Delivery Failure: Re: Could someone please explain this output?

Thu, 16 Aug 2001 17:39:04 -0500 

Your message, Re: Could someone please explain this output?,
was not delivered to the following recipient:
[EMAIL PROTECTED]

Reason: System error: Please re-send your message later.
Recipient: [EMAIL PROTECTED]
--- Begin Message --- 
Hi,

        Here is the output from 'ipchains -L input -v' :

Chain input (policy DENY: 0 packets, 0 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark
outsize  source                destination           ports
  380 34580 ACCEPT     all  ------ 0xFF 0x00  lo
anywhere             anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  !lo
127.0.0.0/8          anywhere              n/a
10502 1034K ACCEPT     all  ------ 0xFF 0x00  eth1
localnet/24          anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  eth0
localnet/24          anywhere              n/a
15049 9223K ACCEPT     all  ------ 0xFF 0x00  eth0
anywhere             cs9349-21.austin.rr.com  n/a
    0     0 ACCEPT     all  ------ 0xFF 0x00  eth0
anywhere             255.255.255.255       n/a
    0     0 DENY       all  ----l- 0xFF 0x00  any
anywhere             anywhere              n/a

        This confirms Vineet's diagnosis. I cant help notice that the 'l'
flag is set in the 'opt' field every time the target is DENY. Is this a
coincidence? Where is the meaning of this output documented? I couldnt
find it anywhere.

        Also, I am not sure of the purpose of these rules - especially the
ones with DENY. Why are they blocking what they are blocking?

Thanks,
Jor-el

On Thu, 16 Aug 2001, Vineet Kumar wrote:

> 
> > 
> >     How do I interpret this output? For example, the lines handling
> > the source = localnet/24 - will they let a packet from outside pass in or
> > be rejected? Why are there two lines? This configuration is the result of
> > me doing a 'apt-get install ipmasq' - so there really hasnt been any
> > customization by me.
> > 
> 
> You'll get more meaningful output with 
> 
> ipchains -L -v
> 
> What I suspect is going on is that the rules say something like
> localhost/8 -i ! lo -j DENY and localnet/24 -i eth0 -j ACCEPT and
> localnet/24 -i ! et0 -j DENY. The -v flag will show you the interfaces
> specified in the rules as well, so you can understand what's going on.
> 
> Cheers,
> 
> -- 
> Vineet                                   http://www.anti-dmca.org
> Unauthorized use of this .sig may constitute violation of US law.
> Qba\'g gernq ba zr\!                  |tr 'a-zA-Z' 'n-za-mN-ZA-M'
> 



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

--- End Message ---

Reply via email to