s�n, 2002-04-14 kl. 17:00 skrev Ramin Alidousti: > Hmm, interesting. Can you send the netstat output to see that ports 2 and 3 > are actually being used?
No, but you can have the log of the "block". Ports 2 & 3 were being blocked for LS and not for FTP. Best, Tonni Here it comes (extract from /var/log/messages), Linux: Apr 14 10:53:03 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=5511 DF PROTO=TCP SPT=2 DPT=35455 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:53:06 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=5513 DF PROTO=TCP SPT=2 DPT=35455 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:53:13 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=5514 DF PROTO=TCP SPT=2 DPT=35455 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:53:26 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=46253 DF PROTO=TCP SPT=2 DPT=35455 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:53:53 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=46254 DF PROTO=TCP SPT=2 DPT=35455 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:54:47 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=46262 DF PROTO=TCP SPT=2 DPT=35455 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:55:25 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=46265 DF PROTO=TCP SPT=3 DPT=35459 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:55:28 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=46267 DF PROTO=TCP SPT=3 DPT=35459 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:55:35 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=46268 DF PROTO=TCP SPT=3 DPT=35459 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:55:47 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=46269 DF PROTO=TCP SPT=2 DPT=35455 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:55:48 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=57401 DF PROTO=TCP SPT=3 DPT=35459 WINDOW=24820 RES=0x00 SYN URGP=0 apr 14 10:56:03 billy su(pam_unix)[4728]: session opened for user root by tonye(uid=500) Apr 14 10:56:15 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC= SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=57402 DF PROTO=TCP SPT=3 DPT=35459 WINDOW=24820 RES=0x00 SYN URGP=0 Apr 14 10:57:09 billy kernel: IPTABLES TCP-IN: IN=ppp0 OUT= MAC=SRC=130.225.247.90 DST=212.238.97.135 LEN=48 TOS=0x00 PREC=0x00 TTL=47 ID=57407 DF PROTO=TCP SPT=3 DPT=35459 WINDOW=24820 RES=0x00 SYN URGP=0 Etc etc. -- Tony Earnshaw e-post: [EMAIL PROTECTED] www: http://www.billy.demon.nl gpg public key: http://www.billy.demon.nl/tonni.armor Telefoon: (+31) (0)172 530428 Mobiel: (+31) (0)6 51153356 GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981 3BE7B981
signature.asc
Description: Dette er en digitalt signert meldingsdel
