Re: [Shorewall-users] Difficult NAT problem

Norman Henderson Sat, 28 Apr 2018 22:19:20 -0700

SO, UDP NAT has continued to happen overnight... Keeping that in mind here
is what I get immediately after conntrack -F :


Apr 29 06:03:50 voyage3 kernel: [34497.236640] TRACE:
raw:PREROUTING:policy:13 IN=vlan1 OUT=
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=10.1.0.252
LEN=411 TOS=0x00 PREC=0x60 TTL=64 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236640] TRACE:
raw:PREROUTING:policy:13 IN=vlan1 OUT=
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=10.1.0.252
LEN=411 TOS=0x00 PREC=0x60 TTL=64 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236685] TRACE:
mangle:PREROUTING:policy:1 IN=vlan1 OUT=
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=10.1.0.252
LEN=411 TOS=0x00 PREC=0x60 TTL=64 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236685] TRACE:
mangle:PREROUTING:policy:1 IN=vlan1 OUT=
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=10.1.0.252
LEN=411 TOS=0x00 PREC=0x60 TTL=64 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236716] TRACE: mangle:FORWARD:rule:1
IN=vlan1 OUT=wlan1 MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00
SRC=10.1.0.3 DST=192.168.1.35 LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015
PROTO=UDP SPT=5060 DPT=5060 LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236716] TRACE: mangle:FORWARD:rule:1
IN=vlan1 OUT=wlan1 MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00
SRC=10.1.0.3 DST=192.168.1.35 LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015
PROTO=UDP SPT=5060 DPT=5060 LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236733] TRACE:
mangle:FORWARD:policy:2 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236733] TRACE:
mangle:FORWARD:policy:2 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236750] TRACE: filter:FORWARD:rule:1
IN=vlan1 OUT=wlan1 MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00
SRC=10.1.0.3 DST=192.168.1.35 LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015
PROTO=UDP SPT=5060 DPT=5060 LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236750] TRACE: filter:FORWARD:rule:1
IN=vlan1 OUT=wlan1 MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00
SRC=10.1.0.3 DST=192.168.1.35 LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015
PROTO=UDP SPT=5060 DPT=5060 LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236773] TRACE:
filter:clean_frwd:rule:1 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236773] TRACE:
filter:clean_frwd:rule:1 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236793] TRACE:
filter:dynamic:return:1 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236793] TRACE:
filter:dynamic:return:1 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236812] TRACE:
filter:clean_frwd:rule:5 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236812] TRACE:
filter:clean_frwd:rule:5 IN=vlan1 OUT=wlan1
MAC=78:45:c4:17:55:91:08:00:27:e6:9f:f5:08:00 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236827] TRACE:
mangle:POSTROUTING:policy:1 IN= OUT=wlan1 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.236827] TRACE:
mangle:POSTROUTING:policy:1 IN= OUT=wlan1 SRC=10.1.0.3 DST=192.168.1.35
LEN=411 TOS=0x00 PREC=0x60 TTL=63 ID=53015 PROTO=UDP SPT=5060 DPT=5060
LEN=391
Apr 29 06:03:50 voyage3 kernel: [34497.267974] TRACE:
raw:PREROUTING:policy:13 IN=wlan1 OUT=
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35
DST=192.168.1.40 LEN=333 TOS=0x00 PREC=0x00 TTL=64 ID=47973 PROTO=UDP
SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.267974] TRACE:
raw:PREROUTING:policy:13 IN=wlan1 OUT=
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35
DST=192.168.1.40 LEN=333 TOS=0x00 PREC=0x00 TTL=64 ID=47973 PROTO=UDP
SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268002] TRACE:
mangle:PREROUTING:policy:1 IN=wlan1 OUT=
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35
DST=192.168.1.40 LEN=333 TOS=0x00 PREC=0x00 TTL=64 ID=47973 PROTO=UDP
SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268002] TRACE:
mangle:PREROUTING:policy:1 IN=wlan1 OUT=
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35
DST=192.168.1.40 LEN=333 TOS=0x00 PREC=0x00 TTL=64 ID=47973 PROTO=UDP
SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268021] TRACE: mangle:FORWARD:rule:1
IN=wlan1 OUT=vlan1 MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00
SRC=192.168.1.35 DST=10.1.0.3 LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973
PROTO=UDP SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268035] TRACE:
mangle:FORWARD:policy:2 IN=wlan1 OUT=vlan1
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35 DST=10.1.0.3
LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973 PROTO=UDP SPT=5060 DPT=5060
LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268021] TRACE: mangle:FORWARD:rule:1
IN=wlan1 OUT=vlan1 MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00
SRC=192.168.1.35 DST=10.1.0.3 LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973
PROTO=UDP SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268047] TRACE: filter:FORWARD:rule:2
IN=wlan1 OUT=vlan1 MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00
SRC=192.168.1.35 DST=10.1.0.3 LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973
PROTO=UDP SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268035] TRACE:
mangle:FORWARD:policy:2 IN=wlan1 OUT=vlan1
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35 DST=10.1.0.3
LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973 PROTO=UDP SPT=5060 DPT=5060
LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268062] TRACE:
filter:isavi_frwd:rule:2 IN=wlan1 OUT=vlan1
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35 DST=10.1.0.3
LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973 PROTO=UDP SPT=5060 DPT=5060
LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268047] TRACE: filter:FORWARD:rule:2
IN=wlan1 OUT=vlan1 MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00
SRC=192.168.1.35 DST=10.1.0.3 LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973
PROTO=UDP SPT=5060 DPT=5060 LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268071] TRACE:
mangle:POSTROUTING:policy:1 IN= OUT=vlan1 SRC=192.168.1.35 DST=10.1.0.3
LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973 PROTO=UDP SPT=5060 DPT=5060
LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268062] TRACE:
filter:isavi_frwd:rule:2 IN=wlan1 OUT=vlan1
MAC=f4:f2:6d:1e:a1:05:00:0b:68:01:f5:12:08:00 SRC=192.168.1.35 DST=10.1.0.3
LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973 PROTO=UDP SPT=5060 DPT=5060
LEN=313
Apr 29 06:03:50 voyage3 kernel: [34497.268071] TRACE:
mangle:POSTROUTING:policy:1 IN= OUT=vlan1 SRC=192.168.1.35 DST=10.1.0.3
LEN=333 TOS=0x00 PREC=0x00 TTL=63 ID=47973 PROTO=UDP SPT=5060 DPT=5060
LEN=313


On Sat, Apr 28, 2018 at 9:52 PM, Tom Eastep <teas...@shorewall.net> wrote:

> On 04/28/2018 12:53 PM, Norman Henderson wrote:
> > And, after a reboot, another trace. Interesting that the SRC doesn't
> > change, is that normal?
>
> Yes
>
> > tcpdump shows the source as 192.168.1.40 as it
> > should be.
> >
>
> -Tom
> --
> Tom Eastep        \   Q: What do you get when you cross a mobster with
> Shoreline,         \     an international standard?
> Washington, USA     \ A: Someone who makes you an offer you can't
> http://shorewall.org \   understand
>                       \_______________________________________________
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] Difficult NAT problem

Reply via email to