Hi,
Please look at this experiment.
1.Flush all tables with ACCEPT Policies
2.Do this:
host1# iptables -A INPUT -p tcp --tcp-flags ALL URG,PSH,FIN -j REJECT
--reject-with tcp-reset
host2# nmap -p 25 -sX host1
nmap answer: port 25 closed
3.Do this:
host1# iptables -A OUTPUT -t mangle -p tcp -j FTOS --set-ftos 0xc0
host2# nmap -p 25 -sX host1
nmap answer: port 25 closed
4.Do this:
host1# iptables -A PREROUTING -t mangle -p tcp -j FTOS --set-ftos 0xc0
host2# nmap -p 25 -sX host1
nmap answer: port 25 open.
And any port for that matter.
I found out, that if you nmap any port, and change TOS both at prerouting
and output nmap says open.
Here's the tcpdump output:
tcpdump: listening on eth0
16:30:43.330595 bsd1.ae.poznan.pl > dns.toxicfilms.tv: icmp: echo request
16:30:43.330804 dns.toxicfilms.tv > bsd1.ae.poznan.pl: icmp: echo reply
16:30:43.331317 bsd1.ae.poznan.pl.44930 > dns.toxicfilms.tv.www: . ack 2644064441 win
1024 [tos 0xc0]
16:30:43.331587 dns.toxicfilms.tv.www > bsd1.ae.poznan.pl.44930: R
2644064441:2644064441(0) win 0 (DF) [tos 0xc0]
16:30:43.658534 bsd1.ae.poznan.pl.44910 > dns.toxicfilms.tv.29: FP 0:0(0) win 1024 urg
0 [tos 0xc0]
16:30:43.658749 dns.toxicfilms.tv.29 > bsd1.ae.poznan.pl.44910: R 0:0(0) ack 1 win 0
(DF) [tos 0xc0]
16:30:43.960455 bsd1.ae.poznan.pl.44911 > dns.toxicfilms.tv.29: FP 0:0(0) win 1024 urg
0 [tos 0xc0]
16:30:43.960665 dns.toxicfilms.tv.29 > bsd1.ae.poznan.pl.44911: R 0:0(0) ack 1 win 0
(DF) [tos 0xc0]
I do not know why, but if both of these rules are up, we get 2 XMAS/RESET
exchanges, whereas with one or none TOS rules we get one exchange.
Any ideas?
I am not sure if it is a bug, or something normal.
Maciej Soltysiak
