I've searched the archives, but the only thing that looked helpful to me
was the following:
"Dachstein and its predecessors block private ips by default. In Dachstein
you can just comment out the line that denies these It is in
/etc/ipfilter.conf - under stopmartians procedure # RFC 1918/1627/1597
blocks third line down just comment it $IPCH -A $LIST -j DENY -p all -s
192.168.0.0/16 -d 0/0 -l $* save it svi network reload if that makes
everything work then backup etc to the floppy."
Which I did, but it didn't help. There was another thread that looked
promising called "Can't Ping" but the problems and responses were quite
cryptic and confusing to me.
Once again the physical setup is as follows:
T1 to ISP's router (which handles DHCP)
ISP's router to Hub
Hub to Firewall (& other networks outside of firewall)
Firewall to Switch (internal network connected to this switch)
Our current SMTP server is set to forward all traffic to 208.57.96.252
which I think is the gateway address for the ISP's router--does that sound
right?
For testing purposes the internal network only consists of a single NT4
machine configured for dynamic IP addressing.
The output I get after commenting out the above line in ipfilter.conf is as
follows:
Leaf Distribution:
dachstein-cd-v1.0.2
/var/log/messages
Jan 29 18:05:17 Clean syslogd 1.3-3#31.slink1: restart.
Jan 29 18:05:18 Clean kernel: klogd 1.3-3#31.slink1, log source =
/proc/kmsg started.
Jan 29 18:05:18 Clean kernel: Cannot find map file.
Jan 29 18:05:18 Clean kernel: Loaded 24 symbols from 15 modules.
Jan 29 18:05:18 Clean kernel: Linux version 2.2.19-3-LEAF-RAID
(root@debian) (gcc version 2.7.2.3) #4 Sat Dec 1 17:27:59 CST 2001
Jan 29 18:05:18 Clean kernel: BIOS-provided physical RAM map:
Jan 29 18:05:18 Clean kernel: BIOS-e820: 0009f000 @ 00000000 (usable)
Jan 29 18:05:18 Clean kernel: BIOS-e820: 00f00000 @ 00100000 (usable)
Jan 29 18:05:18 Clean kernel: Console: colour VGA+ 80x25
Jan 29 18:05:18 Clean kernel: Calibrating delay loop... 33.28 BogoMIPS
Jan 29 18:05:18 Clean kernel: Memory: 13580k/16384k available (1108k kernel
code, 416k reserved, 488k data, 52k init)
Jan 29 18:05:18 Clean kernel: Checking if this processor honours the WP bit
even in supervisor mode... Ok.
Jan 29 18:05:18 Clean kernel: Dentry hash table entries: 2048 (order 2, 16k)
Jan 29 18:05:18 Clean kernel: Buffer cache hash table entries: 16384 (order
4, 64k)
Jan 29 18:05:18 Clean kernel: Page cache hash table entries: 4096 (order 2,
16k)
Jan 29 18:05:18 Clean kernel: CPU: AMD 486 DX/2-WB stepping 04
Jan 29 18:05:18 Clean kernel: Checking 386/387 coupling... OK, FPU using
exception 16 error reporting.
Jan 29 18:05:18 Clean kernel: Checking 'hlt' instruction... OK.
Jan 29 18:05:18 Clean kernel: POSIX conformance testing by UNIFIX
Jan 29 18:05:18 Clean kernel: PCI: PCI BIOS revision 2.00 entry at 0xfc9d0
Jan 29 18:05:18 Clean kernel: PCI: Using configuration type 1
Jan 29 18:05:18 Clean kernel: PCI: Probing PCI hardware
Jan 29 18:05:18 Clean kernel: Linux NET4.0 for Linux 2.2
Jan 29 18:05:18 Clean kernel: Based upon Swansea University Computer
Society NET3.039
Jan 29 18:05:18 Clean kernel: NET4: Unix domain sockets 1.0 for Linux NET4.0.
Jan 29 18:05:18 Clean kernel: NET4: Linux TCP/IP 1.0 for NET4.0
Jan 29 18:05:18 Clean kernel: IP Protocols: ICMP, UDP, TCP, IGMP
Jan 29 18:05:18 Clean kernel: TCP: Hash tables configured (ehash 16384
bhash 16384)
Jan 29 18:05:18 Clean kernel: Linux IP multicast router 0.06 plus PIM-SM
Jan 29 18:05:18 Clean kernel: klips_info:ipsec_init: KLIPS startup,
FreeS/WAN IPSec version: 1.91
Jan 29 18:05:18 Clean kernel: early initialization of device ipsec0 is
deferred
Jan 29 18:05:18 Clean kernel: early initialization of device ipsec1 is
deferred
Jan 29 18:05:18 Clean kernel: early initialization of device ipsec2 is
deferred
Jan 29 18:05:18 Clean kernel: early initialization of device ipsec3 is
deferred
Jan 29 18:05:18 Clean kernel: Initializing RT netlink socket
Jan 29 18:05:18 Clean kernel: Starting kswapd v 1.5
Jan 29 18:05:18 Clean kernel: Detected PS/2 Mouse Port.
Jan 29 18:05:18 Clean kernel: Serial driver version 4.27 with MANY_PORTS
MULTIPORT SHARE_IRQ enabled
Jan 29 18:05:18 Clean kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A
Jan 29 18:05:18 Clean kernel: Software Watchdog Timer: 0.05, timer margin:
60 sec
Jan 29 18:05:18 Clean kernel: Real Time Clock Driver v1.09
Jan 29 18:05:18 Clean kernel: RAM disk driver initialized: 16 RAM disks of
12288K size
Jan 29 18:05:18 Clean kernel: hda: TOSHIBA CD-ROM XM-5602B, ATAPI CDROM drive
Jan 29 18:05:18 Clean kernel: ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
Jan 29 18:05:18 Clean kernel: Floppy drive(s): fd0 is 1.44M
Jan 29 18:05:18 Clean kernel: FDC 0 is a National Semiconductor PC87306
Jan 29 18:05:18 Clean kernel: md driver 0.90.0 MAX_MD_DEVS=256, MAX_REAL=12
Jan 29 18:05:18 Clean kernel: raid5: measuring checksumming speed
Jan 29 18:05:18 Clean kernel: 8regs : 34.671 MB/sec
Jan 29 18:05:18 Clean kernel: 32regs : 25.146 MB/sec
Jan 29 18:05:18 Clean kernel: using fastest function: 8regs (34.671 MB/sec)
Jan 29 18:05:18 Clean kernel: NET4: Ethernet Bridge 007 for NET4.0
Jan 29 18:05:18 Clean kernel: early initialization of device brg0 is deferred
Jan 29 18:05:18 Clean kernel: brg0: network interface for Ethernet Bridge
007/NET4.0
Jan 29 18:05:18 Clean kernel: brg0: generated MAC address FE:FD:08:00:17:9F
Jan 29 18:05:18 Clean kernel: brg0: attached to bridge instance 0
Jan 29 18:05:18 Clean kernel: md.c: sizeof(mdp_super_t) = 4096
Jan 29 18:05:18 Clean kernel: Partition check:
Jan 29 18:05:18 Clean kernel: RAMDISK: Compressed image found at block 0
Jan 29 18:05:18 Clean kernel: RAMDISK: Uncompressing root archive: done.
Jan 29 18:05:18 Clean kernel: RAMDISK: Auto Filesystem - minix: 4096i
12288bk 133fdz(133) 1024zs 2147483647ms
Jan 29 18:05:18 Clean kernel: autodetecting RAID arrays
Jan 29 18:05:18 Clean kernel: autorun ...
Jan 29 18:05:18 Clean kernel: ... autorun DONE.
Jan 29 18:05:18 Clean kernel: VFS: Mounted root (minix filesystem).
Jan 29 18:05:18 Clean kernel: RAMDISK: Extracting root archive: done.
Jan 29 18:05:18 Clean kernel: hda: ATAPI 8X CD-ROM drive, 256kB Cache
Jan 29 18:05:18 Clean kernel: Uniform CD-ROM driver Revision: 3.11
Jan 29 18:05:18 Clean kernel: autodetecting RAID arrays
Jan 29 18:05:18 Clean kernel: autorun ...
Jan 29 18:05:18 Clean kernel: ... autorun DONE.
Jan 29 18:05:18 Clean kernel: Freeing unused kernel memory: 52k freed
Jan 29 18:05:18 Clean kernel: rtl8139.c:v1.12 9/14/2000 Donald Becker,
[EMAIL PROTECTED]
Jan 29 18:05:18 Clean kernel: http://www.scyld.com/network/rtl8139.html
Jan 29 18:05:18 Clean kernel: The PCI BIOS has not enabled the device at
0/48! Updating PCI command 0003->0007.
Jan 29 18:05:18 Clean kernel: eth0: RealTek RTL8139 Fast Ethernet at
0xfe00, IRQ 9, 00:90:47:01:98:80.
Jan 29 18:05:18 Clean kernel: The PCI BIOS has not enabled the device at
0/56! Updating PCI command 0003->0007.
Jan 29 18:05:18 Clean kernel: eth1: RealTek RTL8139 Fast Ethernet at
0xfc00, IRQ 10, 00:90:47:01:a0:7a.
Jan 29 18:05:34 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.1:520 192.168.1.255:520 L=72 S=0x00 I=33781 F=0x0000 T=48 (#16)
Jan 29 18:05:59 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25744 F=0x0000 T=128 (#16)
Jan 29 18:05:59 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25752 F=0x0000 T=128 (#16)
Jan 29 18:06:00 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25753 F=0x0000 T=128 (#16)
Jan 29 18:06:01 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25754 F=0x0000 T=128 (#16)
Jan 29 18:06:01 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:138 192.168.1.255:138 L=244 S=0x00 I=43356 F=0x0000 T=128 (#16)
Jan 29 18:06:02 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25755 F=0x0000 T=128 (#16)
Jan 29 18:06:02 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25756 F=0x0000 T=128 (#16)
Jan 29 18:06:03 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25757 F=0x0000 T=128 (#16)
Jan 29 18:06:04 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25758 F=0x0000 T=128 (#16)
Jan 29 18:06:05 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25759 F=0x0000 T=128 (#16)
Jan 29 18:06:06 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25760 F=0x0000 T=128 (#16)
Jan 29 18:06:06 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25761 F=0x0000 T=128 (#16)
Jan 29 18:06:07 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25762 F=0x0000 T=128 (#16)
Jan 29 18:06:07 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.1:520 192.168.1.255:520 L=72 S=0x00 I=33786 F=0x0000 T=48 (#16)
Jan 29 18:06:08 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25763 F=0x0000 T=128 (#16)
Jan 29 18:06:09 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25764 F=0x0000 T=128 (#16)
Jan 29 18:06:09 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25765 F=0x0000 T=128 (#16)
Jan 29 18:06:10 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25766 F=0x0000 T=128 (#16)
Jan 29 18:06:11 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25767 F=0x0000 T=128 (#16)
Jan 29 18:06:12 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.15:137 192.168.1.255:137 L=78 S=0x00 I=25768 F=0x0000 T=128 (#16)
Jan 29 18:06:34 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:34 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:06:35 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:35 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:06:36 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:36 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:06:38 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:38 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:06:40 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:40 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:06:40 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.1:520 192.168.1.255:520 L=72 S=0x00 I=33791 F=0x0000 T=48 (#16)
Jan 29 18:06:41 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:41 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:06:42 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:42 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:06:43 Clean kernel: martian source 0101a8c0 for fe01a8c0, dev eth1
Jan 29 18:06:43 Clean kernel: ll header: ff ff ff ff ff ff 00 08 c7 6c ba
70 08 06
Jan 29 18:07:13 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.1:520 192.168.1.255:520 L=72 S=0x00 I=33800 F=0x0000 T=48 (#16)
Jan 29 18:07:40 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:138 192.168.1.255:138 L=202 S=0x00 I=43357 F=0x0000 T=128 (#16)
Jan 29 18:07:40 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43358 F=0x0000 T=128 (#16)
Jan 29 18:07:40 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43359 F=0x0000 T=128 (#16)
Jan 29 18:07:41 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43360 F=0x0000 T=128 (#16)
Jan 29 18:07:44 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:138 192.168.1.255:138 L=202 S=0x00 I=43361 F=0x0000 T=128 (#16)
Jan 29 18:07:44 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43362 F=0x0000 T=128 (#16)
Jan 29 18:07:45 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43363 F=0x0000 T=128 (#16)
Jan 29 18:07:45 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43364 F=0x0000 T=128 (#16)
Jan 29 18:07:46 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.1:520 192.168.1.255:520 L=72 S=0x00 I=33805 F=0x0000 T=48 (#16)
Jan 29 18:07:48 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:138 192.168.1.255:138 L=202 S=0x00 I=43365 F=0x0000 T=128 (#16)
Jan 29 18:07:48 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43366 F=0x0000 T=128 (#16)
Jan 29 18:07:49 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43367 F=0x0000 T=128 (#16)
Jan 29 18:07:50 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:137 192.168.1.255:137 L=78 S=0x00 I=43368 F=0x0000 T=128 (#16)
Jan 29 18:07:52 Clean kernel: Packet log: input DENY eth0 PROTO=17
192.168.1.180:138 192.168.1.255:138 L=211 S=0x00 I=43369 F=0x0000 T=128 (#16)
ip addr show
1: lo: <LOOPBACK,UP> mtu 3924 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope global lo
2: ipsec0: <NOARP> mtu 0 qdisc noop qlen 10
link/ipip
3: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10
link/ipip
4: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10
link/ipip
5: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10
link/ipip
6: brg0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
link/ether fe:fd:08:00:17:9f brd ff:ff:ff:ff:ff:ff
7: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:90:47:01:98:80 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.25/24 brd 192.168.1.255 scope global eth0
8: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:90:47:01:a0:7a brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1
ip route show
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.25
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254
default via 192.168.1.1 dev eth0
ipchains -nvL
Chain input (policy DENY: 3 packets, 1224 bytes):
pkts bytes target prot opt tosa
tosx ifname mark outsize source destination
ports
0 0 DENY icmp ----l- 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
5 -> *
0 0 DENY icmp ----l- 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
13 -> *
0 0 DENY icmp ----l- 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
14 -> *
0 0 DENY all ----l- 0xFF
0x00 eth0 0.0.0.0 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 255.255.255.255 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 127.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 224.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 10.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 172.16.0.0/12 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 0.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 128.0.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 191.255.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 192.0.0.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 223.255.255.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 240.0.0.0/4 0.0.0.0/0
n/a
49 5518 DENY all ----l- 0xFF
0x00 eth0 192.168.1.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 192.168.1.25 0.0.0.0/0
n/a
0 0 REJECT all ----l- 0xFF
0x00 eth0 0.0.0.0/0 127.0.0.0/8
n/a
0 0 REJECT all ----l- 0xFF
0x00 eth0 0.0.0.0/0 192.168.1.0/24
n/a
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 137
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 135
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 137
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 135
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 138:139
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 138
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
137:138 -> *
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
135 -> *
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
137:139 -> *
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
135 -> *
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 113
0 0 ACCEPT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 1024:65535
0 0 REJECT udp ----l- 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 161:162
0 0 ACCEPT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 53
0 0 ACCEPT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 68
0 0 DENY udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 67
0 0 ACCEPT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 1024:65535
0 0 ACCEPT icmp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> *
0 0 ACCEPT ospf ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
n/a
0 0 REJECT udp ----l- 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
* -> 161:162
0 0 REJECT udp ----l- 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
161:162 -> *
0 0 ACCEPT all ------ 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
n/a
Chain forward (policy DENY: 0 packets, 0 bytes):
pkts bytes target prot opt tosa
tosx ifname mark outsize source destination
ports
0 0 DENY icmp ----l- 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
5 -> *
0 0 MASQ all ------ 0xFF
0x00 eth0 192.168.1.0/24 0.0.0.0/0
n/a
0 0 DENY all ------ 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
n/a
Chain output (policy DENY: 0 packets, 0 bytes):
pkts bytes target prot opt tosa
tosx ifname mark outsize source destination
ports
0 0 fairq all ------ 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 0.0.0.0 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 255.255.255.255 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 127.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 224.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 10.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 172.16.0.0/12 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 0.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 128.0.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 191.255.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 192.0.0.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 223.255.255.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF
0x00 eth0 240.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all ------ 0xFF
0x00 eth0 192.168.1.0/24 0.0.0.0/0
n/a
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 137
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 135
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 137
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 135
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 138:139
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
* -> 138
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
137:138 -> *
0 0 REJECT udp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
135 -> *
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
137:139 -> *
0 0 REJECT tcp ------ 0xFF
0x00 eth0 0.0.0.0/0 0.0.0.0/0
135 -> *
0 0 ACCEPT all ------ 0xFF
0x00 * 0.0.0.0/0 0.0.0.0/0
n/a
Chain fairq (1 references):
pkts bytes target prot opt tosa
tosx ifname mark outsize source destination
ports
0 0 RETURN ospf ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
n/a
0 0 RETURN ospf ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
n/a
0 0 RETURN udp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
* -> 520
0 0 RETURN udp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
520 -> *
0 0 RETURN tcp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
* -> 179
0 0 RETURN tcp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
179 -> *
0 0 RETURN tcp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
* -> 53
0 0 RETURN tcp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
53 -> *
0 0 RETURN udp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
* -> 53
0 0 RETURN udp ------ 0xFF
0x00 * 0x1 0.0.0.0/0 0.0.0.0/0
53 -> *
0 0 RETURN tcp ------ 0xFF
0x00 * 0x2 0.0.0.0/0 0.0.0.0/0
* -> 23
0 0 RETURN tcp ------ 0xFF
0x00 * 0x2 0.0.0.0/0 0.0.0.0/0
23 -> *
0 0 RETURN tcp ------ 0xFF
0x00 * 0x2 0.0.0.0/0 0.0.0.0/0
* -> 22
0 0 RETURN tcp ------ 0xFF
0x00 * 0x2 0.0.0.0/0 0.0.0.0/0
22 -> *
Ping from NT4 to eth0 (192.168.1.25)
Request timed out.
Ping from NT4 to eth1 (192.168.1.254)
Request timed out.
Ping from NT4 to 208.57.96.252
Request timed out.
Ping from firewall to 208.57.96.252
Ping: sendto: Operation not permitted
Ping from firewall to NT4 (192.168.1.1)
Ping: sendto: Operation not permitted
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
- Re: [leaf-user] My Dachstein not quite up and running Chris Low
- Re: [leaf-user] My Dachstein not quite up and ru... Lynn Avants
- Re: [leaf-user] My Dachstein not quite up an... Chris Low
- Re: [leaf-user] My Dachstein not quite u... Lynn Avants
- [leaf-user] Socks5 error M Lu
- Re: [leaf-user] My Dachstein not qui... Chris Low
- Re: [leaf-user] My Dachstein no... Ray Olszewski
- Re: [leaf-user] My Dachstei... Chris Low
- Re: [leaf-user] My Dach... Ray Olszewski
- Re: [leaf-user] My Dach... Chris Low
- Re: [leaf-user] My Dach... Ray Olszewski
- Re: [leaf-user] My Dach... Charles Steinkuehler
- Re: [leaf-user] My Dach... Chris Low
- Re: [leaf-user] My Dach... Charles Steinkuehler
- Re: [leaf-user] My Dach... Lynn Avants
- Re: [leaf-user] My Dach... Ray Olszewski
