Re: -p udp marking tcp packets ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, May 2, 2009 at 02:57, Salatiel Filho <salatiel.filho@xxxxxxxxx> wrote:
> i was having a strange behaviour marking packets in a new and updated
> router with kernel 2.6.29 and iptables 1.4.3 using an old script ,
> while it worked just fine on an old router.
> Trying to debug i found out this:
>
> # iptables  -p udp -t mangle -A PREROUTING -m state --state NEW -j LOG
> # iptables -nvL PREROUTING -t mangle
> Chain PREROUTING (policy ACCEPT 1491 packets, 232K bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>   34  5042 LOG        udp  --  *      *       0.0.0.0/0
> 0.0.0.0/0           state NEW LOG flags 0 level 4
>
> In the logs i can see: [Why are TCP packets being marked by that rule ?]
>
> May  2 02:54:01 OpenWrt user.warn kernel: IN=br-lan OUT=
> MAC=00:1a:70:fe:62:5c:00:1c:c0:82:25:c8:08:00 SRC=192.168.1.141
> DST=208.67.222.222 LEN=61 TOS=0x00 PREC=0x00 TTL=64 ID=3746 DF
> PROTO=UDP SPT=40824 DPT=53 LEN=41
> May  2 02:54:01 OpenWrt user.warn kernel: IN=br-lan OUT=
> MAC=00:1a:70:fe:62:5c:00:1c:c0:82:25:c8:08:00 SRC=192.168.1.141
> DST=74.125.45.18 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=63870 DF
> PROTO=TCP SPT=55145 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0
> May  2 02:54:02 OpenWrt user.warn kernel: IN=br-lan OUT=
> MAC=00:1a:70:fe:62:5c:00:1c:c0:82:25:c8:08:00 SRC=192.168.1.141
> DST=208.67.222.222 LEN=73 TOS=0x00 PREC=0x00 TTL=64 ID=3964 DF
> PROTO=UDP SPT=50636 DPT=53 LEN=53
> May  2 02:54:02 OpenWrt user.warn kernel: IN=br-lan OUT=
> MAC=00:1a:70:fe:62:5c:00:1c:c0:82:25:c8:08:00 SRC=192.168.1.141
> DST=74.125.45.189 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=60402 DF
> PROTO=TCP SPT=41692 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0
> May  2 02:54:05 OpenWrt user.warn kernel: IN=br-lan OUT=
> MAC=00:1a:70:fe:62:5c:00:1c:c0:82:25:c8:08:00 SRC=192.168.1.141
> DST=208.69.36.132 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=18184 DF
> PROTO=TCP SPT=43497 DPT=995 WINDOW=5840 RES=0x00 SYN URGP=0
> May  2 02:54:06 OpenWrt user.warn kernel: IN=br-lan OUT=
> MAC=00:1a:70:fe:62:5c:00:1c:c0:82:25:c8:08:00 SRC=192.168.1.141
> DST=74.125.45.18 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=2765 DF PROTO=TCP
> SPT=47733 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0
> May  2 02:54:06 OpenWrt user.warn kernel: IN=br-lan OUT=
> MAC=00:1a:70:fe:62:5c:00:1c:c0:82:25:c8:08:00 SRC=192.168.1.141
> DST=74.125.45.18 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=28286 DF
> PROTO=TCP SPT=47734 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0
>
>
>
>
> --
>
> []'s
> Salatiel
>
> "O maior prazer do inteligente é bancar o  idiota
>   diante de um  idiota que banca o inteligente".
>

-p tcp is also matching against udp packets ...
Noone else having this behaviour ?

-- 
[]'s
Salatiel

"O maior prazer do inteligente é bancar o  idiota
   diante de um  idiota que banca o inteligente".
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux