Задать вопрос
saibaneko

saibaneko

Комментарии

  • Как открыть порты на Openwrt (web, rdp, torrentstream)?

    saibaneko
    @saibaneko Автор вопроса
    Ага, то есть прероутинга и форварда достаточно. Вечером буду пробовать. Спасибо.
    Написано

  • Как открыть порты на Openwrt (web, rdp, torrentstream)?

    saibaneko
    @saibaneko Автор вопроса
    @FessAectan: спасибо за картинку, что-то прояснилось в голове.
    Правильно ли я понимаю что конечный вариант для моего RDP будет выглядеть так:
    #Rule for RDP-connect
    iptables -t nat -I PREROUTING -m tcp -p tcp --dport 3389 -i l2tp-BeeLine -j DNAT --to 192.168.1.224
    iptables -I FORWARD -m tcp -p tcp -d 192.168.1.224 --dport 3389 -j ACCEPT
    iptables -I INPUT -i l2tp-BeeLine -p tcp -m tcp --dport 3389 -j ACCEPT
    Написано

  • Как открыть порты на Openwrt (web, rdp, torrentstream)?

    saibaneko
    @saibaneko Автор вопроса
    @FessAectan: правильно я понимаю, что все правила созданные ранее мною через luci надо убрать?
    И еще, последовательность команд идет обычно:
    PREROUTING
    FORWARD
    ACCEPT
    так?

    Вывод без добавления вашей команды:
    root@OpenWrt:~# iptables -vnL -t nat
    Chain PREROUTING (policy ACCEPT 10 packets, 933 bytes)
    pkts bytes target prot opt in out source destination
    858K 964M delegate_prerouting all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain INPUT (policy ACCEPT 2 packets, 104 bytes)
    pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination

    Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination
    38714 2545K delegate_postrouting all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain MINIUPNPD (1 references)
    pkts bytes target prot opt in out source destination
    1 48 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:9799 to:192.168.1.244:9799
    1 52 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9799 to:192.168.1.244:9799
    0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:62201 to:192.168.1.224:62201

    Chain delegate_postrouting (1 references)
    pkts bytes target prot opt in out source destination
    38714 2545K postrouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for postrouting */
    1113 109K zone_lan_postrouting all -- * br-lan 0.0.0.0/0 0.0.0.0/0
    66 2640 zone_wan_postrouting all -- * eth0.2 0.0.0.0/0 0.0.0.0/0
    36424 2357K zone_wan_postrouting all -- * l2tp-BeeLine 0.0.0.0/0 0.0.0.0/0

    Chain delegate_prerouting (1 references)
    pkts bytes target prot opt in out source destination
    858K 964M prerouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for prerouting */
    26896 2691K zone_lan_prerouting all -- br-lan * 0.0.0.0/0 0.0.0.0/0
    816K 960M zone_wan_prerouting all -- eth0.2 * 0.0.0.0/0 0.0.0.0/0
    15430 911K zone_wan_prerouting all -- l2tp-BeeLine * 0.0.0.0/0 0.0.0.0/0

    Chain postrouting_lan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain postrouting_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain postrouting_wan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain prerouting_lan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain prerouting_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain prerouting_wan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain zone_lan_postrouting (1 references)
    pkts bytes target prot opt in out source destination
    1113 109K postrouting_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for postrouting */
    0 0 SNAT tcp -- * * 192.168.1.0/24 192.168.1.224 tcp dpt:3389 /* RDP (reflection) */ to:192.168.1.1

    Chain zone_lan_prerouting (1 references)
    pkts bytes target prot opt in out source destination
    26896 2691K prerouting_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for prerouting */
    0 0 DNAT tcp -- * * 192.168.1.0/24 10.159.40.45 tcp dpt:3389 /* RDP (reflection) */ to:192.168.1.224:3389
    0 0 DNAT tcp -- * * 192.168.1.0/24 37.145.119.42 tcp dpt:3389 /* RDP (reflection) */ to:192.168.1.224:3389

    Chain zone_wan_postrouting (2 references)
    pkts bytes target prot opt in out source destination
    36490 2360K postrouting_wan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for postrouting */
    36490 2360K MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_prerouting (2 references)
    pkts bytes target prot opt in out source destination
    832K 961M MINIUPNPD all -- * * 0.0.0.0/0 0.0.0.0/0
    831K 961M prerouting_wan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for prerouting */
    0 0 REDIRECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* WebOpenWRT */ redir ports 80
    35 1660 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3389 /* RDP */ to:192.168.1.224:3389

    Вывод c добавлением вашей команды в пользовательские правила и перезапуска файерволла :
    root@OpenWrt:~# iptables -vnL -t nat
    Chain PREROUTING (policy ACCEPT 32 packets, 10838 bytes)
    pkts bytes target prot opt in out source destination
    87 25695 delegate_prerouting all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain INPUT (policy ACCEPT 7 packets, 456 bytes)
    pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 7 packets, 525 bytes)
    pkts bytes target prot opt in out source destination

    Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination
    18 985 delegate_postrouting all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain MINIUPNPD (1 references)
    pkts bytes target prot opt in out source destination
    1 48 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:9799 to:192.168.1.244:9799
    1 52 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9799 to:192.168.1.244:9799
    0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:62201 to:192.168.1.224:62201

    Chain delegate_postrouting (1 references)
    pkts bytes target prot opt in out source destination
    18 985 postrouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for postrouting */
    1 60 zone_lan_postrouting all -- * br-lan 0.0.0.0/0 0.0.0.0/0
    0 0 zone_wan_postrouting all -- * eth0.2 0.0.0.0/0 0.0.0.0/0
    17 925 zone_wan_postrouting all -- * l2tp-BeeLine 0.0.0.0/0 0.0.0.0/0

    Chain delegate_prerouting (1 references)
    pkts bytes target prot opt in out source destination
    87 25695 prerouting_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for prerouting */
    10 1020 zone_lan_prerouting all -- br-lan * 0.0.0.0/0 0.0.0.0/0
    61 23303 zone_wan_prerouting all -- eth0.2 * 0.0.0.0/0 0.0.0.0/0
    16 1372 zone_wan_prerouting all -- l2tp-BeeLine * 0.0.0.0/0 0.0.0.0/0

    Chain postrouting_lan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain postrouting_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain postrouting_wan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain prerouting_lan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain prerouting_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain prerouting_wan_rule (1 references)
    pkts bytes target prot opt in out source destination

    Chain zone_lan_postrouting (1 references)
    pkts bytes target prot opt in out source destination
    1 60 postrouting_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for postrouting */
    0 0 SNAT tcp -- * * 192.168.1.0/24 192.168.1.224 tcp dpt:3389 /* RDP (reflection) */ to:192.168.1.1

    Chain zone_lan_prerouting (1 references)
    pkts bytes target prot opt in out source destination
    10 1020 prerouting_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for prerouting */
    0 0 DNAT tcp -- * * 192.168.1.0/24 10.159.40.45 tcp dpt:3389 /* RDP (reflection) */ to:192.168.1.224:3389
    0 0 DNAT tcp -- * * 192.168.1.0/24 37.145.119.42 tcp dpt:3389 /* RDP (reflection) */ to:192.168.1.224:3389

    Chain zone_wan_postrouting (2 references)
    pkts bytes target prot opt in out source destination
    17 925 postrouting_wan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for postrouting */
    17 925 MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_prerouting (2 references)
    pkts bytes target prot opt in out source destination
    77 24675 MINIUPNPD all -- * * 0.0.0.0/0 0.0.0.0/0
    77 24675 prerouting_wan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for prerouting */
    0 0 REDIRECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* WebOpenWRT */ redir ports 80
    0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3389 /* RDP */ to:192.168.1.224:3389
    Написано

  • Как открыть порты на Openwrt (web, rdp, torrentstream)?

    saibaneko
    @saibaneko Автор вопроса
    Да, конечно

    Или ниже, или быть может более визуально удобнее здесь https://docs.google.com/document/d/1h-caCwV0N4Te-C...

    root@OpenWrt:~# iptables -n -L -v --line-numbers
    Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
    num pkts bytes target prot opt in out source destination
    1 48432 5427K delegate_input all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain FORWARD (policy DROP 0 packets, 0 bytes)
    num pkts bytes target prot opt in out source destination
    1 18639 1391K delegate_forward all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
    num pkts bytes target prot opt in out source destination
    1 174K 76M delegate_output all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain MINIUPNPD (1 references)
    num pkts bytes target prot opt in out source destination
    1 1 48 ACCEPT udp -- * * 0.0.0.0/0 192.168.1.244 udp dpt:9799
    2 1 52 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.244 tcp dpt:9799
    3 0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.1.224 udp dpt:62201

    Chain delegate_forward (1 references)
    num pkts bytes target prot opt in out source destination
    1 18639 1391K forwarding_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for forwarding */
    2 1046 95320 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
    3 16672 1234K zone_lan_forward all -- br-lan * 0.0.0.0/0 0.0.0.0/0
    4 0 0 zone_wan_forward all -- eth0.2 * 0.0.0.0/0 0.0.0.0/0
    5 921 62326 zone_wan_forward all -- l2tp-BeeLine * 0.0.0.0/0 0.0.0.0/0
    6 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain delegate_input (1 references)
    num pkts bytes target prot opt in out source destination
    1 1084 73888 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
    2 47348 5353K input_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for input */
    3 115 6991 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
    4 1854 91980 syn_flood tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
    5 11298 711K zone_lan_input all -- br-lan * 0.0.0.0/0 0.0.0.0/0
    6 33291 4457K zone_wan_input all -- eth0.2 * 0.0.0.0/0 0.0.0.0/0
    7 2644 178K zone_wan_input all -- l2tp-BeeLine * 0.0.0.0/0 0.0.0.0/0

    Chain delegate_output (1 references)
    num pkts bytes target prot opt in out source destination
    1 1084 73888 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
    2 173K 76M output_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for output */
    3 4577 802K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
    4 157K 74M zone_lan_output all -- * br-lan 0.0.0.0/0 0.0.0.0/0
    5 0 0 zone_wan_output all -- * eth0.2 0.0.0.0/0 0.0.0.0/0
    6 11360 756K zone_wan_output all -- * l2tp-BeeLine 0.0.0.0/0 0.0.0.0/0

    Chain forwarding_lan_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain forwarding_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain forwarding_wan_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain input_lan_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain input_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain input_wan_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain output_lan_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain output_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain output_wan_rule (1 references)
    num pkts bytes target prot opt in out source destination

    Chain reject (5 references)
    num pkts bytes target prot opt in out source destination
    1 1336 65216 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
    2 34463 4565K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

    Chain syn_flood (1 references)
    num pkts bytes target prot opt in out source destination
    1 1854 91980 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 25/sec burst 50
    2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_lan_dest_ACCEPT (6 references)
    num pkts bytes target prot opt in out source destination
    1 157K 74M ACCEPT all -- * br-lan 0.0.0.0/0 0.0.0.0/0

    Chain zone_lan_forward (1 references)
    num pkts bytes target prot opt in out source destination
    1 16672 1234K forwarding_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for forwarding */
    2 16672 1234K zone_wan_dest_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 /* forwarding lan -> wan */
    3 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT /* Accept port forwards */
    4 0 0 zone_lan_dest_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_lan_input (1 references)
    num pkts bytes target prot opt in out source destination
    1 11298 711K input_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for input */
    2 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT /* Accept port redirections */
    3 11298 711K zone_lan_src_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_lan_output (1 references)
    num pkts bytes target prot opt in out source destination
    1 157K 74M output_lan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for output */
    2 157K 74M zone_lan_dest_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_lan_src_ACCEPT (1 references)
    num pkts bytes target prot opt in out source destination
    1 11298 711K ACCEPT all -- br-lan * 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_dest_ACCEPT (2 references)
    num pkts bytes target prot opt in out source destination
    1 0 0 ACCEPT all -- * eth0.2 0.0.0.0/0 0.0.0.0/0
    2 28032 1990K ACCEPT all -- * l2tp-BeeLine 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_dest_REJECT (1 references)
    num pkts bytes target prot opt in out source destination
    1 0 0 reject all -- * eth0.2 0.0.0.0/0 0.0.0.0/0
    2 0 0 reject all -- * l2tp-BeeLine 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_forward (2 references)
    num pkts bytes target prot opt in out source destination
    1 921 62326 MINIUPNPD all -- * * 0.0.0.0/0 0.0.0.0/0
    2 42 2146 forwarding_wan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for forwarding */
    3 0 0 zone_lan_dest_ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8621 /* TorrentSteam */
    4 0 0 zone_lan_dest_ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:8621 /* TorrentSteam */
    5 40 1916 zone_lan_dest_ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.224 tcp dpt:3389 /* RDP */
    6 0 0 zone_lan_dest_ACCEPT udp -- * * 0.0.0.0/0 192.168.1.224 udp dpt:3389 /* RDP */
    7 2 230 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT /* Accept port forwards */
    8 0 0 zone_wan_dest_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_input (2 references)
    num pkts bytes target prot opt in out source destination
    1 35935 4635K input_wan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for input */
    2 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68 /* Allow-DHCP-Renew */
    3 126 4192 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 /* Allow-Ping */
    4 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* WebOpenWRT */
    5 10 473 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:80 /* WebOpenWRT */
    6 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT /* Accept port redirections */
    7 35799 4630K zone_wan_src_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_output (2 references)
    num pkts bytes target prot opt in out source destination
    1 11360 756K output_wan_rule all -- * * 0.0.0.0/0 0.0.0.0/0 /* user chain for output */
    2 11360 756K zone_wan_dest_ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0

    Chain zone_wan_src_REJECT (1 references)
    num pkts bytes target prot opt in out source destination
    1 33290 4457K reject all -- eth0.2 * 0.0.0.0/0 0.0.0.0/0
    2 2509 173K reject all -- l2tp-BeeLine * 0.0.0.0/0 0.0.0.0/0
    Написано

  • Как восстановить данные на htc butterfly после factory reset?

    saibaneko
    @saibaneko Автор вопроса
    Спасибо. То что нужно. Вытащить особо мног оне удалось, но методика себя подтвердила, работает.
    Написано

  • Как восстановить данные на htc butterfly после factory reset?

    saibaneko
    @saibaneko Автор вопроса
    [1]mobileuser@mobilehdd:~ > sudo mount -o force /media/mobileuser/IT_GARBAGE/mmcblk0p32.raw /mnt/
    mount: вы должны указать тип файловой системы

    [32]mobileuser@mobilehdd:~ > sudo mount -t ext4 -o force /media/mobileuser/IT_GARBAGE/mmcblk0p32.raw /mnt/
    mount: wrong fs type, bad option, bad superblock on /dev/loop0,
    missing codepage or helper program, or other error
    В некоторых случаях полезная информация может быть
    найдена в syslog — попробуйте dmesg | tail или что-то
    в этом роде

    [32]mobileuser@mobilehdd:~ > sudo mount -t ext3 -o force /media/mobileuser/IT_GARBAGE/mmcblk0p32.raw /mnt/
    mount: wrong fs type, bad option, bad superblock on /dev/loop0,
    missing codepage or helper program, or other error
    В некоторых случаях полезная информация может быть
    найдена в syslog — попробуйте dmesg | tail или что-то
    в этом роде

    [32]mobileuser@mobilehdd:~ > sudo mount -t ext3 /media/mobileuser/IT_GARBAGE/mmcblk0p32.raw /mnt/
    mount: wrong fs type, bad option, bad superblock on /dev/loop0,
    missing codepage or helper program, or other error
    В некоторых случаях полезная информация может быть
    найдена в syslog — попробуйте dmesg | tail или что-то
    в этом роде
    Написано

  • Как восстановить данные на htc butterfly после factory reset?

    saibaneko
    @saibaneko Автор вопроса
    Просит указать файловую систему. А если даю команду mount -t ext4 mmcblk0p32.raw /mnt/ то получаю:
    mount: wrong fs type, bad option, bad superblock on /dev/loop0, missing codepage or helper program, or other error
    Написано