Xavier Mertens wrote: > Et le paquet arrivé sur l'interface est bien NATé? > Ca bloque ou? La session TCP est établie? SYN/SYN+ACK/ACK > > /x > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Daniel > Sent: vendredi 12 octobre 2007 16:00 > To: linux@lists.unixtech.be > Subject: Re: [linux] port ssh actif ou pas ? > > Xavier Mertens wrote: > >> Si tu sniffes sur le linux, tu vois des packets SSH arriver? >> >> # tcpdump -i eth0 port 22 >> >> /x >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Daniel >> Sent: vendredi 12 octobre 2007 15:49 >> To: linux@lists.unixtech.be >> Subject: [linux] port ssh actif ou pas ? >> >> bonjour a tous >> j'ai un petit soucis avec ssh >> je suis en kernel 2.6.22.9 >> voila >> j'ai un nouveau routeur aethrea (belgacom), et dans advanced menu il y >> a l'option "NAPT" et la "LIST OF PROXY", jusque la tout va bien. >> donc j'active le service "SSH" dans "list of server" et je donne l'ip >> de la machine ou doit ce faire le SSH. >> >> si je fais un ssh adresse externe du routeur, j'ai toujour ou presque >> toujour un "Connection timed out". >> pourtant j'ai configure un serveur ftp http et telnet d'une autre >> machine sur le reseau par l'option "LIST OF PROXY", et cette machine >> repond bien sur l'adresse wan. >> deplus en interne le serveur ssh repond ! >> dans host.allow, j'ai la ligne sshd:ALL et j'ai aussi ajoute ALL:ALL >> >> faudrait-il encore ajouter qlq. pour que cela fonctionne ? ou >> deverouiller qlq. chose ? >> >> si qlq. un a une idee ou une solution pour resoudre ce probleme ! >> >> d'avance merci >> >> daniel >> >> _______________________________________________________ >> Linux Mailing List - http://www.unixtech.be >> Subscribe/Unsubscribe: >> http://lists.unixtech.be/cgi-bin/mailman/listinfo/linux >> Archives: http://www.mail-archive.com/linux@lists.unixtech.be >> IRC: chat.unixtech.be:6667 - #unixtech >> NNTP: news.gname.org - gmane.org.user-groups.linux.unixtech >> >> >> _______________________________________________________ >> Linux Mailing List - http://www.unixtech.be >> Subscribe/Unsubscribe: >> http://lists.unixtech.be/cgi-bin/mailman/listinfo/linux >> Archives: http://www.mail-archive.com/linux@lists.unixtech.be >> IRC: chat.unixtech.be:6667 - #unixtech >> NNTP: news.gname.org - gmane.org.user-groups.linux.unixtech >> >> > oui > daniel > > _______________________________________________________ > Linux Mailing List - http://www.unixtech.be > Subscribe/Unsubscribe: > http://lists.unixtech.be/cgi-bin/mailman/listinfo/linux > Archives: http://www.mail-archive.com/linux@lists.unixtech.be > IRC: chat.unixtech.be:6667 - #unixtech > NNTP: news.gname.org - gmane.org.user-groups.linux.unixtech > > > _______________________________________________________ > Linux Mailing List - http://www.unixtech.be > Subscribe/Unsubscribe: http://lists.unixtech.be/cgi-bin/mailman/listinfo/linux > Archives: http://www.mail-archive.com/linux@lists.unixtech.be > IRC: chat.unixtech.be:6667 - #unixtech > NNTP: news.gname.org - gmane.org.user-groups.linux.unixtech > cela termine par un "timed out"
et la capture darkstar:/mnt/LinuxD/divers/daniel# tcpdump -i eth0 port 22 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 15:57:08.805812 IP darkstar.darkstar.vador.33882 > 54.121-200-80.adsl-dyn.isp.belgacom.be.ssh: S 3264803826:3264803826(0) win 5840 <mss 1460,sackOK,timestamp 856096 0,nop,wscale 5> 15:57:08.809918 IP 54.121-200-80.adsl-dyn.isp.belgacom.be.58464 > darkstar.darkstar.vador.ssh: S 3264803826:3264803826(0) win 5840 <mss 1452,sackOK,timestamp 856096 0,nop,wscale 5> 15:57:08.809964 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 856097 856096,nop,wscale 5> 15:57:11.803683 IP darkstar.darkstar.vador.33882 > 54.121-200-80.adsl-dyn.isp.belgacom.be.ssh: S 3264803826:3264803826(0) win 5840 <mss 1460,sackOK,timestamp 856846 0,nop,wscale 5> 15:57:11.806353 IP 54.121-200-80.adsl-dyn.isp.belgacom.be.58464 > darkstar.darkstar.vador.ssh: S 3264803826:3264803826(0) win 5840 <mss 1452,sackOK,timestamp 856846 0,nop,wscale 5> 15:57:11.806402 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 856846 856096,nop,wscale 5> 15:57:12.007681 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 856897 856096,nop,wscale 5> 15:57:17.803683 IP darkstar.darkstar.vador.33882 > 54.121-200-80.adsl-dyn.isp.belgacom.be.ssh: S 3264803826:3264803826(0) win 5840 <mss 1460,sackOK,timestamp 858346 0,nop,wscale 5> 15:57:17.806347 IP 54.121-200-80.adsl-dyn.isp.belgacom.be.58464 > darkstar.darkstar.vador.ssh: S 3264803826:3264803826(0) win 5840 <mss 1452,sackOK,timestamp 858346 0,nop,wscale 5> 15:57:17.806395 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 858346 856096,nop,wscale 5> 15:57:18.007680 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 858397 856096,nop,wscale 5> 15:57:29.803690 IP darkstar.darkstar.vador.33882 > 54.121-200-80.adsl-dyn.isp.belgacom.be.ssh: S 3264803826:3264803826(0) win 5840 <mss 1460,sackOK,timestamp 861346 0,nop,wscale 5> 15:57:29.806366 IP 54.121-200-80.adsl-dyn.isp.belgacom.be.58464 > darkstar.darkstar.vador.ssh: S 3264803826:3264803826(0) win 5840 <mss 1452,sackOK,timestamp 861346 0,nop,wscale 5> 15:57:29.806425 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 861346 856096,nop,wscale 5> 15:57:30.207700 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 861447 856096,nop,wscale 5> 15:57:53.803685 IP darkstar.darkstar.vador.33882 > 54.121-200-80.adsl-dyn.isp.belgacom.be.ssh: S 3264803826:3264803826(0) win 5840 <mss 1460,sackOK,timestamp 867346 0,nop,wscale 5> 15:57:53.806356 IP 54.121-200-80.adsl-dyn.isp.belgacom.be.58464 > darkstar.darkstar.vador.ssh: S 3264803826:3264803826(0) win 5840 <mss 1452,sackOK,timestamp 867346 0,nop,wscale 5> 15:57:53.806405 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 867346 856096,nop,wscale 5> 15:57:54.207685 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 867447 856096,nop,wscale 5> 15:58:41.803688 IP darkstar.darkstar.vador.33882 > 54.121-200-80.adsl-dyn.isp.belgacom.be.ssh: S 3264803826:3264803826(0) win 5840 <mss 1460,sackOK,timestamp 879346 0,nop,wscale 5> 15:58:41.806352 IP 54.121-200-80.adsl-dyn.isp.belgacom.be.58464 > darkstar.darkstar.vador.ssh: S 3264803826:3264803826(0) win 5840 <mss 1452,sackOK,timestamp 879346 0,nop,wscale 5> 15:58:41.806399 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 879346 856096,nop,wscale 5> 15:58:42.407679 IP darkstar.darkstar.vador.ssh > 54.121-200-80.adsl-dyn.isp.belgacom.be.58464: S 3262037810:3262037810(0) ack 3264803827 win 5792 <mss 1460,sackOK,timestamp 879497 856096,nop,wscale 5> daniel _______________________________________________________ Linux Mailing List - http://www.unixtech.be Subscribe/Unsubscribe: http://lists.unixtech.be/cgi-bin/mailman/listinfo/linux Archives: http://www.mail-archive.com/linux@lists.unixtech.be IRC: chat.unixtech.be:6667 - #unixtech NNTP: news.gname.org - gmane.org.user-groups.linux.unixtech
