with FreeBSD5
options 	COMPAT_FREEBSD6		# Compatible with FreeBSD6
#@options 	SCSI_DELAY=5000		# Delay (in ms) before probing SCSI
options 	KTRACE			# ktrace(1) support
options 	SYSVSHM			# SYSV-style shared memory
options 	SYSVMSG			# SYSV-style message queues
options 	SYSVSEM			# SYSV-style semaphores
options 	_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options 	KBD_INSTALL_CDEV	# install a CDEV entry in /dev
options 	ADAPTIVE_GIANT		# Giant mutex is adaptive.
options 	STOP_NMI		# Stop CPUS using NMI instead of IPI
options 	AUDIT			# Security event auditing

#@ IPFW && MPD via NETGRAPH
options		IPFIREWALL
options		IPFIREWALL_VERBOSE
options 	IPDIVERT
options 	IPFIREWALL_FORWARD
options 	DUMMYNET

#nat
options 	IPFIREWALL_NAT

options 	LIBALIAS

options 	NETGRAPH
options 	NETGRAPH_ASYNC
options 	NETGRAPH_BPF
options 	NETGRAPH_CAR
options 	NETGRAPH_DEFLATE
options 	NETGRAPH_ETHER
options 	NETGRAPH_IFACE
options 	NETGRAPH_KSOCKET
options 	NETGRAPH_L2TP
options 	NETGRAPH_MPPC_ENCRYPTION
options 	NETGRAPH_PPP
options 	NETGRAPH_PPPOE
options 	NETGRAPH_PPTPGRE
options 	NETGRAPH_NAT
options 	NETGRAPH_NETFLOW
options 	NETGRAPH_PRED1
options 	NETGRAPH_SOCKET
options 	NETGRAPH_TCPMSS
options 	NETGRAPH_TEE
options 	NETGRAPH_TTY
options 	NETGRAPH_VJC


# To make an SMP kernel, the next two lines are needed
#@options 	SMP			# Symmetric MultiProcessor Kernel
#@device		apic			# I/O APIC

# CPU frequency control
device		cpufreq

# Bus support.
device		eisa
device		pci

# Floppy drives
device		fdc

# ATA and ATAPI devices
device		ata
device		atadisk		# ATA disk drives
#@device		ataraid		# ATA RAID drives
device		atapicd		# ATAPI CDROM drives
#@device		atapifd		# ATAPI floppy drives
#@device		atapist		# ATAPI tape drives
options 	ATA_STATIC_ID	# Static device numbering

# SCSI Controllers
#@device		ahb		# EISA AHA1742 family
#@device		ahc		# AHA2940 and onboard AIC7xxx devices
#@options 	AHC_REG_PRETTY_PRINT	# Print register bitfields in debug
				# output.  Adds ~128k to driver.
#@device		ahd		# AHA39320/29320 and onboard AIC79xx devices
#@options 	AHD_REG_PRETTY_PRINT	# Print register bitfields in debug
				# output.  Adds ~215k to driver.
#@device		amd		# AMD 53C974 (Tekram DC-390(T))
#@device		hptiop		# Highpoint RocketRaid 3xxx series
#@device		isp		# Qlogic family
#device 	ispfw		# Firmware for QLogic HBAs- normally a module
#@device		mpt		# LSI-Logic MPT-Fusion
#device		ncr		# NCR/Symbios Logic
#@device		sym		# NCR/Symbios Logic (newer chipsets + those of `ncr')
#@device		trm		# Tekram DC395U/UW/F DC315U adapters

#@device		adv		# Advansys SCSI adapters
#@device		adw		# Advansys wide SCSI adapters
#@device		aha		# Adaptec 154x SCSI adapters
#@device		aic		# Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
#@device		bt		# Buslogic/Mylex MultiMaster SCSI adapters

#@device		ncv		# NCR 53C500
#@device		nsp		# Workbit Ninja SCSI-3
#@device		stg		# TMC 18C30/18C50

# SCSI peripherals
device		scbus		# SCSI bus (required for SCSI)
#@device		ch		# SCSI media changers
device		da		# Direct Access (disks)
#@device		sa		# Sequential Access (tape etc)
#@device		cd		# CD
#@device		pass		# Passthrough device (direct SCSI access)
#@device		ses		# SCSI Environmental Services (and SAF-TE)

# RAID controllers interfaced to the SCSI subsystem
#@device		amr		# AMI MegaRAID
#@device		arcmsr		# Areca SATA II RAID
#@device		asr		# DPT SmartRAID V, VI and Adaptec SCSI RAID
#@device		ciss		# Compaq Smart RAID 5*
#@device		dpt		# DPT Smartcache III, IV - See NOTES for options
#@device		hptmv		# Highpoint RocketRAID 182x
#@device		hptrr		# Highpoint RocketRAID 17xx, 22xx, 23xx, 25xx
#@device		iir		# Intel Integrated RAID
#@device		ips		# IBM (Adaptec) ServeRAID
#@device		mly		# Mylex AcceleRAID/eXtremeRAID
#@device		twa		# 3ware 9000 series PATA/SATA RAID

# RAID controllers
#@device		aac		# Adaptec FSA RAID
#@device		aacp		# SCSI passthrough for aac (requires CAM)
#@device		ida		# Compaq Smart RAID
#@device		mfi		# LSI MegaRAID SAS
#@device		mlx		# Mylex DAC960 family
#@device		pst		# Promise Supertrak SX6000
#@device		twe		# 3ware ATA RAID

# atkbdc0 controls both the keyboard and the PS/2 mouse
device		atkbdc		# AT keyboard controller
device		atkbd		# AT keyboard
device		psm		# PS/2 mouse

device		kbdmux		# keyboard multiplexer

device		vga		# VGA video card driver

#@device		splash		# Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device		sc

device		agp		# support several AGP chipsets

# Power management support (see NOTES for more options)
#device		apm
# Add suspend/resume support for the i8254.
device		pmtimer

# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
#@device		cbb		# cardbus (yenta) bridge
#@device		pccard		# PC Card (16-bit) bus
#@device		cardbus		# CardBus (32-bit) bus

# Serial (COM) ports
device		sio		# 8250, 16[45]50 based serial ports
device		uart		# Generic UART driver

# Parallel port
device		ppc
device		ppbus		# Parallel port bus (required)
device		lpt		# Printer
device		plip		# TCP/IP over parallel
device		ppi		# Parallel port interface device
#device		vpo		# Requires scbus and da

# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to sio, uart and/or ppc drivers):
#device		puc

# PCI Ethernet NICs.
#@device		de		# DEC/Intel DC21x4x (``Tulip'')
#@device		em		# Intel PRO/1000 adapter Gigabit Ethernet Card
#@device		ixgb		# Intel PRO/10GbE Ethernet Card
#@device		le		# AMD Am7900 LANCE and Am79C9xx PCnet
#@device		txp		# 3Com 3cR990 (``Typhoon'')
#@device		vx		# 3Com 3c590, 3c595 (``Vortex'')

# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device		miibus		# MII bus support
#@device		bce		# Broadcom BCM5706/BCM5708 Gigabit Ethernet
#@device		bfe		# Broadcom BCM440x 10/100 Ethernet
#@device		bge		# Broadcom BCM570xx Gigabit Ethernet
#@device		dc		# DEC/Intel 21143 and various workalikes
#@device		fxp		# Intel EtherExpress PRO/100B (82557, 82558)
#@device		lge		# Level 1 LXT1001 gigabit Ethernet
#@device		msk		# Marvell/SysKonnect Yukon II Gigabit Ethernet
#@device		nfe		# nVidia nForce MCP on-board Ethernet
#@device		nge		# NatSemi DP83820 gigabit Ethernet
#device		nve		# nVidia nForce MCP on-board Ethernet Networking
#@device		pcn		# AMD Am79C97x PCI 10/100 (precedence over 'le')
#@device		re		# RealTek 8139C+/8169/8169S/8110S
device		rl		# RealTek 8129/8139
#@device		sf		# Adaptec AIC-6915 (``Starfire'')
device		sis		# Silicon Integrated Systems SiS 900/SiS 7016
#@device		sk		# SysKonnect SK-984x & SK-982x gigabit Ethernet
#@device		ste		# Sundance ST201 (D-Link DFE-550TX)
#@device		stge		# Sundance/Tamarack TC9021 gigabit Ethernet
#@device		ti		# Alteon Networks Tigon I/II gigabit Ethernet
#@device		tl		# Texas Instruments ThunderLAN
#@device		tx		# SMC EtherPower II (83c170 ``EPIC'')
#@device		vge		# VIA VT612x gigabit Ethernet
device		vr		# VIA Rhine, Rhine II
#@device		wb		# Winbond W89C840F
#@device		xl		# 3Com 3c90x (``Boomerang'', ``Cyclone'')

# ISA Ethernet NICs.  pccard NICs included.
#@device		cs		# Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
#@device		ed		# NE[12]000, SMC Ultra, 3c503, DS8390 cards
#@device		ex		# Intel EtherExpress Pro/10 and Pro/10+
#@device		ep		# Etherlink III based cards
#@device		fe		# Fujitsu MB8696x based cards
#@device		ie		# EtherExpress 8/16, 3C507, StarLAN 10 etc.
#@device		sn		# SMC's 9000 series of Ethernet chips
#@device		xe		# Xircom pccard Ethernet

# Wireless NIC cards
#@device		wlan		# 802.11 support
#@device		wlan_wep	# 802.11 WEP support
#@device		wlan_ccmp	# 802.11 CCMP support
#@device		wlan_tkip	# 802.11 TKIP support
#@device		wlan_amrr	# AMRR transmit rate control algorithm
#@device		wlan_scan_ap	# 802.11 AP mode scanning
#@device		wlan_scan_sta	# 802.11 STA mode scanning
#@device		an		# Aironet 4500/4800 802.11 wireless NICs.
#@device		ath		# Atheros pci/cardbus NIC's
#@device		ath_hal		# Atheros HAL (Hardware Access Layer)
#@device		ath_rate_sample	# SampleRate tx rate control for ath
#@device		awi		# BayStack 660 and others
#@device		ral		# Ralink Technology RT2500 wireless NICs.
#@device		wi		# WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device		wl		# Older non 802.11 Wavelan wireless NIC.

# Pseudo devices.
device		loop		# Network loopback
device		random		# Entropy device
device		ether		# Ethernet support
#@device		sl		# Kernel SLIP
#@device		ppp		# Kernel PPP
#@device		tun		# Packet tunnel.
device		pty		# Pseudo-ttys (telnet etc)
#@device		md		# Memory "disks"
#@device		gif		# IPv6 and IPv4 tunneling
#@device		faith		# IPv6-to-IPv4 relaying (translation)
device		firmware	# firmware assist module

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device		bpf		# Berkeley packet filter

# USB support
device		uhci		# UHCI PCI->USB interface
device		ohci		# OHCI PCI->USB interface
device		ehci		# EHCI PCI->USB interface (USB 2.0)
device		usb		# USB Bus (required)
#device		udbp		# USB Double Bulk Pipe devices
device		ugen		# Generic
device		uhid		# "Human Interface Devices"
device		ukbd		# Keyboard
#@device		ulpt		# Printer
device		umass		# Disks/Mass storage - Requires scbus and da
device		ums		# Mouse
#@device		ural		# Ralink Technology RT2500USB wireless NICs
#@device		rum		# Ralink Technology RT2501USB wireless NICs
#@device		urio		# Diamond Rio 500 MP3 player
#@device		uscanner	# Scanners
# USB Ethernet, requires miibus
#@device		aue		# ADMtek USB Ethernet
#@device		axe		# ASIX Electronics USB Ethernet
#@device		cdce		# Generic USB over Ethernet
#@device		cue		# CATC USB Ethernet
#@device		kue		# Kawasaki LSI USB Ethernet
#@device		rue		# RealTek RTL8150 USB Ethernet

# FireWire support
#@device		firewire	# FireWire bus code
#@device		sbp		# SCSI over FireWire (Requires scbus and da)
#@device		fwe		# Ethernet over FireWire (non-standard!)
#@device		fwip		# IP over FireWire (RFC 2734,3146)
#@device		dcons		# Dumb console driver
#@device		dcons_crom	# Configuration ROM for dcons

 

uname -a

FreeBSD srv.freebsp 7.0-RELEASE-p10 FreeBSD 7.0-RELEASE-p10 #0: Sat Mar 14 00:19:28 MSK 2009 root@srv.freebsp:/usr/obj/usr/src/sys/MYKERN_130309 i386

 

PS mpd 4.3 от 5.2 достаточно сильно отличаются

короче мельком глянул по поводу пакета mpd пакет клиент сервер нам нужен клиентская часть,так сложно сразу сказать почему идет обрыв сразу, так как само соединие идет, произходит аунтификация,

У меня счас время нет чтоб детально каждую строку изучить,тогда как вариант

из портов и пакетов удаляешь mpd5 ([хотя она безпроблем должна пахать) уставливаешь из пакетов (будет достоточно) mpd4 делаешь по посту описанному

 

Еще решение дабавь, правдо я устанавливал и серверную и клиентскую версии mpd и задействовал модули подгружаемые при загрузке системы

/boot/loader.conf

netgraph_load="YES"

ng_ether_load="YES"

ng_netflow_load="YES"

ng_socket_load="YES"

ng_tee_load="YES"

ng_bpf_load="YES"

ng_iface_load="YES"

ng_ksocket_load="YES"

ng_ppp_load="YES"

ng_pptpgre_load="YES"

ng_tcpmss_load="YES"

ng_vjc_load="YES"

ng_one2many_load="YES"

ng_rfc1490_load="YES"

ng_tty_load="YES"

ng_UI_load="YES"

так будет быстрее чем перекомпилировать ядро

 

Итого: пост на который я дал ссылку+модули полюбому должны разрешить проблемы по поводу pptp (проверял неоднакратно) :unknw:

 

P.s вот только счас увил что все модули уже скомпилированы в ядро

лучше так выставлять

set link no pap

set link accept chap

 

 

и еще конфу mpd4/5 напиши сначала удали все что там есть на данный момен и вешай vpn не ng0 а ng1....n

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах
/etc/rc.conf

# Net Config
ifconfig_rl0="DHCP" # "inet 192.168.0.2  netmask 255.255.255.0"
ifconfig_rl1="DHCP" # "inet 192.168.1.1  netmask 255.255.255.0"
#defaultrouter="192.168.1.1"
hostname="srv.freebsp"

linux_enable="YES"

# Net Daemons
sshd_enable="YES"
apache22_enable="YES"
mysql_enable="YES"
#mpd_enable="YES"
pureftpd_enable="YES"
webmin_enable="YES"


firewall_enable="YES"
firewall_script="/usr/local/etc/rc.firewall"
firewall_type="custom"
firewall_logging="YES"

#rus
font8x8="cp866-8x8"
font8x14="cp866-8x14"
font8x16="cp866-8x16"
scrnmap="koi8-r2cp866"
keymap="ru.koi8-r"

 

/usr/local/etc/mpd5/mpd5.conf

#################################################################
#	MPD configuration file
# This file defines the configuration for mpd: what the
# bundles are, what the links are in those bundles, how
# the interface should be configured, various PPP parameters,
# etc. It contains commands just as you would type them
# in at the console. Lines without padding are labels. Lines
# starting with a "#" are comments.
#################################################################

startup:
# configure mpd users
set user FreeBSP pass admin
# configure the console
set console self 127.0.0.1 5005
set console open
# configure the web server
set web self 0.0.0.0 5006
set web open

#
# Default configuration is "dialup"

default:
load pptp_client


common:
# Enable multilink protocol
set link disable multilink
# Allow peer to authenticate us
set link disable chap pap
set link accept chap pap
# Set inifinite redial attempts
set link max-redial 0

pptp_client:
#
# PPTP client: only outgoing calls, auto reconnect,
# ipcp-negotiated address, one-sided authentication,
# default route points on ISP's end
#

create bundle static B1

#	set bundle enable compression
#	set ccp yes mppc
#	set mppc yes e40
#	set mppc yes e128
#	set link enable crypd-reqd
#	set mppc yes stateless

#	set iface route default
       set iface up-script /usr/local/etc/mpd5/io-up-pptp.sh
       set iface down-script /usr/local/etc/mpd5/io-down-pptp.sh 
##	set iface idle 0
set iface enable tcpmssfix

#	set ipcp no vjcomp
#	set ipcp ranges 0.0.0.0/0 0.0.0.0/0

create link static L1 pptp	
set link action bundle B1
#	set link disable miltilink
#	set link enable noretry

set auth authname uname
set auth password pass

##	set link no pap 
#	set link enable chap
##	set link max-redial 0
set link mtu 1460
set link keep-alive 20 75
##	set link disable incoming

set pptp peer vpn.corbina.net
set pptp enable originate
set pptp disable windowing
open

 

/usr/local/etc/mpd5/io-up-pptp.sh

#LocalGW=`cat /var/db/dhclient.leases.* | awk '/option routers/ { print (substr($3, 1, length($3)-1)) }' | tail -n 1`
#Today=`date "+%Y-%m-%d"`
#TimeNow=`date "+%H:%M:%S"`

#echo $4

#route delete $4
#route add $4 10.72.128.1
#route delete default
#route add default $4

#echo $4 > /tmp/pptp_GW
# echo $4 > /var/log/Corbina/pptp_GW.$Today
#echo $Today $TimeNow -PPTP- pptpGW = $4 WAN-IP = $3 >> /var/log/Corbina/vpn.log
exit 0

 

/usr/local/etc/mpd5/io-down-pptp.sh

#LocalGW=`cat /tmp/Current_Local_GW`

#vpnGW=`cat /tmp/pptp_GW`
#route delete $vpnGW
#route delete default
#route add default $LocalGW

 

конфиг ядра

#
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
#    [url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html"]http://www.FreeBSD.org/doc/en_US.ISO8859-1...fig-config.html[/url]
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.474.2.2.2.1 2008/02/06 03:24:28 scottl Exp $

#@cpu		I486_CPU
#@cpu		I586_CPU
cpu		I686_CPU
ident		MYKERN_130109

# To statically compile in device wiring instead of /boot/device.hints
#hints		"GENERIC.hints"		# Default places to look for devices.

#@makeoptions	DEBUG=-g		# Build kernel with gdb(1) debug symbols

options 	SCHED_4BSD		# 4BSD scheduler
options 	PREEMPTION		# Enable kernel thread preemption
options 	INET			# InterNETworking
#@options 	INET6			# IPv6 communications protocols
#@options 	SCTP			# Stream Control Transmission Protocol
options 	FFS			# Berkeley Fast Filesystem
options 	SOFTUPDATES		# Enable FFS soft updates support
options 	UFS_ACL			# Support for access control lists
options 	UFS_DIRHASH		# Improve performance on big directories
options 	UFS_GJOURNAL		# Enable gjournal-based UFS journaling
#@options 	MD_ROOT			# MD is a potential root device
options 	NFSCLIENT		# Network Filesystem Client
options 	NFSSERVER		# Network Filesystem Server
#@options 	NFS_ROOT		# NFS usable as /, requires NFSCLIENT
#@options 	MSDOSFS			# MSDOS Filesystem
#@options 	CD9660			# ISO 9660 Filesystem
options 	PROCFS			# Process filesystem (requires PSEUDOFS)
options 	PSEUDOFS		# Pseudo-filesystem framework
options 	GEOM_PART_GPT		# GUID Partition Tables.
options 	GEOM_LABEL		# Provides labelization
options 	COMPAT_43TTY		# BSD 4.3 TTY compat [KEEP THIS!]
options 	COMPAT_FREEBSD4		# Compatible with FreeBSD4
options 	COMPAT_FREEBSD5		# Compatible with FreeBSD5
options 	COMPAT_FREEBSD6		# Compatible with FreeBSD6
#@options 	SCSI_DELAY=5000		# Delay (in ms) before probing SCSI
options 	KTRACE			# ktrace(1) support
options 	SYSVSHM			# SYSV-style shared memory
options 	SYSVMSG			# SYSV-style message queues
options 	SYSVSEM			# SYSV-style semaphores
options 	_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options 	KBD_INSTALL_CDEV	# install a CDEV entry in /dev
options 	ADAPTIVE_GIANT		# Giant mutex is adaptive.
options 	STOP_NMI		# Stop CPUS using NMI instead of IPI
options 	AUDIT			# Security event auditing

#@ IPFW && MPD via NETGRAPH
options		IPFIREWALL
options		IPFIREWALL_VERBOSE
options 	IPDIVERT
options 	IPFIREWALL_FORWARD
options 	DUMMYNET

#nat
options 	IPFIREWALL_NAT

options 	LIBALIAS

options 	NETGRAPH
options 	NETGRAPH_ASYNC
options 	NETGRAPH_BPF
options 	NETGRAPH_CAR
options 	NETGRAPH_DEFLATE
options 	NETGRAPH_ETHER
options 	NETGRAPH_IFACE
options 	NETGRAPH_KSOCKET
options 	NETGRAPH_L2TP
options 	NETGRAPH_MPPC_ENCRYPTION
options 	NETGRAPH_PPP
options 	NETGRAPH_PPPOE
options 	NETGRAPH_PPTPGRE
options 	NETGRAPH_NAT
options 	NETGRAPH_NETFLOW
options 	NETGRAPH_PRED1
options 	NETGRAPH_SOCKET
options 	NETGRAPH_TCPMSS
options 	NETGRAPH_TEE
options 	NETGRAPH_TTY
options 	NETGRAPH_VJC


# To make an SMP kernel, the next two lines are needed
#@options 	SMP			# Symmetric MultiProcessor Kernel
#@device		apic			# I/O APIC

# CPU frequency control
device		cpufreq

# Bus support.
device		eisa
device		pci

# Floppy drives
device		fdc

# ATA and ATAPI devices
device		ata
device		atadisk		# ATA disk drives
#@device		ataraid		# ATA RAID drives
device		atapicd		# ATAPI CDROM drives
#@device		atapifd		# ATAPI floppy drives
#@device		atapist		# ATAPI tape drives
options 	ATA_STATIC_ID	# Static device numbering

# SCSI Controllers
#@device		ahb		# EISA AHA1742 family
#@device		ahc		# AHA2940 and onboard AIC7xxx devices
#@options 	AHC_REG_PRETTY_PRINT	# Print register bitfields in debug
				# output.  Adds ~128k to driver.
#@device		ahd		# AHA39320/29320 and onboard AIC79xx devices
#@options 	AHD_REG_PRETTY_PRINT	# Print register bitfields in debug
				# output.  Adds ~215k to driver.
#@device		amd		# AMD 53C974 (Tekram DC-390(T))
#@device		hptiop		# Highpoint RocketRaid 3xxx series
#@device		isp		# Qlogic family
#device 	ispfw		# Firmware for QLogic HBAs- normally a module
#@device		mpt		# LSI-Logic MPT-Fusion
#device		ncr		# NCR/Symbios Logic
#@device		sym		# NCR/Symbios Logic (newer chipsets + those of `ncr')
#@device		trm		# Tekram DC395U/UW/F DC315U adapters

#@device		adv		# Advansys SCSI adapters
#@device		adw		# Advansys wide SCSI adapters
#@device		aha		# Adaptec 154x SCSI adapters
#@device		aic		# Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
#@device		bt		# Buslogic/Mylex MultiMaster SCSI adapters

#@device		ncv		# NCR 53C500
#@device		nsp		# Workbit Ninja SCSI-3
#@device		stg		# TMC 18C30/18C50

# SCSI peripherals
device		scbus		# SCSI bus (required for SCSI)
#@device		ch		# SCSI media changers
device		da		# Direct Access (disks)
#@device		sa		# Sequential Access (tape etc)
#@device		cd		# CD
#@device		pass		# Passthrough device (direct SCSI access)
#@device		ses		# SCSI Environmental Services (and SAF-TE)

# RAID controllers interfaced to the SCSI subsystem
#@device		amr		# AMI MegaRAID
#@device		arcmsr		# Areca SATA II RAID
#@device		asr		# DPT SmartRAID V, VI and Adaptec SCSI RAID
#@device		ciss		# Compaq Smart RAID 5*
#@device		dpt		# DPT Smartcache III, IV - See NOTES for options
#@device		hptmv		# Highpoint RocketRAID 182x
#@device		hptrr		# Highpoint RocketRAID 17xx, 22xx, 23xx, 25xx
#@device		iir		# Intel Integrated RAID
#@device		ips		# IBM (Adaptec) ServeRAID
#@device		mly		# Mylex AcceleRAID/eXtremeRAID
#@device		twa		# 3ware 9000 series PATA/SATA RAID

# RAID controllers
#@device		aac		# Adaptec FSA RAID
#@device		aacp		# SCSI passthrough for aac (requires CAM)
#@device		ida		# Compaq Smart RAID
#@device		mfi		# LSI MegaRAID SAS
#@device		mlx		# Mylex DAC960 family
#@device		pst		# Promise Supertrak SX6000
#@device		twe		# 3ware ATA RAID

# atkbdc0 controls both the keyboard and the PS/2 mouse
device		atkbdc		# AT keyboard controller
device		atkbd		# AT keyboard
device		psm		# PS/2 mouse

device		kbdmux		# keyboard multiplexer

device		vga		# VGA video card driver

#@device		splash		# Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device		sc

device		agp		# support several AGP chipsets

# Power management support (see NOTES for more options)
#device		apm
# Add suspend/resume support for the i8254.
device		pmtimer

# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
#@device		cbb		# cardbus (yenta) bridge
#@device		pccard		# PC Card (16-bit) bus
#@device		cardbus		# CardBus (32-bit) bus

# Serial (COM) ports
device		sio		# 8250, 16[45]50 based serial ports
device		uart		# Generic UART driver

# Parallel port
device		ppc
device		ppbus		# Parallel port bus (required)
device		lpt		# Printer
device		plip		# TCP/IP over parallel
device		ppi		# Parallel port interface device
#device		vpo		# Requires scbus and da

# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to sio, uart and/or ppc drivers):
#device		puc

# PCI Ethernet NICs.
#@device		de		# DEC/Intel DC21x4x (``Tulip'')
#@device		em		# Intel PRO/1000 adapter Gigabit Ethernet Card
#@device		ixgb		# Intel PRO/10GbE Ethernet Card
#@device		le		# AMD Am7900 LANCE and Am79C9xx PCnet
#@device		txp		# 3Com 3cR990 (``Typhoon'')
#@device		vx		# 3Com 3c590, 3c595 (``Vortex'')

# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device		miibus		# MII bus support
#@device		bce		# Broadcom BCM5706/BCM5708 Gigabit Ethernet
#@device		bfe		# Broadcom BCM440x 10/100 Ethernet
#@device		bge		# Broadcom BCM570xx Gigabit Ethernet
#@device		dc		# DEC/Intel 21143 and various workalikes
#@device		fxp		# Intel EtherExpress PRO/100B (82557, 82558)
#@device		lge		# Level 1 LXT1001 gigabit Ethernet
#@device		msk		# Marvell/SysKonnect Yukon II Gigabit Ethernet
#@device		nfe		# nVidia nForce MCP on-board Ethernet
#@device		nge		# NatSemi DP83820 gigabit Ethernet
#device		nve		# nVidia nForce MCP on-board Ethernet Networking
#@device		pcn		# AMD Am79C97x PCI 10/100 (precedence over 'le')
#@device		re		# RealTek 8139C+/8169/8169S/8110S
device		rl		# RealTek 8129/8139
#@device		sf		# Adaptec AIC-6915 (``Starfire'')
device		sis		# Silicon Integrated Systems SiS 900/SiS 7016
#@device		sk		# SysKonnect SK-984x & SK-982x gigabit Ethernet
#@device		ste		# Sundance ST201 (D-Link DFE-550TX)
#@device		stge		# Sundance/Tamarack TC9021 gigabit Ethernet
#@device		ti		# Alteon Networks Tigon I/II gigabit Ethernet
#@device		tl		# Texas Instruments ThunderLAN
#@device		tx		# SMC EtherPower II (83c170 ``EPIC'')
#@device		vge		# VIA VT612x gigabit Ethernet
device		vr		# VIA Rhine, Rhine II
#@device		wb		# Winbond W89C840F
#@device		xl		# 3Com 3c90x (``Boomerang'', ``Cyclone'')

# ISA Ethernet NICs.  pccard NICs included.
#@device		cs		# Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
#@device		ed		# NE[12]000, SMC Ultra, 3c503, DS8390 cards
#@device		ex		# Intel EtherExpress Pro/10 and Pro/10+
#@device		ep		# Etherlink III based cards
#@device		fe		# Fujitsu MB8696x based cards
#@device		ie		# EtherExpress 8/16, 3C507, StarLAN 10 etc.
#@device		sn		# SMC's 9000 series of Ethernet chips
#@device		xe		# Xircom pccard Ethernet

# Wireless NIC cards
#@device		wlan		# 802.11 support
#@device		wlan_wep	# 802.11 WEP support
#@device		wlan_ccmp	# 802.11 CCMP support
#@device		wlan_tkip	# 802.11 TKIP support
#@device		wlan_amrr	# AMRR transmit rate control algorithm
#@device		wlan_scan_ap	# 802.11 AP mode scanning
#@device		wlan_scan_sta	# 802.11 STA mode scanning
#@device		an		# Aironet 4500/4800 802.11 wireless NICs.
#@device		ath		# Atheros pci/cardbus NIC's
#@device		ath_hal		# Atheros HAL (Hardware Access Layer)
#@device		ath_rate_sample	# SampleRate tx rate control for ath
#@device		awi		# BayStack 660 and others
#@device		ral		# Ralink Technology RT2500 wireless NICs.
#@device		wi		# WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device		wl		# Older non 802.11 Wavelan wireless NIC.

# Pseudo devices.
device		loop		# Network loopback
device		random		# Entropy device
device		ether		# Ethernet support
#@device		sl		# Kernel SLIP
#@device		ppp		# Kernel PPP
#@device		tun		# Packet tunnel.
device		pty		# Pseudo-ttys (telnet etc)
#@device		md		# Memory "disks"
#@device		gif		# IPv6 and IPv4 tunneling
#@device		faith		# IPv6-to-IPv4 relaying (translation)
device		firmware	# firmware assist module

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device		bpf		# Berkeley packet filter

# USB support
device		uhci		# UHCI PCI->USB interface
device		ohci		# OHCI PCI->USB interface
device		ehci		# EHCI PCI->USB interface (USB 2.0)
device		usb		# USB Bus (required)
#device		udbp		# USB Double Bulk Pipe devices
device		ugen		# Generic
device		uhid		# "Human Interface Devices"
device		ukbd		# Keyboard
#@device		ulpt		# Printer
device		umass		# Disks/Mass storage - Requires scbus and da
device		ums		# Mouse
#@device		ural		# Ralink Technology RT2500USB wireless NICs
#@device		rum		# Ralink Technology RT2501USB wireless NICs
#@device		urio		# Diamond Rio 500 MP3 player
#@device		uscanner	# Scanners
# USB Ethernet, requires miibus
#@device		aue		# ADMtek USB Ethernet
#@device		axe		# ASIX Electronics USB Ethernet
#@device		cdce		# Generic USB over Ethernet
#@device		cue		# CATC USB Ethernet
#@device		kue		# Kawasaki LSI USB Ethernet
#@device		rue		# RealTek RTL8150 USB Ethernet

# FireWire support
#@device		firewire	# FireWire bus code
#@device		sbp		# SCSI over FireWire (Requires scbus and da)
#@device		fwe		# Ethernet over FireWire (non-standard!)
#@device		fwip		# IP over FireWire (RFC 2734,3146)
#@device		dcons		# Dumb console driver
#@device		dcons_crom	# Configuration ROM for dcons

 

uname -a

FreeBSD srv.freebsp 7.0-RELEASE-p10 FreeBSD 7.0-RELEASE-p10 #0: Sat Mar 14 00:19:28 MSK 2009 root@srv.freebsp:/usr/obj/usr/src/sys/MYKERN_130309 i386

 

PS mpd 4.3 от 5.2 достаточно сильно отличаются

короче мельком глянул по поводу пакета mpd пакет клиент сервер нам нужен клиентская часть,так сложно сразу сказать почему идет обрыв сразу, так как само соединие идет, произходит аунтификация,

У меня счас время нет чтоб детально каждую строку изучить,тогда как вариант

из портов и пакетов удаляешь mpd5 ([хотя она безпроблем должна пахать) уставливаешь из пакетов (будет достоточно) mpd4 делаешь по посту описанному

 

Еще решение дабавь, правдо я устанавливал и серверную и клиентскую версии mpd и задействовал модули подгружаемые при загрузке системы

/boot/loader.conf

netgraph_load="YES"

ng_ether_load="YES"

ng_netflow_load="YES"

ng_socket_load="YES"

ng_tee_load="YES"

ng_bpf_load="YES"

ng_iface_load="YES"

ng_ksocket_load="YES"

ng_ppp_load="YES"

ng_pptpgre_load="YES"

ng_tcpmss_load="YES"

ng_vjc_load="YES"

ng_one2many_load="YES"

ng_rfc1490_load="YES"

ng_tty_load="YES"

ng_UI_load="YES"

так будет быстрее чем перекомпилировать ядро

 

Итого: пост на который я дал ссылку+модули полюбому должны разрешить проблемы по поводу pptp (проверял неоднакратно) <_<

 

P.s вот только счас увил что все модули уже скомпилированы в ядро

лучше так выставлять

set link no pap

set link accept chap

 

 

и еще конфу mpd4/5 напиши сначала удали все что там есть на данный момен и вешай vpn не ng0 а ng1....n

 

хотелось бы оставить mpd5, ибо планируется потом подключить еще и серверную часть, к которой можно будет коннектиться стандартными средствами винды.

 

ng_one2many_load="YES"

ng_rfc1490_load="YES"

ng_UI_load="YES"

 

вот эти модули нетграфа не грузил, ибо в разделе траблшутинга руководства mpd5 про них не говориться, а хендбук фри на теу нетграфа молчит как партизан(может, я плохо спрашиваю..)

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах
хотелось бы оставить mpd5, ибо планируется потом подключить еще и серверную часть, к которой можно будет коннектиться стандартными средствами винды.

 

ng_one2many_load="YES"

ng_rfc1490_load="YES"

ng_UI_load="YES"

 

вот эти модули нетграфа не грузил, ибо в разделе траблшутинга руководства mpd5 про них не говориться, а хендбук фри на теу нетграфа молчит как партизан(может, я плохо спрашиваю..)

 

Конфиги и логи не смотрел, но если виснет после надписи iface up, то попробуй добавить роут в сеть 85.21.0.0/24 через свой локальный шлюз.

Поделиться сообщением


Ссылка на сообщение
Поделиться на других сайтах