Lascio i dati della mail precedente in modo che in una solo messaggio si
ritrova tutto. Per gli altri dati si veda in fondo al messaggio.
In ogni caso ecco i dati chiesti.
A me sembrano a posto.
~# brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no peth0
vif0.0
vif2.2
xenbr1 8000.feffffffffff no peth1
vif0.1
vif1.0
vif2.0
xenbr2 8000.feffffffffff no peth2
vif0.2
vif2.1
~#
~#
~# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:07:E9:85:07:C8
inet addr:192.168.255.102 Bcast:192.168.255.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:75843 errors:0 dropped:0 overruns:0 frame:0
TX packets:79970 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14289385 (13.6 MiB) TX bytes:10989022 (10.4 MiB)
eth1 Link encap:Ethernet HWaddr 00:60:97:4B:16:CD
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:50 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2858 (2.7 KiB) TX bytes:0 (0.0 b)
eth2 Link encap:Ethernet HWaddr 00:13:46:2D:85:C2
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:179 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7518 (7.3 KiB) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:24009 errors:0 dropped:0 overruns:0 frame:0
TX packets:24009 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6228686 (5.9 MiB) TX bytes:6228686 (5.9 MiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:76292 errors:0 dropped:0 overruns:0 frame:0
TX packets:79778 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:14317773 (13.6 MiB) TX bytes:10967749 (10.4 MiB)
peth1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:82580 errors:0 dropped:0 overruns:0 frame:0
TX packets:82261 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32376813 (30.8 MiB) TX bytes:55226677 (52.6 MiB)
Interrupt:19 Base address:0xd800
peth2 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:17 Base address:0xd400
veth3 Link encap:Ethernet HWaddr 00:00:00:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
veth4 Link encap:Ethernet HWaddr 00:00:00:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
veth5 Link encap:Ethernet HWaddr 00:00:00:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
veth6 Link encap:Ethernet HWaddr 00:00:00:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
veth7 Link encap:Ethernet HWaddr 00:00:00:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:79970 errors:0 dropped:0 overruns:0 frame:0
TX packets:75843 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10989022 (10.4 MiB) TX bytes:14289385 (13.6 MiB)
vif0.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:2858 (2.7 KiB)
vif0.2 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:179 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:7518 (7.3 KiB)
vif0.3 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vif0.4 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vif0.5 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vif0.6 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vif0.7 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:82443 errors:0 dropped:0 overruns:0 frame:0
TX packets:82777 errors:0 dropped:25 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:55171915 (52.6 MiB) TX bytes:32293425 (30.7 MiB)
vif2.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:222 errors:0 dropped:0 overruns:0 frame:0
TX packets:185 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:30731 (30.0 KiB) TX bytes:24678 (24.0 KiB)
vif2.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:179 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7518 (7.3 KiB) TX bytes:0 (0.0 b)
vif2.2 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:434 errors:0 dropped:0 overruns:0 frame:0
TX packets:1157 errors:0 dropped:191 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:52643 (51.4 KiB) TX bytes:107592 (105.0 KiB)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:19951 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2952816 (2.8 MiB) TX bytes:0 (0.0 b)
xenbr1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:40 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1732 (1.6 KiB) TX bytes:0 (0.0 b)
xenbr2 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:179 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5012 (4.8 KiB) TX bytes:0 (0.0 b)
~#
Aggiungo un po' di dati presi con tcpdump.
Il primo è l'apertura della sessione fatta da A verso B passando per C
(tutti i sistemi sono sullo steso HW con xen)
Il secondo è fatto da un PC in lan sempre verso B e sempre passando per C .
~# tcpdump -nvvvXi vif1.0 port 22
tcpdump: WARNING: vif1.0: no IPv4 address assigned
tcpdump: listening on vif1.0, link-type EN10MB (Ethernet), capture size
96 bytes
22:40:21.633733 IP (tos 0x0, ttl 63, id 8369, offset 0, flags [DF],
length: 60) 192.168.255.102.38127 > 192.168.254.2.22: S [tcp sum ok]
2805953270:2805953270(0) win 5840 <mss 1460,sackOK,timestamp 1331783
0,nop,wscale 2>
0x0000: 4500 003c 20b1 4000 3f06 9c50 c0a8 ff66 E..<[EMAIL PROTECTED]
0x0010: c0a8 fe02 94ef 0016 a73f 72f6 0000 0000 .........?r.....
0x0020: a002 16d0 b0e3 0000 0204 05b4 0402 080a ................
0x0030: 0014 5247 0000 0000 0103 0302 ..RG........
22:40:21.634242 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF],
length: 60) 192.168.254.2.22 > 192.168.255.102.38127: S [tcp sum ok]
2800288855:2800288855(0) ack 2805953271 win 5792 <mss
1460,sackOK,timestamp 1322169 1331783,nop,wscale 2>
0x0000: 4500 003c 0000 4000 4006 bc01 c0a8 fe02 E..<[EMAIL
PROTECTED]@.......
0x0010: c0a8 ff66 0016 94ef a6e9 0457 a73f 72f7 ...f.......W.?r.
0x0020: a012 16a0 d8f4 0000 0204 05b4 0402 080a ................
0x0030: 0014 2cb9 0014 5247 0103 0302 ..,...RG....
22:40:21.635304 IP (tos 0x0, ttl 63, id 8371, offset 0, flags [DF],
length: 52) 192.168.255.102.38127 > 192.168.254.2.22: . [tcp sum ok]
1:1(0) ack 1 win 1460 <nop,nop,timestamp 1331783 1322169>
0x0000: 4500 0034 20b3 4000 3f06 9c56 c0a8 ff66 [EMAIL PROTECTED]
0x0010: c0a8 fe02 94ef 0016 a73f 72f7 a6e9 0458 .........?r....X
0x0020: 8010 05b4 18a8 0000 0101 080a 0014 5247 ..............RG
0x0030: 0014 2cb9 ..,.
22:40:21.644768 IP (tos 0x0, ttl 64, id 10465, offset 0, flags [DF],
length: 83) 192.168.254.2.22 > 192.168.255.102.38127: P 1:32(31) ack 1
win 1448 <nop,nop,timestamp 1322170 1331783>
0x0000: 4500 0053 28e1 4000 4006 9309 c0a8 fe02 E..S([EMAIL
PROTECTED]@.......
0x0010: c0a8 ff66 0016 94ef a6e9 0458 a73f 72f7 ...f.......X.?r.
0x0020: 8018 05a8 7f00 0000 0101 080a 0014 2cba ..............,.
0x0030: 0014 5247 5353 482d 322e 302d 4f70 656e ..RGSSH-2.0-Open
0x0040: 5353 485f 342e 3270 3120 4465 6269 616e SSH_4.2p1.Debian
0x0050: 2d35 -5
22:40:21.645780 IP (tos 0x0, ttl 63, id 8373, offset 0, flags [DF],
length: 52) 192.168.255.102.38127 > 192.168.254.2.22: . [tcp sum ok]
1:1(0) ack 32 win 1460 <nop,nop,timestamp 1331784 1322170>
0x0000: 4500 0034 20b5 4000 3f06 9c54 c0a8 ff66 [EMAIL PROTECTED]
0x0010: c0a8 fe02 94ef 0016 a73f 72f7 a6e9 0477 .........?r....w
0x0020: 8010 05b4 1887 0000 0101 080a 0014 5248 ..............RH
0x0030: 0014 2cba ..,.
22:40:21.646054 IP (tos 0x0, ttl 63, id 8375, offset 0, flags [DF],
length: 93) 192.168.255.102.38127 > 192.168.254.2.22: P 1:42(41) ack 32
win 1460 <nop,nop,timestamp 1331784 1322170>
0x0000: 4500 005d 20b7 4000 3f06 9c29 c0a8 ff66 [EMAIL PROTECTED])...f
0x0010: c0a8 fe02 94ef 0016 a73f 72f7 a6e9 0477 .........?r....w
0x0020: 8018 05b4 9705 0000 0101 080a 0014 5248 ..............RH
0x0030: 0014 2cba 5353 482d 322e 302d 4f70 656e ..,.SSH-2.0-Open
0x0040: 5353 485f 332e 382e 3170 3120 4465 6269 SSH_3.8.1p1.Debi
0x0050: 616e an
22:40:21.646352 IP (tos 0x0, ttl 64, id 10467, offset 0, flags [DF],
length: 52) 192.168.254.2.22 > 192.168.255.102.38127: . [tcp sum ok]
32:32(0) ack 42 win 1448 <nop,nop,timestamp 1322170 1331784>
0x0000: 4500 0034 28e3 4000 4006 9326 c0a8 fe02 E..4([EMAIL
PROTECTED]@..&....
0x0010: c0a8 ff66 0016 94ef a6e9 0477 a73f 7320 ...f.......w.?s.
0x0020: 8010 05a8 186a 0000 0101 080a 0014 2cba .....j........,.
0x0030: 0014 5248 ..RH
22:26:49.845048 IP (tos 0x0, ttl 64, id 4536, offset 0, flags [DF],
proto: TCP (6), length: 60) 192.168.255.2.52179 > 192.168.254.2.22: S,
cksum 0x2264 (correct), 4052214223:4052214223(0) win 5840 <mss
1460,sackOK,timestamp 12578935 0,nop,wscale 4>
0x0000: 4500 003c 11b8 4000 4006 aaad c0a8 ff02 E..<[EMAIL
PROTECTED]@.......
0x0010: c0a8 fe02 cbd3 0016 f187 e1cf 0000 0000 ................
0x0020: a002 16d0 2264 0000 0204 05b4 0402 080a ...."d..........
0x0030: 00bf f077 0000 0000 0103 0304 ...w........
22:26:49.846284 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto:
TCP (6), length: 60) 192.168.254.2.22 > 192.168.255.2.52179: S, cksum
0x1120 (correct), 1946856978:1946856978(0) ack 4052214224 win 5792 <mss
1460,sackOK,timestamp 1240885 12578935,nop,wscale 2>
0x0000: 4500 003c 0000 4000 3f06 bd65 c0a8 fe02 E..<[EMAIL PROTECTED]
0x0010: c0a8 ff02 0016 cbd3 740a ae12 f187 e1d0 ........t.......
0x0020: a012 16a0 1120 0000 0204 05b4 0402 080a ................
0x0030: 0012 ef35 00bf f077 0103 0302 ...5...w....
22:26:49.846323 IP (tos 0x0, ttl 64, id 4537, offset 0, flags [DF],
proto: TCP (6), length: 52) 192.168.255.2.52179 > 192.168.254.2.22: .,
cksum 0x551a (correct), 1:1(0) ack 1 win 365 <nop,nop,timestamp 12578935
1240885>
0x0000: 4500 0034 11b9 4000 4006 aab4 c0a8 ff02 [EMAIL
PROTECTED]@.......
0x0010: c0a8 fe02 cbd3 0016 f187 e1d0 740a ae13 ............t...
0x0020: 8010 016d 551a 0000 0101 080a 00bf f077 ...mU..........w
0x0030: 0012 ef35 ...5
22:26:49.856034 IP (tos 0x0, ttl 63, id 16678, offset 0, flags [DF],
proto: TCP (6), length: 83) 192.168.254.2.22 > 192.168.255.2.52179: P
1:32(31) ack 1 win 1448 <nop,nop,timestamp 1240885 12578935>
0x0000: 4500 0053 4126 4000 3f06 7c28 c0a8 fe02 E..SA&@.?.|(....
0x0010: c0a8 ff02 0016 cbd3 740a ae13 f187 e1d0 ........t.......
0x0020: 8018 05a8 7e9c 0000 0101 080a 0012 ef35 ....~..........5
0x0030: 00bf f077 5353 482d 322e 302d 4f70 656e ...wSSH-2.0-Open
0x0040: 5353 485f 342e 3270 3120 4465 6269 616e SSH_4.2p1.Debian
0x0050: 2d35 -5
22:26:50.055393 IP (tos 0x0, ttl 63, id 16680, offset 0, flags [DF],
proto: TCP (6), length: 83) 192.168.254.2.22 > 192.168.255.2.52179: P
1:32(31) ack 1 win 1448 <nop,nop,timestamp 1240906 12578935>
0x0000: 4500 0053 4128 4000 3f06 7c26 c0a8 fe02 E..SA(@.?.|&....
0x0010: c0a8 ff02 0016 cbd3 740a ae13 f187 e1d0 ........t.......
0x0020: 8018 05a8 7e9c 0000 0101 080a 0012 ef4a ....~..........J
0x0030: 00bf f077 5353 482d 322e 302d 4f70 656e ...wSSH-2.0-Open
0x0040: 5353 485f 342e 3270 3120 4465 6269 616e SSH_4.2p1.Debian
0x0050: 2d35 -5
Nel dubbio ho anche verificato via iptables (sulla chain INPUT) che sul
client in rete i pacchetti arrivano, ma il client non risponde come si
vede dalle righe che seguono:
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=TCP
SPT=22 DPT=56786 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=83 TOS=0x00 PREC=0x00 TTL=63 ID=13563 DF PROTO=TCP
SPT=22 DPT=56786 WINDOW=1448 RES=0x00 ACK PSH URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=13565 DF PROTO=TCP
SPT=22 DPT=56786 WINDOW=1448 RES=0x00 ACK URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=13567 DF PROTO=TCP
SPT=22 DPT=56786 WINDOW=1804 RES=0x00 ACK URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=756 TOS=0x00 PREC=0x00 TTL=63 ID=13569 DF
PROTO=TCP SPT=22 DPT=56786 WINDOW=1804 RES=0x00 ACK PSH URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=204 TOS=0x00 PREC=0x00 TTL=63 ID=13571 DF
PROTO=TCP SPT=22 DPT=56786 WINDOW=1804 RES=0x00 ACK PSH URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=772 TOS=0x00 PREC=0x00 TTL=63 ID=13573 DF
PROTO=TCP SPT=22 DPT=56786 WINDOW=1804 RES=0x00 ACK PSH URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=13575 DF PROTO=TCP
SPT=22 DPT=56786 WINDOW=1804 RES=0x00 ACK URGP=0
Oct 27 23:12:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:00:40:f4:67:92:a6:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=13577 DF PROTO=TCP
SPT=22 DPT=56786 WINDOW=1804 RES=0x00 ACK URGP=0
Oct 27 23:03:25 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Oct 27 23:03:25 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=83 TOS=0x00 PREC=0x00 TTL=63 ID=55782 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=1448 RES=0x00 ACK PSH URGP=0
Oct 27 23:03:25 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=83 TOS=0x00 PREC=0x00 TTL=63 ID=55784 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=1448 RES=0x00 ACK PSH URGP=0
Oct 27 23:03:26 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=83 TOS=0x00 PREC=0x00 TTL=63 ID=55786 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=1448 RES=0x00 ACK PSH URGP=0
Oct 27 23:03:27 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=83 TOS=0x00 PREC=0x00 TTL=63 ID=55788 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=1448 RES=0x00 ACK PSH URGP=0
Oct 27 23:03:28 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=83 TOS=0x00 PREC=0x00 TTL=63 ID=55790 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=1448 RES=0x00 ACK PSH URGP=0
Oct 27 23:03:32 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=83 TOS=0x00 PREC=0x00 TTL=63 ID=55792 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=1448 RES=0x00 ACK PSH URGP=0
Oct 27 23:03:34 localhost kernel: IN=eth1 OUT=
MAC=00:10:4b:c3:0e:3d:aa:00:00:00:00:90:08:00 SRC=192.168.254.2
DST=192.168.255.2 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=55794 DF PROTO=TCP
SPT=22 DPT=34210 WINDOW=1448 RES=0x00 ACK FIN URGP=0
Se i pacchetti arrivano alla chain INPUT, ma ssh non risponde dove si
perdono? O meglio perchè ssh non risponde?
Se qualcuno vuole i dati sopra li ho disponibili in un file di teto che
posso allegare ad una mail, molto più comodo da leggere che qui.
--
ing. Andrea Gelpi
***************************************************
La Terra non la abbiamo ereditata dai nostri avi,
ma la abbiamo presa in prestito dai nostri bambini.
***************************************************
________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List
