iptables help needed
Simon Slater
pyevet at aapt.net.au
Tue Jun 3 12:11:00 UTC 2008
On Tue, 2008-06-03 at 18:17 +1000, Simon Slater wrote:
> On Tue, 2008-06-03 at 09:21 +0200, François Patte wrote:
> > I don't understand what you mean by "reset".
>
> Sorry François, I meant the TCP packet returned from the gateway has the
> flags reset and ack set, even after the command iptables -F.
>
> I will try this script now and post back.
>
I have run the script but the results may be a little unexpected.
Following are messages from the script. None are as a result of
requesting web pages from the laptop, which still has the message that
the proxy server is refusing requests and wireshark shows the same
patterns. These logged packets are when Evolution is fetching the
email.
Here is the output:
[root at ipex ~]# tail -20 /var/log/messages
Jun 3 21:53:42 ipex pppd[8030]: pppd 2.4.4 started by root, uid 0
Jun 3 21:53:43 ipex pppd[8030]: Using interface ppp0
Jun 3 21:53:43 ipex pppd[8030]: Connect: ppp0 <--> /dev/ttyS0
Jun 3 21:53:44 ipex pppd[8030]: PAP authentication succeeded
Jun 3 21:53:45 ipex pppd[8030]: local IP address 59.101.170.218
Jun 3 21:53:45 ipex pppd[8030]: remote IP address 210.8.1.253
Jun 3 21:53:45 ipex pppd[8030]: primary DNS address 203.8.183.1
Jun 3 21:53:45 ipex pppd[8030]: secondary DNS address 192.189.54.33
Jun 3 21:53:58 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=34324 DF PROTO=TCP SPT=50647 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:54:01 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=34325 DF PROTO=TCP SPT=50647 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:54:07 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=34326 DF PROTO=TCP SPT=50647 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:54:19 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=34327 DF PROTO=TCP SPT=50647 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:54:43 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=34328 DF PROTO=TCP SPT=50647 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:55:31 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=34329 DF PROTO=TCP SPT=50647 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:59:46 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=44508 DF PROTO=TCP SPT=41149 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:59:49 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=44509 DF PROTO=TCP SPT=41149 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 21:59:55 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=44510 DF PROTO=TCP SPT=41149 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 22:00:07 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=44511 DF PROTO=TCP SPT=41149 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 22:00:31 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=44512 DF PROTO=TCP SPT=41149 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 3 22:01:19 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.170.218 DST=210.10.73.252 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=44513 DF PROTO=TCP SPT=41149 DPT=110 WINDOW=5840 RES=0x00 SYN URGP=0
[root at ipex ~]#
Hope this helps.
--
Regards,
Simon
More information about the fedora-list
mailing list