Hello,
right now im just trying to get a a simple setup going, then build
on that. I have my 2 network cards in there, the drivers are loaded
successfully, and i was able to verify they both worked. I did this by
trying them both out as eth0, and I was able to successly ping the
firewall from another computer as well as ping from the firewall to an
outside location with each network card. now the problem that I am
having is that for some reason my internal network card, eth1, is not
sending out any traffic like it is supposed to be. to be more specific
no traffic is being sent at all.
I have a hub setup and this is what im experiencing with that.
1. When i plug eth1 into the uplink port like it is supposed to be, the
port light is off and there is no traffic on that port. all network
card lights are off.
2. When i plug eth1 into any of the other ports that the receving
computers are suppoed to plug into, the port lights up and the lights on
the network card itself start flashing like there is traffic going on.
it almost seems as if eth1 is acting like a reciever, instead of
distributing IP's like it is supposed to. can anyone please help me out
with this problem. ive spent the past few days on this and i really
need to get this figured out. I will post the output to some commands
below.
Thanks
-Ray
UNAME
Linux firewall 2.4.20 #1 Sun May 11 18:53:34 CEST 2003 i686 unknown
ADDR SHOW
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:10:5a:18:ff:c3 brd ff:ff:ff:ff:ff:ff
inet 138.23.75.45/24 brd 138.23.75.255 scope global eth0
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:a0:cc:67:d6:2d brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1
SHOW ROUTE
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
138.23.75.0/24 dev eth0 proto kernel scope link src 138.23.75.45
default via 138.23.75.1 dev eth0
MESSAGE LOG
Feb 7 11:51:09 firewall syslogd 1.3-3#31.slink1: restart.
Feb 7 11:51:09 firewall kernel: klogd 1.3-3#31.slink1, log source =
/proc/kmsg started.
Feb 7 11:51:09 firewall kernel: No module symbols loaded.
Feb 7 11:51:09 firewall kernel: BIOS-provided physical RAM map:
Feb 7 11:51:09 firewall kernel: 128MB LOWMEM available.
Feb 7 11:51:09 firewall kernel: Initializing CPU#0
Feb 7 11:51:09 firewall kernel: Memory: 127360k/131072k available (948k
kernel code, 3312k reserved, -1176k data, 64k init, 0k highmem)
Feb 7 11:51:09 firewall kernel: Dentry cache hash table entries: 16384
(order: 5, 131072 bytes)
Feb 7 11:51:09 firewall kernel: Inode cache hash table entries: 8192
(order: 4, 65536 bytes)
Feb 7 11:51:09 firewall kernel: CPU: L1 I cache: 16K, L1 D cache: 16K
Feb 7 11:51:09 firewall kernel: CPU: L2 cache: 512K
Feb 7 11:51:09 firewall kernel: Enabling fast FPU save and restore...
done.
Feb 7 11:51:09 firewall kernel: Checking 'hlt' instruction... OK.
Feb 7 11:51:09 firewall kernel: PCI: PCI BIOS revision 2.10 entry at
0xfd9a3, last bus=1
Feb 7 11:51:09 firewall kernel: PCI: Using configuration type 1
Feb 7 11:51:09 firewall kernel: PCI: Probing PCI hardware
Feb 7 11:51:09 firewall kernel: PCI: Using IRQ router PIIX [8086/7110]
at 00:07.0
Feb 7 11:51:09 firewall kernel: Limiting direct PCI/PCI transfers.
Feb 7 11:51:09 firewall kernel: Linux NET4.0 for Linux 2.4
Feb 7 11:51:09 firewall kernel: Based upon Swansea University Computer
Society NET3.039
Feb 7 11:51:09 firewall kernel: Serial driver version 5.05c
(2001-07-08) with MANY_PORTS SHARE_IRQ DETECT_IRQ SERIAL_PCI enabled
Feb 7 11:51:09 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A
Feb 7 11:51:09 firewall kernel: ttyS01 at 0x02f8 (irq = 3) is a 16550A
Feb 7 11:51:09 firewall kernel: Real Time Clock Driver v1.10e
Feb 7 11:51:09 firewall kernel: Software Watchdog Timer: 0.05, timer
margin: 60 sec
Feb 7 11:51:09 firewall kernel: Floppy drive(s): fd0 is 1.44M
Feb 7 11:51:09 firewall kernel: FDC 0 is a post-1991 82077
Feb 7 11:51:09 firewall kernel: NET4: Linux TCP/IP 1.0 for NET4.0
Feb 7 11:51:09 firewall kernel: IP Protocols: ICMP, UDP, TCP, IGMP
Feb 7 11:51:09 firewall kernel: IP: routing cache hash table of 1024
buckets, 8Kbytes
Feb 7 11:51:09 firewall kernel: TCP: Hash tables configured
(established 8192 bind 8192)
Feb 7 11:51:09 firewall kernel: NET4: Unix domain sockets 1.0/SMP for
Linux NET4.0.
Feb 7 11:51:09 firewall kernel: RAMDISK: Compressed image found at block 0
Feb 7 11:51:09 firewall kernel: Freeing initrd memory: 401k freed
Feb 7 11:51:09 firewall kernel: Freeing unused kernel memory: 64k freed
Feb 7 11:51:09 firewall kernel: pci-scan.c:v1.11 8/31/2002 Donald
Becker <[EMAIL PROTECTED]> http://www.scyld.com/linux/drivers.html
Feb 7 11:51:09 firewall kernel: 3c59x.c:v0.99Xf 11/17/2002 Donald
Becker, [EMAIL PROTECTED]
Feb 7 11:51:09 firewall kernel: http://www.scyld.com/network/vortex.html
Feb 7 11:51:09 firewall kernel: eth0: 3Com 3c905B Cyclone 100baseTx at
0x1400, 00:10:5a:18:ff:c3, IRQ 9
Feb 7 11:51:09 firewall kernel: 8K buffer 5:3 Rx:Tx split,
autoselect/Autonegotiate interface.
Feb 7 11:51:09 firewall kernel: MII transceiver found at address 24,
status 786d.
Feb 7 11:51:09 firewall kernel: MII transceiver found at address 0,
status 786d.
Feb 7 11:51:09 firewall kernel: Using bus-master transmits and
whole-frame receives.
Feb 7 11:51:09 firewall kernel: tulip.c:v0.95f 11/17/2002 Written by
Donald Becker <[EMAIL PROTECTED]>
Feb 7 11:51:09 firewall kernel: http://www.scyld.com/network/tulip.html
Feb 7 11:51:09 firewall kernel: eth1: Lite-On LC82C115 PNIC-II rev 37
at 0xc8823400, 00:A0:CC:67:D6:2D, IRQ 9.
Feb 7 11:51:13 firewall root: Shorewall Started
Feb 7 11:53:38 firewall root: Shorewall Restarted
Feb 7 11:56:32 firewall root: Shorewall Restarted
Feb 7 11:56:49 firewall root: Shorewall Restarted
Feb 7 12:01:32 firewall root: Shorewall Restarted
IP tables (Masquerade)
Chain PREROUTING (policy ACCEPT 2474 packets, 279K bytes)
pkts bytes target prot opt in out source
destination
Chain POSTROUTING (policy ACCEPT 35 packets, 2500 bytes)
pkts bytes target prot opt in out source
destination
10 752 eth0_masq all -- * eth0 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy ACCEPT 192 packets, 11920 bytes)
pkts bytes target prot opt in out source
destination
Chain eth0_masq (1 references)
pkts bytes target prot opt in out source
destination
0 0 MASQUERADE all -- * * 192.168.1.0/24
0.0.0.0/0
SHOREWALL STATUS
[H[JShorewall-1.4.2 Status at firewall - Tue Feb 7 12:15:09 UTC 2006
Counters reset Tue Feb 7 12:01:32 UTC 2006
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
4 336 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
37 5033 eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
0 0 eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:INPUT:REJECT:' queue_threshold 1
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
0 0 eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
0 0 eth1_fwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:FORWARD:REJECT:' queue_threshold 1
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
4 336 ACCEPT all -- * lo 0.0.0.0/0
0.0.0.0/0
10 752 fw2net all -- * eth0 0.0.0.0/0
0.0.0.0/0
0 0 fw2loc all -- * eth1 0.0.0.0/0
0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:OUTPUT:REJECT:' queue_threshold 1
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain all2all (3 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:all2all:REJECT:' queue_threshold 1
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain common (5 references)
pkts bytes target prot opt in out source
destination
0 0 icmpdef icmp -- * * 0.0.0.0/0
0.0.0.0/0
18 1883 reject udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpts:137:139
0 0 reject udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:445
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:139
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:445
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:135
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1900
9 1562 DROP all -- * * 0.0.0.0/0
255.255.255.255
0 0 DROP all -- * * 0.0.0.0/0
224.0.0.0/4
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:113
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp spt:53 state NEW
0 0 DROP all -- * * 0.0.0.0/0
138.23.75.255
0 0 DROP all -- * * 0.0.0.0/0
192.168.1.255
Chain dynamic (4 references)
pkts bytes target prot opt in out source
destination
Chain eth0_fwd (1 references)
pkts bytes target prot opt in out source
destination
0 0 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 rfc1918 all -- * * 0.0.0.0/0
0.0.0.0/0 state NEW
0 0 net2all all -- * eth1 0.0.0.0/0
0.0.0.0/0
Chain eth0_in (1 references)
pkts bytes target prot opt in out source
destination
37 5033 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
27 3445 rfc1918 all -- * * 0.0.0.0/0
0.0.0.0/0 state NEW
37 5033 net2fw all -- * * 0.0.0.0/0
0.0.0.0/0
Chain eth1_fwd (1 references)
pkts bytes target prot opt in out source
destination
0 0 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 loc2net all -- * eth0 0.0.0.0/0
0.0.0.0/0
Chain eth1_in (1 references)
pkts bytes target prot opt in out source
destination
0 0 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 loc2fw all -- * * 0.0.0.0/0
0.0.0.0/0
Chain fw2loc (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
0 0 all2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain fw2net (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:53
4 248 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW udp dpt:53
6 504 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
0 0 all2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain icmpdef (1 references)
pkts bytes target prot opt in out source
destination
Chain loc2fw (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:22
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp dpt:80
0 0 all2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain loc2net (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain logdrop (30 references)
pkts bytes target prot opt in out source
destination
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:rfc1918:DROP:' queue_threshold 1
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net2all (2 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
27 3445 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:net2all:DROP:' queue_threshold 1
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net2fw (1 references)
pkts bytes target prot opt in out source
destination
10 1588 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 newnotsyn tcp -- * * 0.0.0.0/0
0.0.0.0/0 state NEW tcp flags:!0x16/0x02
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8
27 3445 net2all all -- * * 0.0.0.0/0
0.0.0.0/0
Chain newnotsyn (7 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain reject (10 references)
pkts bytes target prot opt in out source
destination
0 0 REJECT tcp -- * * 0.0.0.0/0
0.0.0.0/0 reject-with tcp-reset
18 1883 REJECT all -- * * 0.0.0.0/0
0.0.0.0/0 reject-with icmp-port-unreachable
Chain rfc1918 (2 references)
pkts bytes target prot opt in out source
destination
0 0 RETURN all -- * * 255.255.255.255
0.0.0.0/0
0 0 RETURN all -- * * 169.254.0.0/16
0.0.0.0/0
0 0 logdrop all -- * * 172.16.0.0/12
0.0.0.0/0
0 0 logdrop all -- * * 192.0.2.0/24
0.0.0.0/0
0 0 logdrop all -- * * 192.168.0.0/16
0.0.0.0/0
0 0 logdrop all -- * * 0.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 2.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 5.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 7.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 10.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 23.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 27.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 31.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 36.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 39.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 41.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 42.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 49.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 50.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 58.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 60.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 70.0.0.0/7
0.0.0.0/0
0 0 logdrop all -- * * 72.0.0.0/5
0.0.0.0/0
0 0 logdrop all -- * * 83.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 84.0.0.0/6
0.0.0.0/0
0 0 logdrop all -- * * 88.0.0.0/5
0.0.0.0/0
0 0 logdrop all -- * * 96.0.0.0/3
0.0.0.0/0
0 0 logdrop all -- * * 127.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 197.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 198.18.0.0/15
0.0.0.0/0
0 0 logdrop all -- * * 201.0.0.0/8
0.0.0.0/0
0 0 logdrop all -- * * 240.0.0.0/4
0.0.0.0/0
Chain shorewall (0 references)
pkts bytes target prot opt in out source
destination
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.41.0.10 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=59066 DF PROTO=UDP
SPT=3420 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.32.64.12 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=38406 DF PROTO=UDP
SPT=7976 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.5.5.241 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=34255 DF PROTO=UDP
SPT=25596 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=202.12.27.33 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=45206 DF PROTO=UDP
SPT=30963 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.36.148.17 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=59483 DF PROTO=UDP
SPT=18464 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.8.10.90 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=52124 DF PROTO=UDP
SPT=43443 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.63.2.53 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=45648 DF PROTO=UDP
SPT=18455 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.112.36.4 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=40862 DF PROTO=UDP
SPT=14202 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=193.0.14.129 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=40873 DF PROTO=UDP
SPT=43008 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.203.230.10 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=59630 DF PROTO=UDP
SPT=23530 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.41.0.4 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=60153 DF PROTO=UDP
SPT=4116 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.33.4.12 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=35480 DF PROTO=UDP
SPT=15657 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.9.0.107 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=34144 DF PROTO=UDP
SPT=3918 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.41.0.10 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=41108 DF PROTO=UDP
SPT=47595 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.32.64.12 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=57489 DF PROTO=UDP
SPT=21574 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.5.5.241 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=60928 DF PROTO=UDP
SPT=64252 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=202.12.27.33 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=33183 DF PROTO=UDP
SPT=61832 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.36.148.17 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=48678 DF PROTO=UDP
SPT=56654 DPT=53 LEN=40
Feb 7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.8.10.90 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=43963 DF PROTO=UDP
SPT=15315 DPT=53 LEN=40
Feb 7 11:52:44 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.63.2.53 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=53460 DF PROTO=UDP
SPT=24344 DPT=53 LEN=40
NAT Table
Chain PREROUTING (policy ACCEPT 2474 packets, 279K bytes)
pkts bytes target prot opt in out source
destination
Chain POSTROUTING (policy ACCEPT 35 packets, 2500 bytes)
pkts bytes target prot opt in out source
destination
10 752 eth0_masq all -- * eth0 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy ACCEPT 192 packets, 11920 bytes)
pkts bytes target prot opt in out source
destination
Chain eth0_masq (1 references)
pkts bytes target prot opt in out source
destination
0 0 MASQUERADE all -- * * 192.168.1.0/24
0.0.0.0/0
Mangle Table
Chain PREROUTING (policy ACCEPT 2682 packets, 300K bytes)
pkts bytes target prot opt in out source
destination
402 43682 man1918 all -- eth0 * 0.0.0.0/0
0.0.0.0/0 state NEW
414 45293 pretos all -- * * 0.0.0.0/0
0.0.0.0/0
Chain INPUT (policy ACCEPT 351 packets, 38485 bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 365 packets, 27096 bytes)
pkts bytes target prot opt in out source
destination
14 1088 outtos all -- * * 0.0.0.0/0
0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 208 packets, 17676 bytes)
pkts bytes target prot opt in out source
destination
Chain logdrop (30 references)
pkts bytes target prot opt in out source
destination
0 0 ULOG all -- * * 0.0.0.0/0
0.0.0.0/0 ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:man1918:DROP:' queue_threshold 1
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain man1918 (1 references)
pkts bytes target prot opt in out source
destination
9 1562 RETURN all -- * * 0.0.0.0/0
255.255.255.255
0 0 RETURN all -- * * 0.0.0.0/0
169.254.0.0/16
0 0 logdrop all -- * * 0.0.0.0/0
172.16.0.0/12
0 0 logdrop all -- * * 0.0.0.0/0
192.0.2.0/24
0 0 logdrop all -- * * 0.0.0.0/0
192.168.0.0/16
0 0 logdrop all -- * * 0.0.0.0/0
0.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
2.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
5.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
7.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
10.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
23.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
27.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
31.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
36.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
39.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
41.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
42.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
49.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
50.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
58.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
60.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
70.0.0.0/7
0 0 logdrop all -- * * 0.0.0.0/0
72.0.0.0/5
0 0 logdrop all -- * * 0.0.0.0/0
83.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
84.0.0.0/6
0 0 logdrop all -- * * 0.0.0.0/0
88.0.0.0/5
0 0 logdrop all -- * * 0.0.0.0/0
96.0.0.0/3
0 0 logdrop all -- * * 0.0.0.0/0
127.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
197.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
198.18.0.0/15
0 0 logdrop all -- * * 0.0.0.0/0
201.0.0.0/8
0 0 logdrop all -- * * 0.0.0.0/0
240.0.0.0/4
Chain outtos (1 references)
pkts bytes target prot opt in out source
destination
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:20 TOS set 0x08
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:20 TOS set 0x08
Chain pretos (1 references)
pkts bytes target prot opt in out source
destination
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:22 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:21 TOS set 0x10
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:20 TOS set 0x08
0 0 TOS tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:20 TOS set 0x08
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/