I'm sorry, here it goes just like faq 15.
I must add that I can ping 8.8.8.8 or www.google.com, but I can't navigate.
Regardss
--Archivo adjunto de mensaje reenviado--
From: [email protected]
To: c
Date: Tue, 11 Oct 2011 12:02:04 -0700
Subject: Re: [Shorewall-users] No internet in local net with shorewall
On Tue, 2011-10-11 at 18:50 +0000, Carina V. Barca wrote:
>
> Tom: thanks for the answer.
> I attach what you asked..
But you clearly didn't read FAQ 15. Point number 4:
Forwarding is not enabled (This is often the problem for Debian
users). Enter this command:
cat /proc/sys/net/ipv4/ip_forward
If the value displayed is 0 (zero) then set IP_FORWARDING=On
in /etc/shorewall/shorewall.conf and restart Shorewall.
>From the output of 'shorewall dump' that you posted (which is created
from the above command):
/proc/sys/net/ipv4/ip_forward = 0
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
Shorewall 4.4.11.6 Dump at debian - mié oct 12 08:38:20 ART 2011
Counters reset mar oct 11 22:09:14 ART 2011
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
130K 14M dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW
134K 14M net2fw all -- eth0 * 0.0.0.0/0 0.0.0.0/0
11 965 loc2fw all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID,NEW
0 0 net2loc all -- eth0 eth1 0.0.0.0/0 0.0.0.0/0
0 0 loc_frwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
5008 768K fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
4 396 fw2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain Drop (0 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:113 /* Auth */
0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11 /* Needed ICMP types */
0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain Reject (6 references)
pkts bytes target prot opt in out source destination
128K 13M all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:113 /* Auth */
128K 13M dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11 /* Needed ICMP types */
145 8618 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535 /* SMB */
52 2544 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900 /* UPnP */
87 4208 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53 /* Late DNS Replies */
Chain dropBcast (2 references)
pkts bytes target prot opt in out source destination
127K 13M DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match dst-type BROADCAST
373 96852 DROP all -- * * 0.0.0.0/0 224.0.0.0/4
Chain dropInvalid (2 references)
pkts bytes target prot opt in out source destination
2 100 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate INVALID
Chain dropNotSyn (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
Chain dynamic (2 references)
pkts bytes target prot opt in out source destination
Chain fw2loc (1 references)
pkts bytes target prot opt in out source destination
4 396 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw2net (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
4418 727K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80
590 41552 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain loc2fw (1 references)
pkts bytes target prot opt in out source destination
4 160 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:8080
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 20,21,22,53,67,68,80,10000
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 53,67,68
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
7 805 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:loc2fw:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain loc2net (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 20,21,22,25,43,53,63
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 110,123,143,443,465
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 587,993,995
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 43,53,63,123
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:loc2net:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain loc_frwd (1 references)
pkts bytes target prot opt in out source destination
0 0 loc2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2fw (1 references)
pkts bytes target prot opt in out source destination
2294 753K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:67:68
3969 405K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
297 17784 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22
14 792 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 8 /* Ping */
128K 13M Reject all -- * * 0.0.0.0/0 0.0.0.0/0
91 5974 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2fw:REJECT:'
91 5974 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain net2loc (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:net2loc:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
[goto]
Chain reject (13 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
ADDRTYPE match src-type BROADCAST
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
139 6752 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
4 1766 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
Log (/var/log/messages)
Oct 12 06:41:31 net2fw:REJECT:IN=eth0 OUT= SRC=207.177.243.85
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=28972 DF PROTO=TCP
SPT=3101 DPT=110 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 06:41:32 net2fw:REJECT:IN=eth0 OUT= SRC=207.177.243.85
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=29642 DF PROTO=TCP
SPT=3101 DPT=110 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 06:46:09 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=55007 DF PROTO=TCP
SPT=4438 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 06:46:09 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=55174 DF PROTO=TCP
SPT=4438 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 07:10:19 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=36845 DF PROTO=TCP
SPT=4607 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 07:10:20 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=37002 DF PROTO=TCP
SPT=4607 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 07:32:22 net2fw:REJECT:IN=eth0 OUT= SRC=58.9.104.254 DST=xxx.xxx.100.200
LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=29266 DF PROTO=TCP SPT=29716 DPT=4899
WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 07:32:23 net2fw:REJECT:IN=eth0 OUT= SRC=58.9.104.254 DST=xxx.xxx.100.200
LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=29329 DF PROTO=TCP SPT=29723 DPT=4899
WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 07:32:24 net2fw:REJECT:IN=eth0 OUT= SRC=58.9.104.254 DST=xxx.xxx.100.200
LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=29376 DF PROTO=TCP SPT=29723 DPT=4899
WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 07:40:14 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=719 DF PROTO=TCP
SPT=3532 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 07:40:15 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=850 DF PROTO=TCP
SPT=3532 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 08:10:36 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=32081 DF PROTO=TCP
SPT=4492 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 08:10:37 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.29.100
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=32214 DF PROTO=TCP
SPT=4492 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 12 08:18:11 net2fw:REJECT:IN=eth0 OUT= SRC=187.104.115.71
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=31781 DF PROTO=TCP
SPT=62891 DPT=5900 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 08:18:12 net2fw:REJECT:IN=eth0 OUT= SRC=187.104.115.71
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=31802 DF PROTO=TCP
SPT=62891 DPT=5900 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 08:18:13 net2fw:REJECT:IN=eth0 OUT= SRC=187.104.115.71
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=31812 DF PROTO=TCP
SPT=62891 DPT=5900 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 12 08:31:21 net2fw:REJECT:IN=eth0 OUT= SRC=50.22.55.166 DST=xxx.xxx.100.200
LEN=440 TOS=0x00 PREC=0x00 TTL=52 ID=0 DF PROTO=UDP SPT=5069 DPT=5060 LEN=420
Oct 12 08:35:24 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.100.138
DST=xxx.xxx.100.200 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=28268 DF PROTO=TCP
SPT=44231 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0
Oct 12 08:35:25 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.100.138
DST=xxx.xxx.100.200 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=28269 DF PROTO=TCP
SPT=50375 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0
Oct 12 08:35:26 net2fw:REJECT:IN=eth0 OUT= SRC=xxx.xxx.100.138
DST=xxx.xxx.100.200 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=28270 DF PROTO=TCP
SPT=52423 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0
NAT Table
Chain PREROUTING (policy ACCEPT 229K packets, 28M bytes)
pkts bytes target prot opt in out source destination
229K 28M dnat all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 729 packets, 47112 bytes)
pkts bytes target prot opt in out source destination
729 47112 eth0_masq all -- * eth0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 590 packets, 41552 bytes)
pkts bytes target prot opt in out source destination
Chain dnat (1 references)
pkts bytes target prot opt in out source destination
7 805 loc_dnat all -- eth1 * 0.0.0.0/0 0.0.0.0/0
Chain eth0_masq (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * * 192.168.2.0/24 0.0.0.0/0
Chain loc_dnat (1 references)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 80,8080 redir ports 8080
Mangle Table
Chain PREROUTING (policy ACCEPT 235K packets, 29M bytes)
pkts bytes target prot opt in out source destination
235K 29M tcpre all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 134K packets, 14M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0
MARK and 0xffffff00
0 0 tcfor all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 5012 packets, 769K bytes)
pkts bytes target prot opt in out source destination
5012 769K tcout all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 5012 packets, 769K bytes)
pkts bytes target prot opt in out source destination
5012 769K tcpost all -- * * 0.0.0.0/0 0.0.0.0/0
Chain tcfor (1 references)
pkts bytes target prot opt in out source destination
Chain tcout (1 references)
pkts bytes target prot opt in out source destination
Chain tcpost (1 references)
pkts bytes target prot opt in out source destination
Chain tcpre (1 references)
pkts bytes target prot opt in out source destination
Raw Table
Chain PREROUTING (policy ACCEPT 235K packets, 29M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 5012 packets, 769K bytes)
pkts bytes target prot opt in out source destination
Conntrack Table (28 out of 32768)
tcp 6 45 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=48363
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=48363 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 40 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=47764
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=47764 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
udp 17 9 src=xxx.xxx.100.200 dst=200.45.191.35 sport=57329 dport=53
packets=1 bytes=71 src=200.45.191.35 dst=xxx.xxx.100.200 sport=53 dport=57329
packets=1 bytes=152 mark=0 secmark=0 use=1
tcp 6 34 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=47173
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=47173 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
tcp 6 73 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=51113
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=51113 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
udp 17 21 src=xxx.xxx.100.200 dst=200.45.191.35 sport=44916 dport=53
packets=1 bytes=71 src=200.45.191.35 dst=xxx.xxx.100.200 sport=53 dport=44916
packets=1 bytes=152 mark=0 secmark=0 use=1
tcp 6 109 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=54684
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=54684 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
tcp 6 96 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=53530
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=53530 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 16 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=43972
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=43972 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 10 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=43402
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=43402 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 28 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=46585
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=46585 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431999 ESTABLISHED src=xxx.xxx.100.138 dst=xxx.xxx.100.200
sport=30086 dport=22 packets=205 bytes=16980 src=xxx.xxx.100.200
dst=xxx.xxx.100.138 sport=22 dport=30086 packets=112 bytes=15593 [ASSURED]
mark=0 secmark=0 use=2
tcp 6 5 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=42802
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=42802 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 56 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=49517
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=49517 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
udp 17 27 src=xxx.xxx.100.200 dst=200.45.191.35 sport=44326 dport=53
packets=1 bytes=71 src=200.45.191.35 dst=xxx.xxx.100.200 sport=53 dport=44326
packets=1 bytes=152 mark=0 secmark=0 use=1
tcp 6 67 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=50584
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=50584 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
tcp 6 22 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=44588
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=44588 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 102 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=54103
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=54103 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
udp 17 26 src=0.0.0.0 dst=255.255.255.255 sport=68 dport=67 packets=537
bytes=176136 [UNREPLIED] src=255.255.255.255 dst=0.0.0.0 sport=67 dport=68
packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 51 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=48922
dport=22 packets=12 bytes=1152 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=48922 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
tcp 6 431997 ESTABLISHED src=87.236.52.74 dst=xxx.xxx.100.200 sport=55880
dport=22 packets=9 bytes=944 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=55880 packets=11 bytes=2177 [ASSURED] mark=0 secmark=0 use=1
tcp 6 114 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=55303
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=55303 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
tcp 6 91 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=52891
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=52891 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
tcp 6 61 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=50081
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=50081 packets=15 bytes=2453 [ASSURED] mark=0 secmark=0 use=1
udp 17 15 src=xxx.xxx.100.200 dst=200.45.191.35 sport=60731 dport=53
packets=1 bytes=71 src=200.45.191.35 dst=xxx.xxx.100.200 sport=53 dport=60731
packets=1 bytes=152 mark=0 secmark=0 use=1
tcp 6 79 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=51682
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=51682 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
udp 17 4 src=xxx.xxx.100.200 dst=200.45.191.35 sport=57399 dport=53
packets=1 bytes=71 src=200.45.191.35 dst=xxx.xxx.100.200 sport=53 dport=57399
packets=1 bytes=152 mark=0 secmark=0 use=1
tcp 6 85 TIME_WAIT src=87.236.52.74 dst=xxx.xxx.100.200 sport=52315
dport=22 packets=12 bytes=1168 src=xxx.xxx.100.200 dst=87.236.52.74 sport=22
dport=52315 packets=14 bytes=2401 [ASSURED] mark=0 secmark=0 use=1
IP Configuration
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UNKNOWN qlen 1000
inet xxx.xxx.100.200/24 brd xxx.xxx.100.255 scope global eth0
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state
DOWN qlen 1000
inet 192.168.2.1/24 brd 192.168.2.255 scope global eth1
IP Stats
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
3212 47 0 0 0 0
TX: bytes packets errors dropped carrier collsns
3212 47 0 0 0 0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UNKNOWN qlen 1000
link/ether 00:19:d1:dd:af:d1 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
49709231 434598 0 0 0 476
TX: bytes packets errors dropped carrier collsns
915614 5783 0 0 0 0
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state
DOWN qlen 1000
link/ether 00:27:19:b1:6b:69 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
493638 5060 0 0 0 0
TX: bytes packets errors dropped carrier collsns
3025939 4734 0 0 0 0
/proc
/proc/version = Linux version 2.6.26-2-686 (Debian 2.6.26-19)
([email protected]) (gcc version 4.1.3 20080704 (prerelease) (Debian 4.1.2-25))
#1 SMP Wed Aug 19 06:06:52 UTC 2009
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/arp_ignore = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/default/arp_ignore = 0
/proc/sys/net/ipv4/conf/default/rp_filter = 1
/proc/sys/net/ipv4/conf/default/log_martians = 1
/proc/sys/net/ipv4/conf/eth0/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth0/arp_filter = 0
/proc/sys/net/ipv4/conf/eth0/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth0/rp_filter = 1
/proc/sys/net/ipv4/conf/eth0/log_martians = 1
/proc/sys/net/ipv4/conf/eth1/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth1/arp_filter = 0
/proc/sys/net/ipv4/conf/eth1/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth1/rp_filter = 1
/proc/sys/net/ipv4/conf/eth1/log_martians = 1
/proc/sys/net/ipv4/conf/lo/proxy_arp = 0
/proc/sys/net/ipv4/conf/lo/arp_filter = 0
/proc/sys/net/ipv4/conf/lo/arp_ignore = 0
/proc/sys/net/ipv4/conf/lo/rp_filter = 1
/proc/sys/net/ipv4/conf/lo/log_martians = 1
Routing Rules
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
Table default:
Table local:
broadcast 192.168.2.255 dev eth1 proto kernel scope link src 192.168.2.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast xxx.xxx.100.255 dev eth0 proto kernel scope link src
xxx.xxx.100.200
local xxx.xxx.100.200 dev eth0 proto kernel scope host src xxx.xxx.100.200
local 192.168.2.1 dev eth1 proto kernel scope host src 192.168.2.1
broadcast 192.168.2.0 dev eth1 proto kernel scope link src 192.168.2.1
broadcast xxx.xxx.100.0 dev eth0 proto kernel scope link src xxx.xxx.100.200
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table main:
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1
xxx.xxx.100.0/24 dev eth0 proto kernel scope link src xxx.xxx.100.200
default via xxx.xxx.100.1 dev eth0
ARP
? (xxx.xxx.100.138) at 00:09:0f:79:e7:04 [ether] on eth0
? (xxx.xxx.100.1) at 00:00:5a:10:0d:4c [ether] on eth0
Modules
iptable_filter 2624 1
iptable_mangle 2688 1
iptable_nat 4680 1
iptable_raw 2176 0
ip_tables 10160 4
iptable_raw,iptable_nat,iptable_mangle,iptable_filter
ipt_addrtype 2304 2
ipt_ah 1664 0
ipt_CLUSTERIP 5956 0
ipt_ecn 1888 0
ipt_ECN 2336 0
ipt_LOG 5028 6
ipt_MASQUERADE 2592 1
ipt_NETMAP 1760 0
ipt_recent 6908 0
ipt_REDIRECT 1760 1
ipt_REJECT 2784 4
ipt_ttl 1600 0
ipt_TTL 1856 0
ipt_ULOG 6820 0
nf_conntrack 55540 31
xt_connlimit,ipt_MASQUERADE,ipt_CLUSTERIP,nf_nat_tftp,nf_nat_snmp_basic,nf_nat_sip,nf_nat_pptp,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_conntrack_amanda,nf_conntrack_sane,nf_conntrack_tftp,nf_conntrack_sip,nf_conntrack_proto_sctp,nf_conntrack_pptp,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_netbios_ns,nf_conntrack_irc,nf_conntrack_h323,nf_conntrack_ftp,xt_helper,xt_conntrack,xt_CONNMARK,xt_connmark,xt_state,iptable_nat,nf_nat,nf_conntrack_ipv4
nf_conntrack_amanda 3808 1 nf_nat_amanda
nf_conntrack_ftp 6852 1 nf_nat_ftp
nf_conntrack_h323 44712 1 nf_nat_h323
nf_conntrack_ipv4 12268 15 iptable_nat,nf_nat
nf_conntrack_irc 5124 1 nf_nat_irc
nf_conntrack_netbios_ns 2368 0
nf_conntrack_netlink 14176 0
nf_conntrack_pptp 5476 1 nf_nat_pptp
nf_conntrack_proto_gre 4416 1 nf_conntrack_pptp
nf_conntrack_proto_sctp 6600 0
nf_conntrack_sane 4348 0
nf_conntrack_sip 16124 1 nf_nat_sip
nf_conntrack_tftp 4180 1 nf_nat_tftp
nf_nat 15576 13
ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,nf_nat_tftp,nf_nat_sip,nf_nat_pptp,nf_nat_proto_gre,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_conntrack_netlink,iptable_nat
nf_nat_amanda 1824 0
nf_nat_ftp 2528 0
nf_nat_h323 5728 0
nf_nat_irc 2080 0
nf_nat_pptp 2880 0
nf_nat_proto_gre 2212 1 nf_nat_pptp
nf_nat_sip 5440 0
nf_nat_snmp_basic 8296 0
nf_nat_tftp 1568 0
xt_CLASSIFY 1696 0
xt_comment 1664 21
xt_connlimit 3720 0
xt_connmark 2368 0
xt_CONNMARK 2944 0
xt_conntrack 3488 12
xt_dccp 2696 0
xt_dscp 2368 0
xt_DSCP 2944 0
xt_hashlimit 9360 0
xt_helper 2112 0
xt_iprange 2272 0
xt_length 1760 0
xt_limit 2180 0
xt_mac 1728 0
xt_mark 1952 0
xt_MARK 2304 1
xt_multiport 2816 11
xt_NFLOG 1824 0
xt_NFQUEUE 1792 0
xt_owner 2560 0
xt_physdev 2352 0
xt_pkttype 1728 0
xt_policy 2848 0
xt_realm 1536 0
xt_state 2016 0
xt_tcpmss 1984 0
xt_tcpudp 2816 16
xt_time 2528 0
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Extended Multi-port Match: Available
Connection Tracking Match: Available
Extended Connection Tracking Match Support: Available
Packet Type Match: Available
Policy Match: Available
Physdev Match: Available
Physdev-is-bridged Support: Available
Packet length Match: Available
IP range Match: Available
Recent Match: Available
Owner Match: Available
Ipset Match: Not available
CONNMARK Target: Available
Extended CONNMARK Target: Available
Connmark Match: Available
Extended Connmark Match: Available
Raw Table: Available
IPP2P Match: Not available
CLASSIFY Target: Available
Extended REJECT: Available
Repeat match: Available
MARK Target: Available
Extended MARK Target: Available
Extended MARK Target 2: Available
Mangle FORWARD Chain: Available
Comments: Available
Address Type Match: Available
TCPMSS Match: Available
Hashlimit Match: Available
NFQUEUE Target: Available
Realm Match: Available
Helper Match: Available
Connlimit Match: Available
Time Match: Available
Goto Support: Available
LOGMARK Target: Not available
IPMARK Target: Not available
LOG Target: Available
Persistent SNAT: Not available
TPROXY Target: Not available
FLOW Classifier: Available
fwmark route mask: Available
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 0.0.0.0:56326 0.0.0.0:* LISTEN
2069/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
2058/portmap
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
2223/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
2246/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
2513/exim4
tcp 0 0 xxx.xxx.100.200:22 87.236.52.74:55303 TIME_WAIT
-
tcp 0 68 xxx.xxx.100.200:22 87.236.52.74:55880
ESTABLISHED 6080/sshd: root [pr
tcp 0 0 xxx.xxx.100.200:22 87.236.52.74:53530 TIME_WAIT
-
tcp 0 0 xxx.xxx.100.200:22 xxx.xxx.100.138:30086
ESTABLISHED 6048/sshd: cmateos
tcp6 0 0 :::22 :::* LISTEN
2223/sshd
tcp6 0 0 ::1:631 :::* LISTEN
2246/cupsd
udp 0 0 0.0.0.0:33047 0.0.0.0:*
2069/rpc.statd
udp 0 0 0.0.0.0:973 0.0.0.0:*
2069/rpc.statd
udp 0 0 0.0.0.0:111 0.0.0.0:*
2058/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:*
2246/cupsd
Traffic Control
Device eth0:
qdisc pfifo_fast 0: root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 915862 bytes 5785 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device eth1:
qdisc pfifo_fast 0: root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 3021564 bytes 4734 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
TC Filters
Device eth0:
Device eth1:
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
