[rlug] reguli ipchains pt. client ssh ?

claudiu Thu, 22 Feb 2001 07:18:52 -0800

Se pare ca niste reguli ipchains nu ma lasa sa ma conectez la un server
ssh.

ipchains -nL output zice
Chain output (policy REJECT):
target     prot opt     source     destination  ports
...
ACCEPT     tcp  ------  my-ip      0.0.0.0/0    1024:65535 ->   22
ACCEPT     tcp  ------  my-ip      0.0.0.0/0    1022:1023  ->   22

iar ipchains -nL input
Chain input (policy DENY):
target     prot opt     source     destination  ports
...
ACCEPT     tcp  !y----  0.0.0.0/0  my-ip        22 ->1024:65535
ACCEPT     tcp  !y----  0.0.0.0/0  my-ip        22 ->1022:1023

tcpdump src or dst remote zice

16:06:20.681888 if20 > my-ip.45796 > remote.ssh: S
1364852034:1364852034(0) win 32120 <mss 1460> (DF)

16:06:21.283820 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)

16:06:23.674035 if20 > my-ip.45796 > remote.ssh: S
1364852034:1364852034(0) win 32120 <mss 1460> (DF)

16:06:24.493950 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)

16:06:24.783931 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)

16:06:29.673943 if20 > my-ip.45796 > remote.ssh: S
1364852034:1364852034(0) win 32120 <mss 1460> (DF)

16:06:30.404044 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)

16:06:31.303878 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)

16:06:41.673996 if20 > my-ip.45796 > remote.ssh: S
1364852034:1364852034(0) win 32120 <mss 1460> (DF)

16:06:42.274085 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)

16:06:43.923878 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)

16:07:05.674046 if20 > my-ip.45796 > remote.ssh: S
1364852034:1364852034(0) win 32120 <mss 1460> (DF)

16:07:06.193824 if20 < remote.ssh > my-ip.45796: S
1459427741:1459427741(0) ack 1364852035 win 32120 <mss 1460> (DF)
...

netstat zice

Proto Recv-Q Send-Q Local Address   Foreign Address State
...
tcp        0      1 my-ip:45796     remote:22       SYN_SENT

adica io trimit request de initiere conexiune, dar ii resping cumva acku ?

Binenteles, daca ipchains -F, atunci e ok.
Am gresit ceva ?


PS: scuze pt. lungimea mailului...


---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to 
unsubscribe from this list.
[rlug] reguli ipchains pt. client ssh ?

Raspunde prin e-mail lui
