lug-bg: RE: lug-bg: eth-
- Subject: lug-bg: RE: lug-bg: eth-
- From: bkrosnov@email.domain.hidden (Boyan Krosnov)
- Date: Mon, 31 Mar 2003 17:44:49 +0300
<em class="quotelev1">> 192.168.0.3 e windows-ka ÍÁÛÉÎÁ É gw É Å 192.168.0.1
ok
<em class="quotelev1">> Á ÉÎÁÞÅ
<em class="quotelev1">> # iptables -L -t nat -nvx
<em class="quotelev1">> Chain PREROUTING (policy ACCEPT 351 packets, 27382 bytes)
<em class="quotelev1">> pkts bytes target prot opt in out source
<em class="quotelev1">> destination
<em class="quotelev1">>
<em class="quotelev1">> Chain POSTROUTING (policy ACCEPT 36 packets, 3024 bytes)
<em class="quotelev1">> pkts bytes target prot opt in out source
<em class="quotelev1">> destination
<em class="quotelev1">> 87 6101 MASQUERADE all -- * eth0
<em class="quotelev1">> 0.0.0.0/0 0.0.0.0/0
tova izglejda dobre
<em class="quotelev1">>
<em class="quotelev1">> Chain OUTPUT (policy ACCEPT 41 packets, 3403 bytes)
<em class="quotelev1">> pkts bytes target prot opt in out source
<em class="quotelev1">> destination
<em class="quotelev1">> 7 520 ACCEPT all -- * *
<em class="quotelev1">> 62.176.85.190 0.0.0.0/0
<em class="quotelev1">> 0 0 ACCEPT all -- * *
<em class="quotelev1">> 62.176.85.190 0.0.0.0/0
tova pravi tochno nishto, sys ili bez nego, vse taq
<em class="quotelev1">> #
<em class="quotelev1">>
<em class="quotelev1">> # iptables -L -nvx
<em class="quotelev1">> Chain INPUT (policy ACCEPT 1739 packets, 144245 bytes)
<em class="quotelev1">> pkts bytes target prot opt in out source
<em class="quotelev1">> destination
<em class="quotelev1">> 0 0 ACCEPT all -- * *
<em class="quotelev1">> 192.168.0.1 62.176.85.190
<em class="quotelev1">> 0 0 ACCEPT all -- * *
<em class="quotelev1">> 192.168.2.1 62.176.85.190
tochnoto znachenie na tova ne mi e osobenno qsno, mojesh li da mi go razqsnish?
<em class="quotelev1">>
<em class="quotelev1">> Chain FORWARD (policy ACCEPT 558 packets, 71144 bytes)
<em class="quotelev1">> pkts bytes target prot opt in out source
<em class="quotelev1">> destination
<em class="quotelev1">> 78 4540 ACCEPT all -- eth0 eth1
<em class="quotelev1">> 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
tatefull firewall, ok
<em class="quotelev1">> 628 44391 ACCEPT all -- eth1 eth0
<em class="quotelev1">> 0.0.0.0/0 0.0.0.0/0
ACCEPT na obratnata posoka, ok
<em class="quotelev1">> 558 71144 LOG all -- * *
<em class="quotelev1">> 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
Log na vsichko koeto se opitva da ni premine bez da e v pravilnata posoka ili da e prieto ot statefull firewall-a, ok
<em class="quotelev1">> 0 0 ACCEPT all -- * *
<em class="quotelev1">> 192.168.0.1 62.176.85.190
tochnata prichina za tova e dosta mytna
<em class="quotelev1">> 0 0 ACCEPT all -- * *
<em class="quotelev1">> 192.168.2.1 62.176.85.190
za tova syshto!
<em class="quotelev1">>
<em class="quotelev1">> Chain OUTPUT (policy ACCEPT 1600 packets, 284592 bytes)
<em class="quotelev1">> pkts bytes target prot opt in out source
<em class="quotelev1">> destination
<em class="quotelev1">> #
Ta ima chetiri malko izlishni reda ot chainovete. Inache konfiguraciqta izglejda dostatychna za da raboti.
Ostava samo da razberesh kakvo tochno ne srabotva
Windowskoto pc li ne si prashta paketite na pravilnata mashina
Razmeneni sa ti interfeisite?
Providera ti te e hvanal che pravish nat i e otfiltriral paketi sys source port >32000
i izobshto mnogo razlichni mesta kydeto moje neshto da e narochno ili sluchajno schupeno.
Otnovo iskam da te podkanq da izpolzvash instrumenti za nabljudenie na nisko nivo za da vidish kakvo tochno se sluchva, preminavat li prez teb paketite s pravilnite mac adresi li sa, translirat li se, vryshtat li se otgovori ot providera ti i t.n. i t.n.
BR,
Boyan
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|