Can someone please explain to a newbie?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am using giptables to help setup iptables on two RH7.3 boxes.  These
two are sibling proxies in our organization.  The two have basically
identical rulesets, but one gets many of the following logged to the
syslog while the other very few:

Aug 11 13:57:10 webfilter2 kernel: giptables-end-of-firewall: IN=
OUT=eth0 SRC=10.129.130.5 DST=10.129.184.28 LEN=40 TOS=0x00 PREC=0x00
TTL=64 ID=33149 DF PROTO=TCP SPT=8080 DPT=1100 WINDOW=5840 RES=0x00 ACK
FIN URGP=0
Aug 11 13:57:12 webfilter2 kernel: giptables-end-of-firewall: IN=
OUT=eth0 SRC=10.129.130.5 DST=10.129.184.31 LEN=40 TOS=0x00 PREC=0x00
TTL=64 ID=37565 DF PROTO=TCP SPT=8080 DPT=1660 WINDOW=5840 RES=0x00 ACK
FIN URGP=0
Aug 11 14:02:43 webfilter2 kernel: giptables-end-of-firewall: IN=
OUT=eth0 SRC=10.129.130.5 DST=10.129.184.22 LEN=40 TOS=0x00 PREC=0x00
TTL=64 ID=646 DF PROTO=TCP SPT=8080 DPT=2163 WINDOW=5840 RES=0x00 ACK
FIN URGP=0
Aug 11 14:04:21 webfilter2 kernel: giptables-end-of-firewall: IN=
OUT=eth0 SRC=10.129.130.5 DST=10.129.134.27 LEN=40 TOS=0x00 PREC=0x00
TTL=64 ID=47763 DF PROTO=TCP SPT=8080 DPT=1308 WINDOW=5840 RES=0x00 ACK
FIN URGP=0

But I have the following rules generated by giptables:

iptables -A interface0_in -p tcp -s 10.129.134.0/23 --sport 1024:65535
-d 10.129.130.5 --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A interface0_out -p tcp -s 10.129.130.5 --sport 8080 -d
10.129.134.0/23 --dport 1024:65535 -m state --state ESTABLISHED -j
ACCEPT
iptables -A interface0_in -p tcp -s 10.129.184.0/23 --sport 1024:65535
-d 10.129.130.5 --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A interface0_out -p tcp -s 10.129.130.5 --sport 8080 -d
10.129.184.0/23 --dport 1024:65535 -m state --state ESTABLISHED -j
ACCEPT
iptables -A interface0_in -p tcp -s 172.16.0.0/25 --sport 1024:65535 -d
10.129.130.5 --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A interface0_out -p tcp -s 10.129.130.5 --sport 8080 -d
172.16.0.0/25 --dport 1024:65535
-m state --state ESTABLISHED -j ACCEPT
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux