* iptables dropping wrong packets
@ 2003-03-05 14:37 nedco
2003-03-05 15:21 ` Module for Oracle with NAT Newton
2003-03-06 8:49 ` Accouting hare ram
0 siblings, 2 replies; 5+ messages in thread
From: nedco @ 2003-03-05 14:37 UTC (permalink / raw)
To: netfilter
Hi,
looks like some of correct packes are droped
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 36142 16M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
TOS
match 0x00
2 168K 54M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
TOS
match 0x10
3 27 1782 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG
flags 0 level 4
4 27 1782 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
in log we can see that TOS of packets is 0x0 they are also packets with 0x10
Mar 5 04:32:10 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4 DST=62.176.105.30
LEN=76
TOS=0x00 PREC=0xC0
Mar 5 04:32:15 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4 DST=62.176.105.30
LEN=76
TOS=0x00 PREC=0xC0
Mar 5 04:32:18 proliant kernel: IN=eth1 OUT=eth0 SRC=212.5.149.252 DST=212.5.134.3
LEN=87
TOS=0x00 PREC=0xC0
Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth2 SRC=62.176.73.4 DST=62.176.106.69
LEN=88
TOS=0x00 PREC=0xC0
Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4 DST=62.176.105.30
LEN=76
TOS=0x00 PREC=0xC0
Mar 5 04:32:29 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159 DST=62.176.106.69
LEN=48
TOS=0x00 PREC=0x8
Mar 5 04:32:31 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4 DST=62.176.105.30
LEN=76
TOS=0x00 PREC=0xC0
Mar 5 04:32:32 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159 DST=62.176.106.69
LEN=48
TOS=0x00 PREC=0x8
Am I doing something wrong?
10x in advance
Nedko
^ permalink raw reply [flat|nested] 5+ messages in thread* Module for Oracle with NAT
2003-03-05 14:37 iptables dropping wrong packets nedco
@ 2003-03-05 15:21 ` Newton
2003-03-05 17:09 ` Raymond Leach
2003-03-06 8:49 ` Accouting hare ram
1 sibling, 1 reply; 5+ messages in thread
From: Newton @ 2003-03-05 15:21 UTC (permalink / raw)
To: netfilter
Hi,
Friends Do you know if are there any module of kernel to work Oracle with
NAT ,????
Newton.
----- Original Message -----
From: <nedco@unacs.bg>
To: <netfilter@lists.netfilter.org>
Sent: Wednesday, March 05, 2003 9:37 AM
Subject: iptables dropping wrong packets
>
>
>
> Hi,
>
> looks like some of correct packes are droped
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> num pkts bytes target prot opt in out source
destination
>
> 1 36142 16M ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
> TOS
> match 0x00
> 2 168K 54M ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
> TOS
> match 0x10
> 3 27 1782 LOG all -- * * 0.0.0.0/0
0.0.0.0/0
> LOG
> flags 0 level 4
> 4 27 1782 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
>
>
>
> in log we can see that TOS of packets is 0x0 they are also packets with
0x10
>
>
>
> Mar 5 04:32:10 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30
> LEN=76
> TOS=0x00 PREC=0xC0
> Mar 5 04:32:15 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30
> LEN=76
> TOS=0x00 PREC=0xC0
> Mar 5 04:32:18 proliant kernel: IN=eth1 OUT=eth0 SRC=212.5.149.252
DST=212.5.134.3
> LEN=87
> TOS=0x00 PREC=0xC0
> Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth2 SRC=62.176.73.4
DST=62.176.106.69
> LEN=88
> TOS=0x00 PREC=0xC0
> Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30
> LEN=76
> TOS=0x00 PREC=0xC0
> Mar 5 04:32:29 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159
DST=62.176.106.69
> LEN=48
> TOS=0x00 PREC=0x8
> Mar 5 04:32:31 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30
> LEN=76
> TOS=0x00 PREC=0xC0
> Mar 5 04:32:32 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159
DST=62.176.106.69
> LEN=48
> TOS=0x00 PREC=0x8
>
> Am I doing something wrong?
>
> 10x in advance
> Nedko
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Module for Oracle with NAT
2003-03-05 15:21 ` Module for Oracle with NAT Newton
@ 2003-03-05 17:09 ` Raymond Leach
0 siblings, 0 replies; 5+ messages in thread
From: Raymond Leach @ 2003-03-05 17:09 UTC (permalink / raw)
To: Netfilter Mailing List
[-- Attachment #1: Type: text/plain, Size: 2590 bytes --]
In Oracle 9i you can make the server and listener use specific ports.
AFAIR if you do not use shared servers then you can use standard NAT.
We have our Oracle machine behind our firewall and we have people from
Cape Town (the other end of the country) accessing it perfectly.
There are some notes from Metalink with regards to Oracle and NAT.
Ray
On Wed, 2003-03-05 at 17:21, Newton wrote:
> Hi,
>
> Friends Do you know if are there any module of kernel to work Oracle with
> NAT ,????
>
> Newton.
>
>
> ----- Original Message -----
> From: <nedco@unacs.bg>
> To: <netfilter@lists.netfilter.org>
> Sent: Wednesday, March 05, 2003 9:37 AM
> Subject: iptables dropping wrong packets
>
>
> >
> >
> >
> > Hi,
> >
> > looks like some of correct packes are droped
> >
> > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> > num pkts bytes target prot opt in out source
> destination
> >
> > 1 36142 16M ACCEPT all -- * * 0.0.0.0/0
> 0.0.0.0/0
> > TOS
> > match 0x00
> > 2 168K 54M ACCEPT all -- * * 0.0.0.0/0
> 0.0.0.0/0
> > TOS
> > match 0x10
> > 3 27 1782 LOG all -- * * 0.0.0.0/0
> 0.0.0.0/0
> > LOG
> > flags 0 level 4
> > 4 27 1782 DROP all -- * * 0.0.0.0/0
> 0.0.0.0/0
> >
> >
> >
> > in log we can see that TOS of packets is 0x0 they are also packets with
> 0x10
> >
> >
> >
> > Mar 5 04:32:10 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
> DST=62.176.105.30
> > LEN=76
> > TOS=0x00 PREC=0xC0
> > Mar 5 04:32:15 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
> DST=62.176.105.30
> > LEN=76
> > TOS=0x00 PREC=0xC0
> > Mar 5 04:32:18 proliant kernel: IN=eth1 OUT=eth0 SRC=212.5.149.252
> DST=212.5.134.3
> > LEN=87
> > TOS=0x00 PREC=0xC0
> > Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth2 SRC=62.176.73.4
> DST=62.176.106.69
> > LEN=88
> > TOS=0x00 PREC=0xC0
> > Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
> DST=62.176.105.30
> > LEN=76
> > TOS=0x00 PREC=0xC0
> > Mar 5 04:32:29 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159
> DST=62.176.106.69
> > LEN=48
> > TOS=0x00 PREC=0x8
> > Mar 5 04:32:31 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
> DST=62.176.105.30
> > LEN=76
> > TOS=0x00 PREC=0xC0
> > Mar 5 04:32:32 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159
> DST=62.176.106.69
> > LEN=48
> > TOS=0x00 PREC=0x8
> >
> > Am I doing something wrong?
> >
> > 10x in advance
> > Nedko
--
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Accouting
2003-03-05 14:37 iptables dropping wrong packets nedco
2003-03-05 15:21 ` Module for Oracle with NAT Newton
@ 2003-03-06 8:49 ` hare ram
1 sibling, 0 replies; 5+ messages in thread
From: hare ram @ 2003-03-06 8:49 UTC (permalink / raw)
To: netfilter
Hi all
i just trying to make Bridge and accounting
eth0 and eth1
eth0 lan side eth1 internet side
i would like to have accounting details like
TCP in/out
UDP in/out
ICM in/out
unknow in/out
http in/out
ftp in/out
voice in/out
chat in/out
unknow in/out
and make them available in my local webserver, for html view
any guidance will be appriciate
thanks
hare
^ permalink raw reply [flat|nested] 5+ messages in thread
* iptables dropping wrong packets
@ 2003-03-05 17:56 Nedko Nedev
0 siblings, 0 replies; 5+ messages in thread
From: Nedko Nedev @ 2003-03-05 17:56 UTC (permalink / raw)
To: netfilter-devel
Hi,
looks like some of correct packes are droped
table mangle
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source
destination
1 36142 16M ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 TOS match 0x00
2 168K 54M ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 TOS match 0x10
3 27 1782 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 4
4 27 1782 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
in log we can see packets with TOS 0x0 also packets with TOS 0x10
Mar 5 04:32:10 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30 LEN=76 TOS=0x00 PREC=0xC0
Mar 5 04:32:15 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30 LEN=76 TOS=0x00 PREC=0xC0
Mar 5 04:32:18 proliant kernel: IN=eth1 OUT=eth0 SRC=212.5.149.252
DST=212.5.134.3 LEN=87 TOS=0x00 PREC=0xC0
Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth2 SRC=62.176.73.4
DST=62.176.106.69 LEN=88 TOS=0x00 PREC=0xC0
Mar 5 04:32:19 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30 LEN=76 TOS=0x00 PREC=0xC0
Mar 5 04:32:29 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159
DST=62.176.106.69 LEN=48 TOS=0x00 PREC=0x8
Mar 5 04:32:31 proliant kernel: IN=eth0 OUT=eth1 SRC=62.176.73.4
DST=62.176.105.30 LEN=76 TOS=0x00 PREC=0xC0
Mar 5 04:32:32 proliant kernel: IN=eth0 OUT=eth2 SRC=195.230.9.159
DST=62.176.106.69 LEN=48 TOS=0x00 PREC=0x8
mandrake Linux version 2.4.19-16mdksmp, iptables v1.2.6a
Is there some solution?
10x in advance
Nedko
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2003-03-06 8:49 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-03-05 14:37 iptables dropping wrong packets nedco
2003-03-05 15:21 ` Module for Oracle with NAT Newton
2003-03-05 17:09 ` Raymond Leach
2003-03-06 8:49 ` Accouting hare ram
-- strict thread matches above, loose matches on Subject: below --
2003-03-05 17:56 iptables dropping wrong packets Nedko Nedev
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.