From: "Stephen J. McCracken" <sjmccracky@myrealbox.com>
To: "Wallwork, Nathan" <nwallwo@pnm.com>
Cc: Netfilter List <netfilter@lists.netfilter.org>
Subject: Re: Can someone please explain to a newbie?
Date: 14 Aug 2003 17:21:58 -0500 [thread overview]
Message-ID: <1060899718.3959.61.camel@localhost.localdomain> (raw)
In-Reply-To: <Pine.LNX.4.44.0308141353360.23765-100000@nwallwo-linux.corp.pnm.com>
On Thu, 2003-08-14 at 14:59, Wallwork, Nathan wrote:
> On 14 Aug 2003, Stephen J. McCracken wrote:
> > Subject: Can someone please explain to a newbie?
> >
> > one gets many of the following logged to the syslog while the other
> > very few:
>
> Have you reloaded the rules on webfilter2 since the last rules change?
yes.
>
> > Aug 11 13:57:10 webfilter2 kernel: giptables-end-of-firewall: IN=
> > OUT=eth0 SRC=10.129.130.5 DST=10.129.184.28 LEN=40 TOS=0x00 PREC=0x00
> > TTL=64 ID=33149 DF PROTO=TCP SPT=8080 DPT=1100 WINDOW=5840 RES=0x00 ACK
> > FIN URGP=0
> >
> > But I have the following rules generated by giptables:
> >
> > iptables -A interface0_out -p tcp -s 10.129.130.5 --sport 8080 -d
> > 10.129.184.0/23 --dport 1024:65535 -m state --state ESTABLISHED -j
> > ACCEPT
>
> It looks like this should match, assuming the ESTABLISH part matches.
That's what I thought. What defines "ESTABLISHED"?
>
> Consider setting up a copy of that rul without the --state ESTABLISHED,
> place that right below, and see if it catches any packets.
The problem is that, being a newbie, I use giptables to set up the
iptables rules and I'm not sure where to do this. Also, I would like to
understand the "why" and not just get around it especially as one box,
using the same ruleset hardly gets any of these while the other quite a
few.
next parent reply other threads:[~2003-08-14 22:21 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <Pine.LNX.4.44.0308141353360.23765-100000@nwallwo-linux.corp.pnm.com>
2003-08-14 22:21 ` Stephen J. McCracken [this message]
2003-08-14 19:43 Can someone please explain to a newbie? Stephen J. McCracken
-- strict thread matches above, loose matches on Subject: below --
2003-08-13 22:39 can someone check this simple firewall? Daniel Chemko
2003-08-15 17:55 ` Payal Rathod
2003-08-14 19:36 ` Can someone please explain to a newbie? Stephen J. McCracken
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1060899718.3959.61.camel@localhost.localdomain \
--to=sjmccracky@myrealbox.com \
--cc=netfilter@lists.netfilter.org \
--cc=nwallwo@pnm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox