Re: Mystics of packet forwarding

Artūras Šlajus <x11@xxxxxxxxxxx> · Wed, 07 Jan 2009 10:43:32 +0200

Some more debugging info:

netcat to digg.com 80 with no firewall (TRACE target on raw OUTPUT)

Jan  6 22:19:36 gw TRACE: raw:OUTPUT:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=39286 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687857 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:19:36 gw TRACE: mangle:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=39286 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687857 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:19:36 gw TRACE: nat:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=39286 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687857 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:19:36 gw TRACE: filter:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=39286 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687857 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:19:36 gw TRACE: mangle:POSTROUTING:policy IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=39286 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687857 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:19:36 gw TRACE: nat:POSTROUTING:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=39286 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687857 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:19:36 gw TRACE: raw:OUTPUT:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39287 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK URGP=0
Jan  6 22:19:36 gw TRACE: mangle:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39287 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK URGP=0
Jan  6 22:19:36 gw TRACE: filter:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39287 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK URGP=0
Jan  6 22:19:36 gw TRACE: mangle:POSTROUTING:policy IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39287 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK URGP=0
Jan  6 22:19:41 gw TRACE: raw:OUTPUT:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39288 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK FIN URGP=0
Jan  6 22:19:41 gw TRACE: mangle:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39288 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK FIN URGP=0
Jan  6 22:19:41 gw TRACE: filter:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39288 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK FIN URGP=0
Jan  6 22:19:41 gw TRACE: mangle:POSTROUTING:policy IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39288 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687858 ACK=2594171353 WINDOW=5840 ACK FIN URGP=0
Jan  6 22:19:41 gw TRACE: raw:OUTPUT:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39289 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687859 ACK=2594171354 WINDOW=5840 ACK URGP=0
Jan  6 22:19:41 gw TRACE: mangle:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39289 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687859 ACK=2594171354 WINDOW=5840 ACK URGP=0
Jan  6 22:19:41 gw TRACE: filter:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39289 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687859 ACK=2594171354 WINDOW=5840 ACK URGP=0
Jan  6 22:19:41 gw TRACE: mangle:POSTROUTING:policy IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39289 CE DF 
PROTO=TCP SPT=50725 DPT=80 SEQ=3378687859 ACK=2594171354 WINDOW=5840 ACK URGP=0

with firewall

Jan  6 22:20:28 gw TRACE: raw:OUTPUT:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24393 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:28 gw TRACE: mangle:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24393 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:28 gw TRACE: nat:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24393 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:28 gw TRACE: filter:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24393 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:28 gw TRACE: mangle:POSTROUTING:policy IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24393 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:28 gw TRACE: nat:POSTROUTING:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24393 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:31 gw TRACE: raw:OUTPUT:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24394 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:31 gw TRACE: mangle:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24394 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:31 gw TRACE: filter:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24394 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:31 gw TRACE: mangle:POSTROUTING:policy IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24394 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:37 gw TRACE: raw:OUTPUT:policy:2  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24395 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:37 gw TRACE: mangle:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24395 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:37 gw TRACE: filter:OUTPUT:policy:1  IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24395 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0
Jan  6 22:20:37 gw TRACE: mangle:POSTROUTING:policy IN= OUT=eth1 MAC= 
SRC=87.247.77.88 DST=64.191.203.30 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=24395 DF 
PROTO=TCP SPT=58290 DPT=80 SEQ=4208670647 ACK=0 WINDOW=5840 SYN URGP=0

It seems that it never goes to ack somehow :(
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html