Hi Tom,
Am 2015-03-31 23:57, schrieb Tom Eastep:
> On 3/31/2015 1:04 PM, Marko Weber | 8000 wrote:
>>
>> hello list,
>>
>> kernel: Shorewall:_net-fw::IN=eth0 OUT=
>> MAC=d4:3d:7e:ec:e1:07:00:26:88:75:df:19:08:00 SRC=87.142.17.90
>> DST=46.4.xx.xxx LEN=80 TOS=0x00 PREC=0x00 TTL=55 ID=38334 PROTO=ICMP
>> TYPE=3 CODE=1 [SRC=46.4.xx.xxx DST=87.142.17.90 LEN=52 TOS=0x00
>> PREC=0x00 TTL=53 ID=4374 DF PROTO=TCP SPT=80 DPT=56578 WINDOW=521
>> RES=0x00 ACK FIN URGP=0 ]
>>
>>
>> i find this entries in my logs.
>> What does this mean? I dont understand at all. A client connects via
>> http on port 80, then webserver is checking if client is reachable on
>> his outgoing port of his request?
>>
>> Can some help me to read this correct or interpret this correct?
>
> 46.4.xx.xxx is in the process of closing an HTTP connection from
> 87.142.17.90 and sent a FIN/ACK packet. Some host between the two
> endpoints is returning a 'host-unreachable' ICMP in response to that
> packet. I would have to see the output of 'shorewall show net-fw' to
> understand why these are being logged.
>
> -Tom
here is the output:
# shorewall show net-fw
Shorewall 4.6.6.1 Chain net-fw at nuggetforum.com - Wed Apr 1 17:00:28
CEST 2015
Counters reset Wed Apr 1 17:00:26 CEST 2015
Chain net-fw (1 references)
pkts bytes target prot opt in out source
destination
7 550 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED
7 550 smurfs all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED
229 39675 tcpflags tcp -- * * 0.0.0.0/0
0.0.0.0/0
224 39355 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate ESTABLISHED
0 0 _net-fw all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmptype 8 /* Ping */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 /* SSH */
5 320 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80 /* HTTP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:443 /* HTTPS */
2 230 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix "Shorewall:net-fw:DROP:"
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
-marko
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub
> for all
> things parallel software development, from weekly thought leadership
> blogs to
> news, videos, case studies, tutorials and more. Take a look and join
> the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
