Dear lenux-netizens,
Here is a pretty weard problem that drives me crazy. All I wanted
was to make net2phone work with my linux firewall. To do that,
in addition to allowing tcp/udp traffic from the LAN with
ipfwadm -F -a accept -m -P tcp -S 192.168.0.0/24
ipfwadm -F -a accept -m -P udp -S 192.168.0.0/24
I had to forward one TCP port (6613) and one UDP port (6615) to
the local machine with:
/sbin/ipportfw -A -t$Firewall_IP/6613 -R 192.168.0.1/6613
/sbin/ipportfw -A -u$Firewall_IP/6615 -R 192.168.0.1/6615
But net2phone still didn't work.
Then I run tcpdump on these ports on both LAN and WAN interfaces.
What I saw was udp traffic to/from port 6615 going back and forth
just fine, while tcp traffic from the WAN to the port 6613 stopped dead
when arriving to the WAN interface (it never showed up to LAN
interface...)
The destination address on those packages was shown to be 0.0.0.0
(why or why?) by tcpdump, so I am wondering how I can forward
these packets to my client machine. (Oh yeah, and can I find more
about the content of raw packets in the dump files, obtained using -w
option of tcpdump - attached d6615.0, d6615.1, d6613.0, d6613.1).
Any help/hints would be greatly appreciated...
Thanks,
Boris.
P.S. The firewall is a linux (2.0.36 kernel) with ipfwadm (IP masquerade)
and ipportfw (port re-direct) installed. The tcpdump results for TCP port
6613 on both eth0 and eth1(LAN) are as follows:
=== TCP port 6613 on the WAN (tcpdump -n -i eth0 -vv port 6613):
14:08:39.656009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52506)
14:08:39.656009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52506)
14:08:43.156009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52507)
14:08:43.156009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52507)
14:08:49.566009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52508)
14:08:49.566009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52508)
14:08:58.976009 169.132.65.5.36902 > 0.0.0.0.6613: R
1929898219:1929898219(0) win 8760 (DF) (ttl 239, id 52509)
14:08:58.976009 169.132.65.5.36902 > 0.0.0.0.6613: R
1929898219:1929898219(0) win 8760 (DF) (ttl 239, id 52509)
8 packets received by filter
0 packets dropped by kernel
=== TCP port 6613 on the LAN (tcpdump -n -i eth1 -vv port 6613):
0 packets received by filter
0 packets dropped by kernel
d6613.0
d6613.1
d6615.0
d6615.1
