On Thursday 26 October 2006 22:53, Mihai Osian wrote: > On 10/26/06, George-Cristian Bîrzan <[EMAIL PROTECTED]> wrote: > > On Thursday 26 October 2006 22:32, Mihai Osian wrote: > > > [EMAIL PROTECTED]:~$ sudo netstat-nat -n | grep 192.168.0.200 | grep :25 > > > tcp 192.168.0.200:3458 209.204.157.124:25 > > > ESTABLISHED tcp 192.168.0.200:3452 192.193.221.102:25 > > > ESTABLISHED tcp 192.168.0.200:1804 165.21.74.122:25 > > > ESTABLISHED tcp 192.168.0.200:1581 206.18.177.26:25 > > > ESTABLISHED > > > > Alea sunt facute de masina locala. Adica de gateway-ul tau. (Asta daca nu > > faci NAT in vreun fel care-mi scapa mie, la netstat nu ar trebui sa-ti > > apara conexiunile forwardate...) > > Daca te uiti cu atentie, utilizez "netstat-nat", care e altceva decit > "netstat".
Ugh. Am crezut ca a disparut un spatiu la paste. :-( I suck. Too much beer, that kind of stuff... > Apropo, netstat-nat foloseste /proc/net/ip_conntrack, si daca bine > inteleg eu documentatia, ip_conntrack se bazeaza pe PREROUTING, deci > ar trebui sa imi arate si conexiunile care vor fi filtrate de > iptables. Poate cineva sa imi confirme ? Presupunind ca e asa (= imi > arata conexiuni care vor fi filtrate de regula mea), de ce nu vad > totusi nici un match la regula respectiva cind rulez "iptables -L -v" Pentru ca atunci cand trece prin FORWARD la dus (spre exterior) are sursa schimbata (PREROUTING vine inainte de FORWARD). -- George-Cristian Bîrzan Network Engineer _______________________________________ RCS & RDS Constanta Tel.: +40341.400.401 / +40341.400.402 Fax: +40341.400.450 http://www.rcs-rds.ro _______________________________________ Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such a case, you should destroy this message and kindly notify the sender by reply e-mail. _______________________________________________ RLUG mailing list RLUG@lists.lug.ro http://lists.lug.ro/mailman/listinfo/rlug
