Thanks to Richard Doyle I think I finally identified the final
customizations that allowed me to connect to my Bering firewall, and then
it connected to the ISP. Today I was on for an hour, then echo losses
shut it down. I tried many times to reconnect using the browser client,
all failed. I don't have access to the ISP's logs so I can match-up what
it thought was wrong. But between 11:05-11:20 you'll see time gaps in
daemon.log where I continued to try, and Firebird just timed-out, so I
kept going back to the weblet to check on the logs, but none of those
connection attempts show up in the logs. (Using "demand" ppp
connection.) After a few minutes break I grabbed these files then
rebooted the firewall, and then everything worked again.
One would think if it were line problems one of the many reconnect
attempts would have gotten through. And I notice in the daemon.log
sometimes ppp sent the AuthReq UID string once, twice, or 9 times!
Questions: 1) I'm wondering if something in the sign-on could have been
corrupted. Any way to get more information about the causes of the
failues? 2) Why weren't the subsequent attempts to connect logged?
==Files:
==version:
Linux foxfire 2.4.20 #1 Sun May 11 18:53:34 CEST 2003 i586 unknown
==route:
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.254
==address:
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:60:97:22:82:7d brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth0
==daemon.log
Nov 15 09:49:03 foxfire pppd[12823]: pppd 2.4.1 started by root, uid 0
Nov 15 09:49:03 foxfire pppd[12823]: Using interface ppp0
Nov 15 09:49:03 foxfire pppd[12823]: Cannot determine ethernet address
for proxy ARP
Nov 15 09:49:03 foxfire pppd[12823]: local IP address 10.64.64.64
Nov 15 09:49:03 foxfire pppd[12823]: remote IP address 10.112.112.112
Nov 15 09:49:05 foxfire init: Entering runlevel: 2
Nov 15 09:54:10 foxfire sh-httpd[1620]: connect from 192.168.1.102
Nov 15 09:54:10 foxfire sh-httpd[9614]: connect from 192.168.1.102
Nov 15 09:54:11 foxfire sh-httpd[19375]: connect from 192.168.1.102
Nov 15 09:54:13 foxfire sh-httpd[13767]: connect from 192.168.1.102
Nov 15 09:54:36 foxfire sh-httpd[23729]: connect from 192.168.1.102
Nov 15 09:54:38 foxfire sh-httpd[3937]: connect from 192.168.1.102
Nov 15 09:54:48 foxfire sh-httpd[25265]: connect from 192.168.1.102
Nov 15 09:54:51 foxfire sh-httpd[22749]: connect from 192.168.1.102
Nov 15 09:54:52 foxfire sh-httpd[17582]: connect from 192.168.1.102
Nov 15 09:55:23 foxfire sh-httpd[23642]: connect from 192.168.1.102
Nov 15 09:55:29 foxfire pppd[12823]: Starting link
Nov 15 09:55:58 foxfire pppd[12823]: Serial connection established.
Nov 15 09:55:58 foxfire pppd[12823]: using channel 1
Nov 15 09:55:58 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP ConfReq id=0x1 <mru 576>
<asyncmap 0x0> <magic 0x8a6091e6> <pcomp> <accomp>]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 6f 01>]
Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 6f 01>]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x1 <mru 576>
<asyncmap 0x0> <magic 0x8a6091e6> <pcomp> <accomp>]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0x8a6091e6]
Nov 15 09:55:59 foxfire pppd[12823]: sent [PAP AuthReq id=0x1
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [PAP AuthAck id=0x1 ""]
Nov 15 09:55:59 foxfire pppd[12823]: sent [IPCP ConfReq id=0x1 <addr
0.0.0.0> <compress VJ 0f 01>]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [IPCP ConfReq id=0x1 <compress
VJ 0f 01> <addr 209.102.126.5>]
Nov 15 09:55:59 foxfire pppd[12823]: sent [IPCP ConfAck id=0x1 <compress
VJ 0f 01> <addr 209.102.126.5>]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [CCP ConfReq id=0x1 < 11 05 00
01 04>]
Nov 15 09:55:59 foxfire pppd[12823]: sent [CCP ConfReq id=0x1]
Nov 15 09:55:59 foxfire pppd[12823]: sent [CCP ConfRej id=0x1 < 11 05 00
01 04>]
Nov 15 09:55:59 foxfire pppd[12823]: rcvd [IPCP ConfNak id=0x1 <addr
209.102.126.143>]
Nov 15 09:55:59 foxfire pppd[12823]: sent [IPCP ConfReq id=0x2 <addr
209.102.126.143> <compress VJ 0f 01>]
Nov 15 09:56:00 foxfire pppd[12823]: rcvd [CCP ConfRej id=0x1]
Nov 15 09:56:00 foxfire pppd[12823]: rcvd [CCP ConfReq id=0x2 < 11 06 00
01 01 03>]
Nov 15 09:56:00 foxfire pppd[12823]: sent [CCP ConfReq id=0x2]
Nov 15 09:56:00 foxfire pppd[12823]: sent [CCP ConfRej id=0x2 < 11 06 00
01 01 03>]
Nov 15 09:56:00 foxfire pppd[12823]: rcvd [IPCP ConfAck id=0x2 <addr
209.102.126.143> <compress VJ 0f 01>]
Nov 15 09:56:00 foxfire pppd[12823]: Local IP address changed to
209.102.126.143
Nov 15 09:56:00 foxfire pppd[12823]: Remote IP address changed to
209.102.126.5
Nov 15 09:56:00 foxfire pppd[12823]: Cannot determine ethernet address
for proxy ARP
Nov 15 09:56:00 foxfire pppd[12823]: sent [IP data] 45 1b 00 40 b2 00 40
00 ...
Nov 15 09:56:00 foxfire pppd[12823]: Script /etc/ppp/ip-up started (pid
11853)
Nov 15 09:56:00 foxfire pppd[12823]: rcvd [CCP ConfRej id=0x2]
Nov 15 09:56:00 foxfire pppd[12823]: Script /etc/ppp/ip-up finished (pid
11853), status = 0x100
Nov 15 09:56:08 foxfire sh-httpd[7591]: connect from 192.168.1.102
Nov 15 09:56:10 foxfire sh-httpd[2126]: connect from 192.168.1.102
Nov 15 09:56:16 foxfire sh-httpd[12451]: connect from 192.168.1.102
Nov 15 09:56:18 foxfire sh-httpd[23228]: connect from 192.168.1.102
Nov 15 09:56:20 foxfire sh-httpd[3009]: connect from 192.168.1.102
Nov 15 09:56:29 foxfire pppd[12823]: sent [LCP EchoReq id=0x1
magic=0x8a6091e6]
Nov 15 09:56:29 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x1 magic=0x0]
Nov 15 09:56:42 foxfire sh-httpd[25150]: connect from 192.168.1.102
Nov 15 09:56:59 foxfire pppd[12823]: sent [LCP EchoReq id=0x2
magic=0x8a6091e6]
[many echos edited out]
Nov 15 10:56:00 foxfire pppd[12823]: sent [LCP EchoReq id=0x78
magic=0x8a6091e6]
Nov 15 10:56:01 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x78 magic=0x0]
Nov 15 10:56:30 foxfire pppd[12823]: sent [LCP EchoReq id=0x79
magic=0x8a6091e6]
Nov 15 10:57:00 foxfire pppd[12823]: sent [LCP EchoReq id=0x7a
magic=0x8a6091e6]
Nov 15 10:57:30 foxfire pppd[12823]: sent [LCP EchoReq id=0x7b
magic=0x8a6091e6]
Nov 15 10:58:00 foxfire pppd[12823]: sent [LCP EchoReq id=0x7c
magic=0x8a6091e6]
Nov 15 10:58:30 foxfire pppd[12823]: No response to 4 echo-requests
Nov 15 10:58:30 foxfire pppd[12823]: Serial link appears to be
disconnected.
Nov 15 10:58:30 foxfire pppd[12823]: Script /etc/ppp/ip-down started (pid
2641)
Nov 15 10:58:30 foxfire pppd[12823]: sent [LCP TermReq id=0x2 "Peer not
responding"]
Nov 15 10:58:30 foxfire pppd[12823]: Script /etc/ppp/ip-down finished
(pid 2641), status = 0x100
Nov 15 10:58:32 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 10:58:32 foxfire pppd[12823]: Modem hangup
Nov 15 10:58:32 foxfire pppd[12823]: Connection terminated.
Nov 15 10:58:32 foxfire pppd[12823]: Connect time 62.6 minutes.
Nov 15 10:58:32 foxfire pppd[12823]: Sent 341264 bytes, received 1365635
bytes.
Nov 15 10:59:04 foxfire pppd[12823]: Starting link
Nov 15 10:59:33 foxfire pppd[12823]: Serial connection established.
Nov 15 10:59:33 foxfire pppd[12823]: using channel 2
Nov 15 10:59:33 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 10:59:34 foxfire pppd[12823]: sent [LCP ConfReq id=0x3 <mru 576>
<asyncmap 0x0> <magic 0xc6abef19> <pcomp> <accomp>]
Nov 15 10:59:34 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 9a 01>]
Nov 15 10:59:34 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 9a 01>]
Nov 15 10:59:34 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x3 <mru 576>
<asyncmap 0x0> <magic 0xc6abef19> <pcomp> <accomp>]
Nov 15 10:59:34 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 10:59:34 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 10:59:34 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0xc6abef19]
Nov 15 10:59:34 foxfire pppd[12823]: sent [PAP AuthReq id=0x2
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 10:59:34 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 10:59:36 foxfire pppd[12823]: rcvd [PAP AuthNak id=0x2 ""]
Nov 15 10:59:36 foxfire pppd[12823]: PAP authentication failed
Nov 15 10:59:36 foxfire pppd[12823]: sent [LCP TermReq id=0x4 "Failed to
authenticate ourselves to peer"]
Nov 15 10:59:36 foxfire pppd[12823]: rcvd [LCP TermAck id=0x4]
Nov 15 10:59:36 foxfire pppd[12823]: Connection terminated.
Nov 15 10:59:36 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 10:59:36 foxfire pppd[12823]: Starting link
Nov 15 11:00:05 foxfire pppd[12823]: Serial connection established.
Nov 15 11:00:05 foxfire pppd[12823]: using channel 3
Nov 15 11:00:05 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:00:06 foxfire pppd[12823]: sent [LCP ConfReq id=0x5 <mru 576>
<asyncmap 0x0> <magic 0xe11b277d> <pcomp> <accomp>]
Nov 15 11:00:06 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 c8 00>]
Nov 15 11:00:06 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 c8 00>]
Nov 15 11:00:06 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x5 <mru 576>
<asyncmap 0x0> <magic 0xe11b277d> <pcomp> <accomp>]
Nov 15 11:00:07 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:00:07 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:00:07 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0xe11b277d]
Nov 15 11:00:07 foxfire pppd[12823]: sent [PAP AuthReq id=0x3
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:00:07 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:00:09 foxfire pppd[12823]: rcvd [PAP AuthNak id=0x3 ""]
Nov 15 11:00:09 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:00:09 foxfire pppd[12823]: sent [LCP TermReq id=0x6 "Failed to
authenticate ourselves to peer"]
Nov 15 11:00:09 foxfire pppd[12823]: rcvd [LCP TermAck id=0x6]
Nov 15 11:00:09 foxfire pppd[12823]: Connection terminated.
Nov 15 11:00:09 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:00:10 foxfire pppd[12823]: Starting link
Nov 15 11:00:38 foxfire pppd[12823]: Serial connection established.
Nov 15 11:00:38 foxfire pppd[12823]: using channel 4
Nov 15 11:00:38 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:00:39 foxfire pppd[12823]: sent [LCP ConfReq id=0x7 <mru 576>
<asyncmap 0x0> <magic 0x6c1a39f8> <pcomp> <accomp>]
Nov 15 11:00:40 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 33 01>]
Nov 15 11:00:40 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 33 01>]
Nov 15 11:00:40 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x7 <mru 576>
<asyncmap 0x0> <magic 0x6c1a39f8> <pcomp> <accomp>]
Nov 15 11:00:40 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:00:40 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:00:40 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0x6c1a39f8]
Nov 15 11:00:40 foxfire pppd[12823]: sent [PAP AuthReq id=0x4
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:00:40 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:00:43 foxfire pppd[12823]: sent [PAP AuthReq id=0x5
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:00:46 foxfire pppd[12823]: sent [PAP AuthReq id=0x6
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:00:49 foxfire pppd[12823]: sent [PAP AuthReq id=0x7
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:00:52 foxfire pppd[12823]: sent [PAP AuthReq id=0x8
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:00:55 foxfire pppd[12823]: sent [PAP AuthReq id=0x9
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:00:56 foxfire pppd[12823]: rcvd [PAP AuthNak id=0x9 ""]
Nov 15 11:00:56 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:00:56 foxfire pppd[12823]: sent [LCP TermReq id=0x8 "Failed to
authenticate ourselves to peer"]
Nov 15 11:00:56 foxfire pppd[12823]: rcvd [LCP TermAck id=0x8]
Nov 15 11:00:56 foxfire pppd[12823]: Connection terminated.
Nov 15 11:00:56 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:00:56 foxfire pppd[12823]: Starting link
Nov 15 11:00:58 foxfire pppd[12823]: Connect script failed
Nov 15 11:01:26 foxfire pppd[12823]: Starting link
Nov 15 11:01:43 foxfire sh-httpd[18760]: connect from 192.168.1.102
Nov 15 11:01:51 foxfire sh-httpd[27488]: connect from 192.168.1.102
Nov 15 11:01:53 foxfire sh-httpd[8952]: connect from 192.168.1.102
Nov 15 11:01:55 foxfire pppd[12823]: Serial connection established.
Nov 15 11:01:55 foxfire pppd[12823]: using channel 5
Nov 15 11:01:55 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:01:56 foxfire pppd[12823]: sent [LCP ConfReq id=0x9 <mru 576>
<asyncmap 0x0> <magic 0x5cc2eabf> <pcomp> <accomp>]
Nov 15 11:01:56 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 cc 00>]
Nov 15 11:01:56 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 cc 00>]
Nov 15 11:01:56 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x9 <mru 576>
<asyncmap 0x0> <magic 0x5cc2eabf> <pcomp> <accomp>]
Nov 15 11:01:57 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:01:57 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:01:57 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0x5cc2eabf]
Nov 15 11:01:57 foxfire pppd[12823]: sent [PAP AuthReq id=0xa
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:01:57 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:02:00 foxfire pppd[12823]: sent [PAP AuthReq id=0xb
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:02:00 foxfire pppd[12823]: rcvd [PAP AuthNak id=0xb ""]
Nov 15 11:02:00 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:02:00 foxfire pppd[12823]: sent [LCP TermReq id=0xa "Failed to
authenticate ourselves to peer"]
Nov 15 11:02:00 foxfire pppd[12823]: rcvd [LCP TermAck id=0xa]
Nov 15 11:02:00 foxfire pppd[12823]: Connection terminated.
Nov 15 11:02:00 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:02:01 foxfire pppd[12823]: Starting link
Nov 15 11:02:29 foxfire pppd[12823]: Serial connection established.
Nov 15 11:02:29 foxfire pppd[12823]: using channel 6
Nov 15 11:02:29 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:02:30 foxfire pppd[12823]: sent [LCP ConfReq id=0xb <mru 576>
<asyncmap 0x0> <magic 0x9bc2ae55> <pcomp> <accomp>]
Nov 15 11:02:30 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 a8 01>]
Nov 15 11:02:30 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 a8 01>]
Nov 15 11:02:30 foxfire pppd[12823]: rcvd [LCP ConfAck id=0xb <mru 576>
<asyncmap 0x0> <magic 0x9bc2ae55> <pcomp> <accomp>]
Nov 15 11:02:30 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:02:30 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:02:30 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0x9bc2ae55]
Nov 15 11:02:30 foxfire pppd[12823]: sent [PAP AuthReq id=0xc
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:02:31 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:02:33 foxfire pppd[12823]: rcvd [PAP AuthNak id=0xc ""]
Nov 15 11:02:33 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:02:33 foxfire pppd[12823]: sent [LCP TermReq id=0xc "Failed to
authenticate ourselves to peer"]
Nov 15 11:02:33 foxfire pppd[12823]: rcvd [LCP TermAck id=0xc]
Nov 15 11:02:33 foxfire pppd[12823]: Connection terminated.
Nov 15 11:02:33 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:02:35 foxfire pppd[12823]: Starting link
Nov 15 11:02:41 foxfire sh-httpd[30587]: connect from 192.168.1.102
Nov 15 11:02:43 foxfire sh-httpd[12887]: connect from 192.168.1.102
Nov 15 11:03:03 foxfire pppd[12823]: Serial connection established.
Nov 15 11:03:03 foxfire pppd[12823]: using channel 7
Nov 15 11:03:03 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:03:04 foxfire pppd[12823]: sent [LCP ConfReq id=0xd <mru 576>
<asyncmap 0x0> <magic 0x5a060421> <pcomp> <accomp>]
Nov 15 11:03:05 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 41 01>]
Nov 15 11:03:05 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 41 01>]
Nov 15 11:03:05 foxfire pppd[12823]: rcvd [LCP ConfAck id=0xd <mru 576>
<asyncmap 0x0> <magic 0x5a060421> <pcomp> <accomp>]
Nov 15 11:03:05 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:03:05 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:03:05 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0x5a060421]
Nov 15 11:03:05 foxfire pppd[12823]: sent [PAP AuthReq id=0xd
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:03:05 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:03:07 foxfire pppd[12823]: rcvd [PAP AuthNak id=0xd ""]
Nov 15 11:03:07 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:03:07 foxfire pppd[12823]: sent [LCP TermReq id=0xe "Failed to
authenticate ourselves to peer"]
Nov 15 11:03:07 foxfire pppd[12823]: rcvd [LCP TermAck id=0xe]
Nov 15 11:03:07 foxfire pppd[12823]: Connection terminated.
Nov 15 11:03:07 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:03:08 foxfire pppd[12823]: Starting link
Nov 15 11:03:13 foxfire sh-httpd[12353]: connect from 192.168.1.102
Nov 15 11:03:15 foxfire sh-httpd[350]: connect from 192.168.1.102
Nov 15 11:03:34 foxfire sh-httpd[1412]: connect from 192.168.1.102
Nov 15 11:03:36 foxfire sh-httpd[11552]: connect from 192.168.1.102
Nov 15 11:03:36 foxfire pppd[12823]: Serial connection established.
Nov 15 11:03:36 foxfire pppd[12823]: using channel 8
Nov 15 11:03:36 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:03:37 foxfire sh-httpd[14886]: connect from 192.168.1.102
Nov 15 11:03:37 foxfire pppd[12823]: sent [LCP ConfReq id=0xf <mru 576>
<asyncmap 0x0> <magic 0xe4b1066d> <pcomp> <accomp>]
Nov 15 11:03:38 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 16 00>]
Nov 15 11:03:38 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 16 00>]
Nov 15 11:03:38 foxfire pppd[12823]: rcvd [LCP ConfAck id=0xf <mru 576>
<asyncmap 0x0> <magic 0xe4b1066d> <pcomp> <accomp>]
Nov 15 11:03:38 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:03:38 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:03:38 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0xe4b1066d]
Nov 15 11:03:38 foxfire pppd[12823]: sent [PAP AuthReq id=0xe
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:03:38 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:03:40 foxfire pppd[12823]: rcvd [PAP AuthNak id=0xe ""]
Nov 15 11:03:40 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:03:40 foxfire pppd[12823]: sent [LCP TermReq id=0x10 "Failed to
authenticate ourselves to peer"]
Nov 15 11:03:40 foxfire pppd[12823]: rcvd [LCP TermAck id=0x10]
Nov 15 11:03:40 foxfire pppd[12823]: Connection terminated.
Nov 15 11:03:40 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:03:41 foxfire pppd[12823]: Starting link
Nov 15 11:04:08 foxfire sh-httpd[20837]: connect from 192.168.1.102
Nov 15 11:04:10 foxfire pppd[12823]: Serial connection established.
Nov 15 11:04:10 foxfire pppd[12823]: using channel 9
Nov 15 11:04:10 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:04:10 foxfire sh-httpd[14451]: connect from 192.168.1.102
Nov 15 11:04:11 foxfire pppd[12823]: sent [LCP ConfReq id=0x11 <mru 576>
<asyncmap 0x0> <magic 0xd4f0dd8d> <pcomp> <accomp>]
Nov 15 11:04:11 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 18 00>]
Nov 15 11:04:11 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 18 00>]
Nov 15 11:04:11 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x11 <mru 576>
<asyncmap 0x0> <magic 0xd4f0dd8d> <pcomp> <accomp>]
Nov 15 11:04:11 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:04:11 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:04:11 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0xd4f0dd8d]
Nov 15 11:04:11 foxfire pppd[12823]: sent [PAP AuthReq id=0xf
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:04:11 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:04:11 foxfire sh-httpd[12644]: connect from 192.168.1.102
Nov 15 11:04:12 foxfire pppd[12823]: rcvd [PAP AuthNak id=0xf ""]
Nov 15 11:04:12 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:04:12 foxfire pppd[12823]: sent [LCP TermReq id=0x12 "Failed to
authenticate ourselves to peer"]
Nov 15 11:04:12 foxfire pppd[12823]: rcvd [LCP TermAck id=0x12]
Nov 15 11:04:12 foxfire pppd[12823]: Connection terminated.
Nov 15 11:04:13 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:04:13 foxfire pppd[12823]: Starting link
Nov 15 11:04:31 foxfire sh-httpd[30736]: connect from 192.168.1.102
Nov 15 11:04:36 foxfire sh-httpd[3876]: connect from 192.168.1.102
Nov 15 11:04:42 foxfire pppd[12823]: Serial connection established.
Nov 15 11:04:42 foxfire pppd[12823]: using channel 10
Nov 15 11:04:42 foxfire pppd[12823]: Connect: ppp0 <--> /dev/ttyS1
Nov 15 11:04:43 foxfire pppd[12823]: sent [LCP ConfReq id=0x13 <mru 576>
<asyncmap 0x0> <magic 0xeef6ee72> <pcomp> <accomp>]
Nov 15 11:04:43 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 < 00 04 00
00> <mru 1524> <asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <mrru 1524>
<endpoint [local:6d.61.78.2d.70.64.78]> < 17 04 d6 00>]
Nov 15 11:04:43 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 < 00 04 00
00> <mrru 1524> < 17 04 d6 00>]
Nov 15 11:04:43 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x13 <mru 576>
<asyncmap 0x0> <magic 0xeef6ee72> <pcomp> <accomp>]
Nov 15 11:04:43 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:04:43 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 <mru 1524>
<asyncmap 0xa0000> <auth pap> <pcomp> <accomp> <endpoint
[local:6d.61.78.2d.70.64.78]>]
Nov 15 11:04:43 foxfire pppd[12823]: sent [LCP EchoReq id=0x0
magic=0xeef6ee72]
Nov 15 11:04:43 foxfire pppd[12823]: sent [PAP AuthReq id=0x10
user="[EMAIL PROTECTED]" password=<hidden>]
Nov 15 11:04:43 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0]
Nov 15 11:04:44 foxfire sh-httpd[28597]: connect from 192.168.1.102
Nov 15 11:04:45 foxfire pppd[12823]: rcvd [PAP AuthNak id=0x10 ""]
Nov 15 11:04:45 foxfire pppd[12823]: PAP authentication failed
Nov 15 11:04:45 foxfire pppd[12823]: sent [LCP TermReq id=0x14 "Failed to
authenticate ourselves to peer"]
Nov 15 11:04:45 foxfire pppd[12823]: rcvd [LCP TermAck id=0x14]
Nov 15 11:04:45 foxfire pppd[12823]: Connection terminated.
Nov 15 11:04:46 foxfire pppd[12823]: Hangup (SIGHUP)
Nov 15 11:04:46 foxfire pppd[12823]: Exit.
Nov 15 11:05:11 foxfire sh-httpd[199]: connect from 192.168.1.102
Nov 15 11:06:44 foxfire sh-httpd[1144]: connect from 192.168.1.102
Nov 15 11:06:46 foxfire sh-httpd[23667]: connect from 192.168.1.102
Nov 15 11:06:48 foxfire sh-httpd[31223]: connect from 192.168.1.102
Nov 15 11:09:00 foxfire sh-httpd[28492]: connect from 192.168.1.102
Nov 15 11:09:02 foxfire sh-httpd[25193]: connect from 192.168.1.102
Nov 15 11:09:03 foxfire sh-httpd[12201]: connect from 192.168.1.102
Nov 15 11:10:21 foxfire sh-httpd[5784]: connect from 192.168.1.102
Nov 15 11:10:23 foxfire sh-httpd[32021]: connect from 192.168.1.102
Nov 15 11:10:24 foxfire sh-httpd[17028]: connect from 192.168.1.102
Nov 15 11:11:09 foxfire sh-httpd[22542]: connect from 192.168.1.102
Nov 15 11:11:11 foxfire sh-httpd[10872]: connect from 192.168.1.102
Nov 15 11:13:15 foxfire sh-httpd[2312]: connect from 192.168.1.102
Nov 15 11:13:17 foxfire sh-httpd[20923]: connect from 192.168.1.102
Nov 15 11:13:18 foxfire sh-httpd[100]: connect from 192.168.1.102
Nov 15 11:14:35 foxfire sh-httpd[16708]: connect from 192.168.1.102
Nov 15 11:14:41 foxfire sh-httpd[741]: connect from 192.168.1.102
Nov 15 11:14:44 foxfire sh-httpd[3295]: connect from 192.168.1.102
Nov 15 11:15:25 foxfire sh-httpd[6298]: connect from 192.168.1.102
Nov 15 11:15:46 foxfire sh-httpd[15836]: connect from 192.168.1.102
Nov 15 11:15:47 foxfire sh-httpd[28313]: connect from 192.168.1.102
Nov 15 11:16:19 foxfire sh-httpd[11480]: connect from 192.168.1.102
Nov 15 11:17:30 foxfire sh-httpd[17477]: connect from 192.168.1.102
Nov 15 11:17:32 foxfire sh-httpd[1783]: connect from 192.168.1.102
Nov 15 11:17:34 foxfire sh-httpd[19390]: connect from 192.168.1.102
Nov 15 11:17:52 foxfire sh-httpd[8458]: connect from 192.168.1.102
Nov 15 11:17:56 foxfire sh-httpd[2945]: connect from 192.168.1.102
Nov 15 11:17:58 foxfire sh-httpd[18337]: connect from 192.168.1.102
Nov 15 11:18:05 foxfire sh-httpd[24764]: connect from 192.168.1.102
Nov 15 11:18:13 foxfire sh-httpd[4841]: connect from 192.168.1.102
Nov 15 11:18:15 foxfire sh-httpd[24482]: connect from 192.168.1.102
Nov 15 11:18:16 foxfire sh-httpd[24594]: connect from 192.168.1.102
==shorewall status
Shorewall-1.4.2 Status at foxfire - Sat Nov 15 11:31:36 UTC 2003
Counters reset Sat Nov 15 09:49:19 UTC 2003
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
0 0 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
252 34775 ppp0_in all -- ppp0 * 0.0.0.0/0
0.0.0.0/0
1027 73986 eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:INPUT:REJECT:' queue_threshold 1
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
311 19052 TCPMSS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
3045 1331K ppp0_fwd all -- ppp0 * 0.0.0.0/0
0.0.0.0/0
2481 323K eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:FORWARD:REJECT:' queue_threshold 1
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
0 0 ACCEPT all -- * lo 0.0.0.0/0
0.0.0.0/0
862 65975 fw2net all -- * ppp0 0.0.0.0/0
0.0.0.0/0
1592 694K fw2loc all -- * eth0 0.0.0.0/0
0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:OUTPUT:REJECT:' queue_threshold 1
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain all2all (3 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
40 3440 common all -- * * 0.0.0.0/0
0.0.0.0/0
16 1472 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:all2all:REJECT:' queue_threshold 1
16 1472 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain badpkt (2 references)
pkts bytes target prot opt in out source
destination
0 0 LOG tcp -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 6 level 6 prefix `Shorewall:badpkt:DROP:'
0 0 LOG !tcp -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 4 level 6 prefix `Shorewall:badpkt:DROP:'
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain common (5 references)
pkts bytes target prot opt in out source
destination
16 1472 icmpdef icmp -- * * 0.0.0.0/0
0.0.0.0/0
4 312 reject udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpts:137:139
0 0 reject udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:445
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:139
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:445
103 4944 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:135
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1900
0 0 DROP all -- * * 0.0.0.0/0
255.255.255.255
0 0 DROP all -- * * 0.0.0.0/0
224.0.0.0/4
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:113
24 1968 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp spt:53 state NEW
0 0 DROP all -- * * 0.0.0.0/0
192.168.1.255
Chain dynamic (4 references)
pkts bytes target prot opt in out source
destination
Chain eth0_fwd (1 references)
pkts bytes target prot opt in out source
destination
2481 323K dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
2481 323K loc2net all -- * ppp0 0.0.0.0/0
0.0.0.0/0
Chain eth0_in (1 references)
pkts bytes target prot opt in out source
destination
1027 73986 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
1027 73986 loc2fw all -- * * 0.0.0.0/0
0.0.0.0/0
Chain fw2loc (1 references)
pkts bytes target prot opt in out source
destination
1552 691K ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
40 3440 all2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain fw2net (1 references)
pkts bytes target prot opt in out source
destination
187 11904 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:53
675 54071 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW udp dpt:53
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
0 0 all2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain icmpdef (1 references)
pkts bytes target prot opt in out source
destination
Chain loc2fw (1 references)
pkts bytes target prot opt in out source
destination
912 65925 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:22
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
51 3965 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW udp dpt:53
64 4096 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:80
0 0 all2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain loc2net (1 references)
pkts bytes target prot opt in out source
destination
2323 313K ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
158 10112 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain logdrop (30 references)
pkts bytes target prot opt in out source
destination
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:rfc1918:DROP:' queue_threshold 1
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain logflags (5 references)
pkts bytes target prot opt in out source
destination
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:logflags:DROP:' queue_threshold 1
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net2all (2 references)
pkts bytes target prot opt in out source
destination
3045 1331K ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
108 5296 common all -- * * 0.0.0.0/0
0.0.0.0/0
1 40 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:net2all:DROP:' queue_threshold 1
1 40 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net2fw (1 references)
pkts bytes target prot opt in out source
destination
64 22119 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
80 7360 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
108 5296 net2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain newnotsyn (7 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain ppp0_fwd (1 references)
pkts bytes target prot opt in out source
destination
3045 1331K dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 badpkt all -- * * 0.0.0.0/0
0.0.0.0/0 unclean
0 0 rfc1918 all -- * * 0.0.0.0/0
0.0.0.0/0 state NEW
3045 1331K tcpflags tcp -- * * 0.0.0.0/0
0.0.0.0/0
3045 1331K net2all all -- * eth0 0.0.0.0/0
0.0.0.0/0
Chain ppp0_in (1 references)
pkts bytes target prot opt in out source
destination
252 34775 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 badpkt all -- * * 0.0.0.0/0
0.0.0.0/0 unclean
188 12656 rfc1918 all -- * * 0.0.0.0/0
0.0.0.0/0 state NEW
104 4984 tcpflags tcp -- * * 0.0.0.0/0
0.0.0.0/0
252 34775 net2fw all -- * * 0.0.0.0/0
0.0.0.0/0
Chain reject (10 references)
pkts bytes target prot opt in out source
destination
103 4944 REJECT tcp -- * * 0.0.0.0/0
0.0.0.0/0 reject-with tcp-reset
20 1784 REJECT all -- * * 0.0.0.0/0
0.0.0.0/0 reject-with icmp-port-unreachable
Chain rfc1918 (2 references)
pkts bytes target prot opt in out source
destination
0 0 RETURN all -- * * 255.255.255.255
0.0.0.0/0
0 0 DROP all -- * * 169.254.0.0/16
0.0.0.0/0
0 0 logdrop all -- * * 172.16.0.0/12
0.0.0.0/0
0 0 logdrop all -- * * 192.0.2.0/24
0.0.0.0/0
0 0 logdrop all -- * * 192.168.0.0/16
0.0.0.0/0
0 0 logdrop all -- * * 0.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 2.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 5.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 7.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 10.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 23.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 27.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 31.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 36.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 39.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 41.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 42.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 49.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 50.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 58.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 60.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 70.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 72.0.0.0/5
0.0.0.0/0
0 0 logdrop all -- * * 83.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 84.0.0.0/6
0.0.0.0/0
0 0 logdrop all -- * * 88.0.0.0/5
0.0.0.0/0
0 0 logdrop all -- * * 96.0.0.0/3
0.0.0.0/0
0 0 logdrop all -- * * 127.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 197.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 198.18.0.0/15
0.0.0.0/0
0 0 logdrop all -- * * 201.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 240.0.0.0/4
0.0.0.0/0
Chain shorewall (0 references)
pkts bytes target prot opt in out source
destination
Chain tcpflags (2 references)
pkts bytes target prot opt in out source
destination
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp flags:0x3F/0x29
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp flags:0x3F/0x00
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp flags:0x06/0x06
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp flags:0x03/0x03
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:0 flags:0x16/0x02
Nov 15 10:18:04 net2all:DROP: IN=ppp0 OUT= SRC=80.168.23.30
DST=209.102.126.143 LEN=40 TOS=00 PREC=0x00 TTL=237 ID=46991 PROTO=TCP
SPT=2206 DPT=554 SEQ=757147 ACK=0 WINDOW=4096 SYN URGP=0
Nov 15 11:09:17 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=30485 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:09:24 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=37711 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:09:34 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=14701 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:09:47 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=23834 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:10:36 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=36116 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:10:43 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=18026 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:10:53 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=27937 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:11:06 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=42018 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:12:25 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=57797 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:12:32 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=25778 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:12:42 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=26350 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:12:55 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=58775 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:16:38 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=13352 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:16:45 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=43817 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:16:55 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=5501 PROTO=ICMP
TYPE=3 CODE=0
Nov 15 11:17:08 all2all:REJECT: IN= OUT=eth0 SRC=192.168.1.254
DST=192.168.1.102 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=6703 PROTO=ICMP
TYPE=3 CODE=0
NAT Table
Chain PREROUTING (policy ACCEPT 443 packets, 29117 bytes)
pkts bytes target prot opt in out source
destination
Chain POSTROUTING (policy ACCEPT 778 packets, 58191 bytes)
pkts bytes target prot opt in out source
destination
932 68047 ppp0_masq all -- * ppp0 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy ACCEPT 699 packets, 56039 bytes)
pkts bytes target prot opt in out source
destination
Chain ppp0_masq (1 references)
pkts bytes target prot opt in out source
destination
154 9856 MASQUERADE all -- * * 192.168.1.0/24
0.0.0.0/0
Mangle Table
Chain PREROUTING (policy ACCEPT 6822 packets, 1763K bytes)
pkts bytes target prot opt in out source
destination
189 12696 man1918 all -- ppp0 * 0.0.0.0/0
0.0.0.0/0 state NEW
6822 1763K pretos all -- * * 0.0.0.0/0
0.0.0.0/0
Chain INPUT (policy ACCEPT 1279 packets, 109K bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 5526 packets, 1653K bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 2454 packets, 760K bytes)
pkts bytes target prot opt in out source
destination
2454 760K outtos all -- * * 0.0.0.0/0
0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 7940 packets, 2410K bytes)
pkts bytes target prot opt in out source
destination
Chain logdrop (30 references)
pkts bytes target prot opt in out source
destination
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:man1918:DROP:' queue_threshold 1
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain man1918 (1 references)
pkts bytes target prot opt in out source
destination
0 0 RETURN all -- * * 0.0.0.0/0
255.255.255.255
0 0 DROP all -- * * 0.0.0.0/0
169.254.0.0/16
0 0 logdrop all -- * * 0.0.0.0/0
172.16.0.0/12
0 0 logdrop all -- * * 0.0.0.0/0
192.0.2.0/24
0 0 logdrop all -- * * 0.0.0.0/0
192.168.0.0/16
0 0 logdrop all -- * * 0.0.0.0/0
0.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
2.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
5.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
7.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
10.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
23.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
27.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
31.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
36.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
39.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
41.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
42.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
49.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
50.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
58.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
60.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
70.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
72.0.0.0/5
0 0 logdrop all -- * * 0.0.0.0/0
83.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
84.0.0.0/6
0 0 logdrop all -- * * 0.0.0.0/0
88.0.0.0/5
0 0 logdrop all -- * * 0.0.0.0/0
96.0.0.0/3
0 0 logdrop all -- * * 0.0.0.0/0
127.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
197.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
198.18.0.0/15
0 0 logdrop all -- * * 0.0.0.0/0
201.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
240.0.0.0/4
Chain outtos (1 references)
pkts bytes target prot opt in out source
destination
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:20 TOS set 0x08
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:20 TOS set 0x08
Chain pretos (1 references)
pkts bytes target prot opt in out source
destination
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:20 TOS set 0x08
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:20 TOS set 0x08
(see part 2)
Paul Rogers ([EMAIL PROTECTED])
http://www.xprt.net/~pgrogers/
http://www.angelfire.com/or/paulrogers/
Rogers' Second Law: "Everything you do communicates."
(I do not personally endorse any additions after this line. TANSTAAFL
:-)
________________________________________________________________
The best thing to hit the internet in years - Juno SpeedBand!
Surf the web up to FIVE TIMES FASTER!
Only $14.95/ month - visit www.juno.com to sign up today!
-------------------------------------------------------
This SF. Net email is sponsored by: GoToMyPC
GoToMyPC is the fast, easy and secure way to access your computer from
any Web browser or wireless device. Click here to Try it Free!
https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
