* unclean rule
@ 2004-06-11 11:07 Luis Miguel Cruz
2004-06-11 11:26 ` Raileanu Grigore
0 siblings, 1 reply; 6+ messages in thread
From: Luis Miguel Cruz @ 2004-06-11 11:07 UTC (permalink / raw)
To: netfilter
Is safe to use unclean module?
--
Luis Miguel Cruz
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: unclean rule
2004-06-11 11:07 Luis Miguel Cruz
@ 2004-06-11 11:26 ` Raileanu Grigore
2004-06-11 11:35 ` Luis Miguel Cruz
0 siblings, 1 reply; 6+ messages in thread
From: Raileanu Grigore @ 2004-06-11 11:26 UTC (permalink / raw)
To: netfilter
On Fri, 11 Jun 2004 13:07:37 +0200
Luis Miguel Cruz <luismi@b2bi.es> wrote:
> Is safe to use unclean module?
>
> --
> Luis Miguel Cruz
>
>
Yes, you can discard without any problems unclean packets.
--
Best regards,
Raileanu Grigore
mail: grisha at unixro dot net
phone: +40 742759147
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: unclean rule
2004-06-11 11:26 ` Raileanu Grigore
@ 2004-06-11 11:35 ` Luis Miguel Cruz
2004-06-11 11:49 ` Raileanu Grigore
0 siblings, 1 reply; 6+ messages in thread
From: Luis Miguel Cruz @ 2004-06-11 11:35 UTC (permalink / raw)
To: netfilter
I asked it because I remember that in the past this module have a lot of
problems, I like to know if those problems are solved now.
I have a problem with a client, he can´t do a ftp to our servers :P
The traffic match unclean rule:
iptables -A SEGURIDAD -m unclean -j DROP
All traffic must across SEGURIDAD chain, I only have problems with ftp
service and this client, the rest of the services runs perfectly for him.
What can be wrong? the client´s adsl router? :P
Raileanu Grigore wrote:
> On Fri, 11 Jun 2004 13:07:37 +0200
> Luis Miguel Cruz <luismi@b2bi.es> wrote:
>
>
>>Is safe to use unclean module?
>>
>>--
>>Luis Miguel Cruz
>>
>>
>
>
> Yes, you can discard without any problems unclean packets.
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: unclean rule
2004-06-11 11:35 ` Luis Miguel Cruz
@ 2004-06-11 11:49 ` Raileanu Grigore
2004-06-11 13:09 ` Luis Miguel Cruz
0 siblings, 1 reply; 6+ messages in thread
From: Raileanu Grigore @ 2004-06-11 11:49 UTC (permalink / raw)
To: netfilter
On Fri, 11 Jun 2004 13:35:42 +0200
Luis Miguel Cruz <luismi@b2bi.es> wrote:
> I asked it because I remember that in the past this module have a lot of
> problems, I like to know if those problems are solved now.
>
> I have a problem with a client, he can´t do a ftp to our servers :P
> The traffic match unclean rule:
>
> iptables -A SEGURIDAD -m unclean -j DROP
>
> All traffic must across SEGURIDAD chain, I only have problems with ftp
> service and this client, the rest of the services runs perfectly for him.
>
> What can be wrong? the client´s adsl router? :P
>
>
> Raileanu Grigore wrote:
>
> > On Fri, 11 Jun 2004 13:07:37 +0200
> > Luis Miguel Cruz <luismi@b2bi.es> wrote:
> >
> >
> >>Is safe to use unclean module?
> >>
> >>--
> >>Luis Miguel Cruz
> >>
> >>
> >
> >
> > Yes, you can discard without any problems unclean packets.
> >
>
>
Try to add in your firewall logging rules, and you can see, which packets are rejected by firewall.
--
Best regards,
Raileanu Grigore
mail: grisha at unixro dot net
phone: +40 742759147
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: unclean rule
2004-06-11 11:49 ` Raileanu Grigore
@ 2004-06-11 13:09 ` Luis Miguel Cruz
0 siblings, 0 replies; 6+ messages in thread
From: Luis Miguel Cruz @ 2004-06-11 13:09 UTC (permalink / raw)
To: netfilter
Yes, I have it.
But I want to know why is the reason of the unclean module to drop ftp
packets for this client :P
My rules are:
$IPT -A SEGURIDAD -m unclean -j LOG --log-prefix "Paquete Unclean: "
--log-ip-options --log-tcp-options --log-tcp-sequence
$IPT -A SEGURIDAD -m unclean -j DROP
Raileanu Grigore wrote:
> On Fri, 11 Jun 2004 13:35:42 +0200
> Luis Miguel Cruz <luismi@b2bi.es> wrote:
>
>
>>I asked it because I remember that in the past this module have a lot of
>>problems, I like to know if those problems are solved now.
>>
>>I have a problem with a client, he can´t do a ftp to our servers :P
>>The traffic match unclean rule:
>>
>>iptables -A SEGURIDAD -m unclean -j DROP
>>
>>All traffic must across SEGURIDAD chain, I only have problems with ftp
>>service and this client, the rest of the services runs perfectly for him.
>>
>>What can be wrong? the client´s adsl router? :P
>>
>>
>>Raileanu Grigore wrote:
>>
>>
>>>On Fri, 11 Jun 2004 13:07:37 +0200
>>>Luis Miguel Cruz <luismi@b2bi.es> wrote:
>>>
>>>
>>>
>>>>Is safe to use unclean module?
>>>>
>>>>--
>>>>Luis Miguel Cruz
>>>>
>>>>
>>>
>>>
>>>Yes, you can discard without any problems unclean packets.
>>>
>>
>>
>
> Try to add in your firewall logging rules, and you can see, which packets are rejected by firewall.
>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2004-06-11 13:09 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <MAIL-SRV-02XBt7hJpu00020353@mail-srv-02.lsinter.net>
2004-06-11 12:07 ` unclean rule Luis Miguel Cruz
2004-06-11 11:07 Luis Miguel Cruz
2004-06-11 11:26 ` Raileanu Grigore
2004-06-11 11:35 ` Luis Miguel Cruz
2004-06-11 11:49 ` Raileanu Grigore
2004-06-11 13:09 ` Luis Miguel Cruz
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.