Quoting Catalin Muresan <[EMAIL PROTECTED]>:
>
> On Fri, Jun 08, 2001 at 09:46:02AM +0300, Alin Osan wrote:
> >
> > Quoting Alin Nastac <[EMAIL PROTECTED]>:
> >
> > >
> > > Bineinteles.
> >
> > Ce-mi plac intrebarile cu "sau a sau b" la care se raspunde cu "da",
> > sau "bineinteles" :-) Acuma ce vrea sa spuna asta? Iptables sau ...
> > ? Daca iptables ce regula pun sa mearga/vina pachetele udp, pe ce
> > porturi?
> >
>
> dar tu ai trimis mail cu ce ai in iptables ? nu. Ce raspuns
> vrei atunci ? mie mi se pare corect.
Uite, Catalin, fac ca la carte:
aici e tcpdumpu':
09:33:58.179924 < pc-00011.casa.org.ro.1032 > 64.14.113.140.6112: S 345940:345940(0)
win 8192 <mss 1460,nop,nop,sackOK> (DF)
09:33:58.180377 < pc-00011.casa.org.ro.1033 > 63.241.83.7.6112: S 345940:345940(0) win
8192 <mss 1460,nop,nop,sackOK> (DF)
09:33:58.268970 > europe.battle.net.6112 > pc-00011.casa.org.ro.1030: S
638420740:638420740(0) ack 345940 win 65535 <mss 1460,nop,nop,sackOK>
09:33:58.269158 > europe.battle.net.6112 > pc-00011.casa.org.ro.1031: S
950476169:950476169(0) ack 345941 win 65535 <mss 1460,nop,nop,sackOK>
09:33:58.269555 < pc-00011.casa.org.ro.1030 > europe.battle.net.6112: . 1:1(0) ack 1
win 8760 (DF)
09:33:58.269642 < pc-00011.casa.org.ro.1031 > europe.battle.net.6112: . 1:1(0) ack 1
win 8760 (DF)
09:33:58.278713 < pc-00011.casa.org.ro.1031 > europe.battle.net.6112: P 1:2(1) ack 1
win 8760 (DF)
09:33:58.287101 < pc-00011.casa.org.ro.1034 > casa.org.ro.domain: 1+ A?
exodus.battle.net. (35)
09:33:58.288780 > casa.org.ro > pc-00011.casa.org.ro: icmp: casa.org.ro udp port
domain unreachable [tos 0xc0]
09:33:58.315226 > 64.14.113.138.6112 > pc-00011.casa.org.ro.nterm: S
1787444204:1787444204(0) ack 345938 win 65535 <mss 1460,nop,nop,sackOK>
09:33:58.315713 < pc-00011.casa.org.ro.nterm > 64.14.113.138.6112: . 1:1(0) ack 1 win
8760 (DF)
09:33:58.318100 > 64.14.113.139.6112 > pc-00011.casa.org.ro.1027: S
1697055009:1697055009(0) ack 345939 win 65535 <mss 1460,nop,nop,sackOK>
09:33:58.318499 < pc-00011.casa.org.ro.1027 > 64.14.113.139.6112: . 1:1(0) ack 1 win
8760 (DF)
09:33:58.332984 < pc-00011.casa.org.ro.1030 > europe.battle.net.6112: F 1:1(0) ack 1
win 8760 (DF)
09:33:58.333335 < pc-00011.casa.org.ro.nterm > 64.14.113.138.6112: F 1:1(0) ack 1 win
8760 (DF)
09:33:58.333567 < pc-00011.casa.org.ro.1027 > 64.14.113.139.6112: F 1:1(0) ack 1 win
8760 (DF)
09:33:58.377699 > 63.241.83.8.6112 > pc-00011.casa.org.ro.1028: S
2467096338:2467096338(0) ack 345939 win 65535 <mss 1460,nop,nop,sackOK>
09:33:58.378191 < pc-00011.casa.org.ro.1028 > 63.241.83.8.6112: . 1:1(0) ack 1 win
8760 (DF)
aici e iptables -L -n:
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 141.85.79.50 0.0.0.0/0
DROP all -- 216.200.130.8 0.0.0.0/0
DROP all -- 64.55.148.7 0.0.0.0/0
DROP all -- 64.55.148.7 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 8 limit: avg
1/sec burst 5
ACCEPT icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 0 limit: avg
1/sec burst 5
LD udp -- 0.0.0.0/0 193.231.238.0/24 udp dpt:33434
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 3
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 3 code 1
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 13
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 14
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 17
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 18
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 5
LD icmp -- 0.0.0.0/0 193.231.238.0/24 icmp type 4
ACCEPT all -- 10.0.0.0/24 0.0.0.0/0
LD all -- 1.0.0.0/8 193.231.238.0/24
LD all -- 2.0.0.0/8 193.231.238.0/24
LD all -- 7.0.0.0/8 193.231.238.0/24
LD all -- 23.0.0.0/8 193.231.238.0/24
LD all -- 27.0.0.0/8 193.231.238.0/24
LD all -- 31.0.0.0/8 193.231.238.0/24
LD all -- 41.0.0.0/8 193.231.238.0/24
LD all -- 45.0.0.0/8 193.231.238.0/24
LD all -- 60.0.0.0/8 193.231.238.0/24
LD all -- 68.0.0.0/8 193.231.238.0/24
LD all -- 69.0.0.0/8 193.231.238.0/24
LD all -- 70.0.0.0/8 193.231.238.0/24
LD all -- 71.0.0.0/8 193.231.238.0/24
LD all -- 80.0.0.0/8 193.231.238.0/24
LD all -- 88.0.0.0/8 193.231.238.0/24
LD all -- 90.0.0.0/8 193.231.238.0/24
LD all -- 91.0.0.0/8 193.231.238.0/24
LD all -- 92.0.0.0/8 193.231.238.0/24
LD all -- 100.0.0.0/8 193.231.238.0/24
LD all -- 111.0.0.0/8 193.231.238.0/24
LD all -- 112.0.0.0/8 193.231.238.0/24
LD all -- 127.0.0.0/8 193.231.238.0/24
LD all -- 127.0.0.0/8 193.231.238.0/24
LD all -- 128.66.0.0/16 193.231.238.0/24
LD all -- 172.16.0.0/12 193.231.238.0/24
LD all -- 192.168.0.0/16 193.231.238.0/24
LD all -- 197.0.0.0/16 193.231.238.0/24
LD all -- 201.0.0.0/8 193.231.238.0/24
LD all -- 220.0.0.0/8 193.231.238.0/24
LD all -- 222.0.0.0/8 193.231.238.0/24
LD all -- 240.0.0.0/8 193.231.238.0/24
LD all -- 242.0.0.0/8 193.231.238.0/24
LD all -- 244.0.0.0/8 193.231.238.0/24
LD all -- 251.0.0.0/8 193.231.238.0/24
LD all -- 254.0.0.0/8 193.231.238.0/24
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:31337 limit: avg
2/min burst 5
LD udp -- 0.0.0.0/0 193.231.238.0/24 udp dpt:31337 limit: avg
2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:33270 limit: avg
2/min burst 5
LD udp -- 0.0.0.0/0 193.231.238.0/24 udp dpt:33270 limit: avg
2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:1234 limit: avg
2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:6711 limit: avg
2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:16660
flags:0x0216/0x022 limit: avg 2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:60001
flags:0x0216/0x022 limit: avg 2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpts:12345:12346
limit: avg 2/min burst 5
LD udp -- 0.0.0.0/0 193.231.238.0/24 udp dpts:12345:12346
limit: avg 2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:1524 limit: avg
2/min burst 5
LD tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:27665 limit: avg
2/min burst 5
LD udp -- 0.0.0.0/0 193.231.238.0/24 udp dpt:27444 limit: avg
2/min burst 5
LD udp -- 0.0.0.0/0 193.231.238.0/24 udp dpt:31335 limit: avg
2/min burst 5
LD all -- 224.0.0.0/8 0.0.0.0/0
LD all -- 0.0.0.0/0 224.0.0.0/8
LD all -- 255.255.255.255 0.0.0.0/0
LD all -- 0.0.0.0/0 0.0.0.0
LD all -f 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5
ACCEPT tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 193.231.238.0/24 tcp dpt:143
LD tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:137:139
LD udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139
LD tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
LD udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445
LD tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049
LD udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049
LD tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6015
LD udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:6000:6015
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:22 dpts:513:65535
flags:!0x0216/0x022 state RELATED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:20 dpts:1023:65535
flags:!0x0216/0x022 state RELATED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED
ACCEPT udp -- 0.0.0.0/0 193.231.238.0/24 udp dpts:1023:65535
LD all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 10.0.0.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 10.0.0.0/24
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 10.0.0.0/24 0.0.0.0/0
ACCEPT icmp -- 10.0.0.0/24 0.0.0.0/0
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:31337 limit: avg
2/min burst 5
LD udp -- 193.231.238.0/24 0.0.0.0/0 udp dpt:31337 limit: avg
2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:33270 limit: avg
2/min burst 5
LD udp -- 193.231.238.0/24 0.0.0.0/0 udp dpt:33270 limit: avg
2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:1234 limit: avg
2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:6711 limit: avg
2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:16660
flags:0x0216/0x022 limit: avg 2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:60001
flags:0x0216/0x022 limit: avg 2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:60001
flags:0x0216/0x022 limit: avg 2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpts:12345:12346
limit: avg 2/min burst 5
LD udp -- 193.231.238.0/24 0.0.0.0/0 udp dpts:12345:12346
limit: avg 2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:1524 limit: avg
2/min burst 5
LD tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpt:27665 limit: avg
2/min burst 5
LD udp -- 193.231.238.0/24 0.0.0.0/0 udp dpt:27444 limit: avg
2/min burst 5
LD udp -- 193.231.238.0/24 0.0.0.0/0 udp dpt:31335 limit: avg
2/min burst 5
LD all -- 224.0.0.0/8 0.0.0.0/0
LD all -- 0.0.0.0/0 224.0.0.0/8
LD all -- 255.255.255.255 0.0.0.0/0
LD all -- 0.0.0.0/0 0.0.0.0
ACCEPT icmp -- 193.231.238.0/24 0.0.0.0/0
ACCEPT tcp -- 193.231.238.0/24 0.0.0.0/0 tcp dpts:1023:65535
ACCEPT udp -- 193.231.238.0/24 0.0.0.0/0 udp dpts:1023:65535
Chain LD (90 references)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
DROP all -- 0.0.0.0/0 0.0.0.0/0
Lista e destul de lunga, la fel si mailul. Sa vedem raspunsurile.
---
Alin Osan
Network Administrator
"Fundatia Casa"
http://www.casa.org.ro
phone +4059467200
fax +4059467202
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
