Re: Help me... please

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have tried to remove de "-m state --state" but nothing change.
I have attached the section of the firewall log file with the defect. Look to the first and to the last line.....


thank. Marco


---------- Initial Header -----------

>From      : netfilter-owner@xxxxxxxxxxxxxxx
To          : "Anatoly Muliarski" x86ever@xxxxxxxxx
Cc          : "netfilter" netfilter@xxxxxxxxxxxxxxx
Date      : Sat, 02 Aug 2008 10:10:45 +0200
Subject : Re: Help me... please







> Anatoly Muliarski wrote:
> > Hi,
> >
> > You should remove -m state --state NEW statements because they track 
> > only START of connections.
> >
>
>
> Or you can accept the established and related _before_ to the other rules.
>
> $IPTABLES -I INPUT 1 [FORWARD] -m state --state RELATED,ESTABLISHED -j 
> ACCEPT
>
> However, can you send us the log that drop the traffic on the rule_39 ?
>
> Michele
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Aug  2 10:54:01 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.1.54 DST=209.62.179.57 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=21164 DF PROTO=TCP SPT=1617 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Aug  2 10:54:01 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.25 DST=151.99.125.3 LEN=72 TOS=0x00 PREC=0x00 TTL=124 ID=54181 PROTO=UDP SPT=1076 DPT=53 LEN=52
Aug  2 10:54:03 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.25 DST=151.99.125.2 LEN=72 TOS=0x00 PREC=0x00 TTL=124 ID=54182 PROTO=UDP SPT=1076 DPT=53 LEN=52
Aug  2 10:54:03 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.25 DST=151.99.125.3 LEN=72 TOS=0x00 PREC=0x00 TTL=124 ID=54183 PROTO=UDP SPT=1076 DPT=53 LEN=52
Aug  2 10:54:04 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.30 DST=151.99.125.2 LEN=62 TOS=0x00 PREC=0x00 TTL=124 ID=6672 PROTO=UDP SPT=1026 DPT=53 LEN=42
Aug  2 10:54:04 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.1.54 DST=209.62.179.57 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=21230 DF PROTO=TCP SPT=1617 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Aug  2 10:54:04 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.100 DST=151.99.125.2 LEN=84 TOS=0x00 PREC=0x00 TTL=60 ID=65453 PROTO=ICMP TYPE=8 CODE=0 ID=456 SEQ=0
Aug  2 10:54:05 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.30 DST=151.99.125.3 LEN=62 TOS=0x00 PREC=0x00 TTL=124 ID=6673 PROTO=UDP SPT=1026 DPT=53 LEN=42
Aug  2 10:54:05 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.100 DST=151.99.125.2 LEN=84 TOS=0x00 PREC=0x00 TTL=60 ID=65458 PROTO=ICMP TYPE=8 CODE=0 ID=456 SEQ=1
Aug  2 10:54:06 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.30 DST=151.99.125.2 LEN=62 TOS=0x00 PREC=0x00 TTL=124 ID=6687 PROTO=UDP SPT=1026 DPT=53 LEN=42
Aug  2 10:54:06 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.100 DST=151.99.125.3 LEN=84 TOS=0x00 PREC=0x00 TTL=60 ID=65463 PROTO=ICMP TYPE=8 CODE=0 ID=456 SEQ=0
Aug  2 10:54:07 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.100 DST=151.99.125.3 LEN=84 TOS=0x00 PREC=0x00 TTL=60 ID=65468 PROTO=ICMP TYPE=8 CODE=0 ID=456 SEQ=1
Aug  2 10:54:07 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.25 DST=151.99.125.2 LEN=72 TOS=0x00 PREC=0x00 TTL=124 ID=54184 PROTO=UDP SPT=1076 DPT=53 LEN=52
Aug  2 10:54:07 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.25 DST=151.99.125.3 LEN=72 TOS=0x00 PREC=0x00 TTL=124 ID=54185 PROTO=UDP SPT=1076 DPT=53 LEN=52
Aug  2 10:54:08 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.30 DST=151.99.125.2 LEN=62 TOS=0x00 PREC=0x00 TTL=124 ID=6688 PROTO=UDP SPT=1026 DPT=53 LEN=42
Aug  2 10:54:08 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.30 DST=151.99.125.3 LEN=62 TOS=0x00 PREC=0x00 TTL=124 ID=6689 PROTO=UDP SPT=1026 DPT=53 LEN=42
Aug  2 10:54:09 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.34 DST=151.99.125.3 LEN=62 TOS=0x00 PREC=0x00 TTL=124 ID=9984 PROTO=UDP SPT=4911 DPT=53 LEN=42
Aug  2 10:54:10 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT= MAC=01:00:5e:00:00:01:00:20:1a:21:a2:21:08:00 SRC=192.168.1.65 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=7895 PROTO=2
Aug  2 10:54:10 fwlbsede kernel: RULE 39 -- DENY IN=eth1 OUT=eth0 SRC=192.168.2.34 DST=151.99.125.3 LEN=62 TOS=0x00 PREC=0x00 TTL=124 ID=9999 PROTO=UDP SPT=4911 DPT=53 LEN=42
Aug  2 10:54:10 fwlbsede kernel: RULE 8 -- ACCEPT IN=eth1 OUT=eth0 SRC=192.168.1.54 DST=209.62.179.57 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=21338 DF PROTO=TCP SPT=1617 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux