From: Jean-Christian Imbeault <jc@mega-bucks.co.jp>
To: netfilter@lists.netfilter.org
Subject: Re: Newbie: why is this packet being dropped/logged?
Date: Mon, 04 Aug 2003 14:32:48 +0900 [thread overview]
Message-ID: <3F2DF000.8010606@mega-bucks.co.jp> (raw)
In-Reply-To: <09B04A55822EFF4DA48D2E0BB2941D4A15C030@wardrive.citadelcomputer.com.au>
George Vieira wrote:
>
> it's being dropped because you have allowed TCP port 80 on
219.118.175.0/24 ONLY.. looking at your logs it shows the IP as
DST=203.179.86.66 which isn't to that network..
Maybe you misread the iptables' out output since the formatting is off,
but the rule for 219.118.175.0/24 is for SSH. The port 80 rule is:
ACCEPT tcp -- eth0 * 0.0.0.0/0 203.179.86.66 state
NEW,RELATED,ESTABLISHED tcp dpt:80
> HOW BIG is your network???
Only 16 IP addresses. I hate to show my ignorance but the the SSH rule
which uses the 219.118.175.0/24 is to allow SSH access from another
network with 8 IP address. The range is 219.118.175.240-248 but I didn't
know how to write that as a / netmask so I used 0/24 :(
Jc
next prev parent reply other threads:[~2003-08-04 5:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-04 5:31 Newbie: why is this packet being dropped/logged? George Vieira
2003-08-04 5:32 ` Jean-Christian Imbeault [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-08-04 5:11 Jean-Christian Imbeault
[not found] ` <1059980959.926.1.camel@elendil.intranet.cartel-securite.net>
2003-08-04 7:29 ` Jean-Christian Imbeault
2003-08-04 7:40 ` Cedric Blancher
2003-08-04 7:49 ` Jean-Christian Imbeault
2003-08-04 8:04 ` Cedric Blancher
2003-08-04 8:08 ` Jean-Christian Imbeault
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F2DF000.8010606@mega-bucks.co.jp \
--to=jc@mega-bucks.co.jp \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox