JTHs forslag til standardkonfiguration v. 1.10 for router <--> server (netkort-1, 192.168.1.3) server (netkort-2, 192.168.1.2) <--> hub <--> LAN a.b.c.d = den offentlige IP-adresse === VERSION === SpeedStream 5711 ATM25 Router (120-5711-001) Efficient-5000 BOOT/POST V5.9.3 (25-Apr-00 16:19) Software version v4.0.1 built Wed May 3 18:05:01 PDT 2000 Maximum users: unlimited Options: ATM25, RFC1483, IP ROUTING, IP FILTERING, WEB, ~IPSEC, ~3DES, ~L2TP, ~ENCRYPT, BRIDGE, IPX Up for 0 days 0 hours 3 minutes (started 3/4/2001 at 2:31) === SYSTEM === GENERAL INFORMATION FOR System started on.................... 3/4/2001 at 2:31 Authentication override.............. none Server(s) (IP Translation) .......... 192.168.1.2 proto-TCP port-20-TELNET 192.168.1.2 proto-UDP port-22 192.168.1.2 proto-TCP port-SMTP 192.168.1.2 proto-UDP port-SMTP 192.168.1.2 proto-TCP port-53 192.168.1.2 proto-UDP port-53 192.168.1.2 proto-TCP port-HTTP 192.168.1.2 proto-UDP port-HTTP 192.168.1.2 proto-TCP port-110 192.168.1.2 proto-UDP port-110 192.168.1.2 proto-TCP port-143 192.168.1.2 proto-UDP port-143 192.168.1.2 proto-TCP port-443 192.168.1.2 proto-UDP port-443 192.168.1.6 proto-UDP port-50600-50619 192.168.1.6 proto-TCP port-50600-50619 192.168.1.7 proto-UDP port-50700-50719 192.168.1.7 proto-TCP port-50700-50719 192.168.1.8 proto-UDP port-50800-50819 192.168.1.8 proto-TCP port-50800-50819 192.168.1.106 proto-UDP port-51600-51619 192.168.1.106 proto-TCP port-51600-51619 192.168.1.107 proto-UDP port-51700-51719 192.168.1.107 proto-TCP port-51700-51719 192.168.1.108 proto-UDP port-51800-51819 192.168.1.108 proto-TCP port-51800-51819 WAN to WAN Forwarding................ yes Block NetBIOS Default................ no BOOTP/DHCP Server address............ none Telnet Port.......................... default (23) Telnet Clients....................... 193.162.146.71 to 193.162.146.72 LAN a.b.c.d SNMP Port............................ default (161) SNMP Clients......................... 193.162.146.71 to 193.162.146.72 LAN a.b.c.d HTTP Port............................ default (80) HTTP Clients......................... LAN a.b.c.d Syslog Port.......................... disabled (0) Allowed Syslog Servers............... LAN Default Syslog Servers............... none System message: Security timer....................... 10 minutes One WAN Dial Up...................... no 193.162.146.71 through 193.162.146.72 uses IP Routing Table 195.249.4.165 uses IP Routing Table === ETHERNET === GLOBAL BRIDGING/ROUTING SETTINGS: Bridging enabled..................... no Exchange spanning tree with dest... yes Bridge only PPPoE with dest........ no IP Routing enabled................... yes Multicast forwarding enabled....... no Firewall filter enabled ........... yes Directed Broadcasts Allowed........ no RIP Multicast address.............. default IPX Routing enabled.................. no ETHERNET INFORMATION FOR Hardware MAC address................. 00:20:6F:08:7C:9D Send IP RIP to the LAN............... rip-1 compatible Advertise me as default router..... yes Process IP RIP packets received...... rip-1 compatible Receive default route by RIP....... yes IP filters defined................... yes IP address/subnet mask............... 192.168.1.1/255.255.255.0 Management IP address/subnet mask.... 0.0.0.0/0.0.0.0 Static Ethernet routes defined....... 7 IP address/subnet mask............. a.b.c.d/255.255.255.255 IP gateway/metric.................. 192.168.1.2/3 IP address/subnet mask............. 192.168.1.6/255.255.255.255 IP gateway/metric.................. 192.168.1.2/3 IP address/subnet mask............. 192.168.1.8/255.255.255.255 IP gateway/metric.................. 192.168.1.2/3 IP address/subnet mask............. 192.168.1.7/255.255.255.255 IP gateway/metric.................. 192.168.1.2/3 IP address/subnet mask............. 192.168.1.106/255.255.255.255 IP gateway/metric.................. 192.168.1.2/3 IP address/subnet mask............. 192.168.1.107/255.255.255.255 IP gateway/metric.................. 192.168.1.2/3 IP address/subnet mask............. 192.168.1.108/255.255.255.255 IP gateway/metric.................. 192.168.1.2/3 Virtual Ethernet routes defined...... 1 IP address/subnet mask............. a.b.c.d/255.255.255.255 IP gateway/metric.................. 0.0.0.0/1 through IPX External network number.......... 00000000 IPX Frame type....................... 802.2 MTU.................................. default === DHCP === BOOTP/DHCP Relay address ..... none bootp server ................. none bootp file ................... n/a DOMAINNAMESERVER|DNS (6) ..... 193.162.159.194 193.162.145.130 Subnet 192.168.1.0, enabled When DHCP servers are active . stop Mask ......................... 255.255.255.0 first ip address ............. 192.168.1.6 last ip address .............. 192.168.1.100 lease ........................ default bootp ........................ not allowed bootp server ................. none bootp file ................... n/a === REMOTE DATABASE === INFORMATION FOR Status............................... enabled Interface in use..................... HSD Protocol in use...................... RAW IP ATM traffic shaping...................no Connection Identifier (VPI*VCI)...... 0*101 IP address translation............... on IP filters defined................... yes Send/Receive Multicast............... off Block NetBIOS Packets................ on Source IP address/subnet mask........ a.b.c.d/255.255.255.255 Remote IP address/subnet mask........ 0.0.0.0/0.0.0.0 Management IP address/subnet mask.... 0.0.0.0/0.0.0.0 Send IP RIP to this dest............. no Send IP default route if known..... no Receive IP RIP from this dest........ no Receive IP default route by RIP.... no Keep this IP destination private..... yes Total IP remote routes............... 1 0.0.0.0/255.255.255.255/1 IPX network number................... 00000000 Use IPX RIP/SAP (negotiate with PPP): yes Total IPX remote routes.............. 0 Total IPX SAPs....................... 0 Bridging enabled..................... no Exchange spanning tree with dest... yes Bridge only PPPoE with dest........ no mtu.................................. 1500 === INTERFACES === Interface Speed In % Out % Protocol State Connection ETHERNET/0 10.0mb 0%/0% 0%/0% (Ethernet) OPENED ATM-25/0 8.0mb D 0%/0% (ATM) OPENED 253kb U 0%/0% (ATM) OPENED ATM-VC/1 8.0mb D 0%/0% (IP) OPENED to internet 253kb U 0%/0% (IP) OPENED to internet CONSOLE/0 9600 b 0%/0% 0%/0% (TTY) OPENED === PPP === === BRIDGING === Bridging is disabled Bridging is disabled === ARP TABLE === IP Addr Mac Address Interface 192.168.1.2 00:00:21:23:1D:13 ETHERNET/0 192.168.1.3 00:00:21:23:1D:13 ETHERNET/0 224.0.0.9 01:00:5E:00:00:09 ETHERNET/0 === IP ROUTES === IP route / Mask --> Gateway Interface Hops Flags 0.0.0.0 /00000000 --> internet ATM-VC/1 1 NW FW PRM DOD RP1 RP2 192.168.1.0 /ffffff00 --> 0.0.0.0 ETHERNET/0 1 NW FW DIR PRM RP1 RP2 192.168.1.1 /ffffffff --> 0.0.0.0 ETHERNET/0 0 ME 192.168.1.6 /ffffffff --> 192.168.1.2 ETHERNET/0 3 FW PRM RP2 192.168.1.7 /ffffffff --> 192.168.1.2 ETHERNET/0 3 FW PRM RP2 192.168.1.8 /ffffffff --> 192.168.1.2 ETHERNET/0 3 FW PRM RP2 192.168.1.106 /ffffffff --> 192.168.1.2 ETHERNET/0 3 FW PRM RP2 192.168.1.107 /ffffffff --> 192.168.1.2 ETHERNET/0 3 FW PRM RP2 192.168.1.108 /ffffffff --> 192.168.1.2 ETHERNET/0 3 FW PRM RP2 a.b.c.d/ffffffff --> 192.168.1.2 ETHERNET/0 3 FW PRM RP2 224.0.0.9 /ffffffff --> 0.0.0.0 [none] 0 ME 255.255.255.255/ffffffff --> 0.0.0.0 [none] 0 NW PRM IP Source Routing Table IP Source Address Ranges:193.162.146.71 through 193.162.146.72 195.249.4.165 0.0.0.0 /00000000 --> 0.0.0.0 [none] 0 NW PRV a.b.c.d/ffffffff --> 0.0.0.0 ETHERNET/0 1 FW DIR PRM RP2 255.255.255.255/ffffffff --> 0.0.0.0 [none] 0 NW PRM === IP IFS === ATM-VC/1 a.b.c.d (FFFFFFFF) dest 0.0.0.0 sub a.b.c.d net a.b.c.0 (FFFFFF00) Point-To-Point mtu 1500 ETHERNET/0 192.168.1.1 (FFFFFF00) dest 0.0.0.0 sub 192.168.1.0 net 192.168.1.0 (FFFFFF00) BROADCAST mtu 1500 === IPX ROUTES === No IPX sessions are active. === IPX SAPS === No IPX sessions are active. === L2TP TUNNELS === L2TP is not allowed === IP FILTERS === Begin IPFilters for internet # watching for dropped/rejected packets is OFF # Begin rules for input list remote ipfilter flush input internet remote ipfilter insert 0 input drop -c 0 -sa 0.0.0.0 -sm 255.0.0.0 internet remote ipfilter insert 1 input drop -c 0 -sa 10.0.0.0 -sm 255.0.0.0 internet remote ipfilter insert 2 input drop -c 0 -sa 127.0.0.0 -sm 255.0.0.0 internet remote ipfilter insert 3 input drop -c 0 -sa 172.16.0.0:172.31.255.255 internet remote ipfilter insert 4 input drop -c 0 -sa 192.168.0.0 -sm 255.255.0.0 internet remote ipfilter insert 5 input accept -c 0 -p icmp -dp 0 internet remote ipfilter insert 6 input accept -c 0 -p icmp -dp 3:4 internet remote ipfilter insert 7 input accept -c 0 -p icmp -sa 193.162.146.71:193.162.146.72 -dp 0 internet remote ipfilter insert 8 input accept -c 0 -p icmp -sa 193.162.146.71:193.162.146.72 -dp 8 internet remote ipfilter insert 9 input accept -c 0 -p icmp -sa 195.249.4.165 -dp 0 internet remote ipfilter insert 10 input accept -c 0 -p icmp -sa 195.249.4.165 -dp 8 internet remote ipfilter insert 11 input drop -c 0 -v -dp 445 internet remote ipfilter insert 12 input drop -c 0 -p icmp internet remote ipfilter insert 13 input drop -c 0 -sa a.b.c.d internet remote ipfilter insert 14 input accept -c 0 -da a.b.c.d internet remote ipfilter insert 15 input drop -c 0 internet # End rules for input list # Begin rules for output list remote ipfilter flush output internet remote ipfilter insert 0 output accept -c 0 -v -p icmp -sp 8 internet remote ipfilter insert 1 output accept -c 0 -da 193.162.146.71:193.162.146.72 internet remote ipfilter insert 2 output accept -c 0 -da 195.249.4.165 internet remote ipfilter insert 3 output drop -c 0 -p icmp internet # End rules for output list # Begin rules for forward list remote ipfilter flush forward internet # End rules for forward list End IPFilters for internet Begin IPFilters for (ETHERNET/0) # watching for dropped/rejected packets is OFF # Begin rules for input list eth ip filter flush input 0 eth ip filter insert 0 input drop -c 0 -da 193.162.146.71:193.162.146.72 0 # End rules for input list # Begin rules for output list eth ip filter flush output 0 # End rules for output list # Begin rules for forward list eth ip filter flush forward 0 # End rules for forward list End IPFilters for (ETHERNET/0) === END OF TECH SUPPORT DATA #