From: Ted Phelps <phelps@gnusto.com>
To: netfilter@lists.netfilter.org
Subject: Re: Iptables problem
Date: Fri, 26 Jan 2007 09:55:59 -0600 [thread overview]
Message-ID: <5085.1169826959@laika.gnusto.com> (raw)
In-Reply-To: Your message of Fri, 26 Jan 2007 21:19:11 +0530. <9c9832d0701260749r8093a6p5d47aca6a840e5dd@mail.gmail.com>
"Saurabh Mehrotra" writes:
> Can you guide me how to set up TCP dump on RHEL 4 and test.
I'm afraid I don't use Red Hat Linux or RPMs so I'm not going to be able
to help you instal tcpdump. There's a good chance that it's installed
by default, though. To run it and monitor DNS traffic, do this:
tcpdump port 53
> Can u explain this more so that I will calculate that..
>
> " packet counts for each rule, which
> should help you to determine which rule is dropping or failing to
> forward the DNS packets."
(1) Run iptables -v -L
(2) Look at the rules you believe should match UDP traffic on port 53
between trench1 and 212.165.108.4. Note the number of packets which
have matched these rules.
(3) Run nslookup
(4) Run iptables -v -L again
(5) Look at the rules you believe should match UDP traffic on port 53
between trench1 and 212.165.108.4. Note the number of packets which
have matched these rules.
(6) Compare the numbers from steps (2) and (5) to see if they've
changed. If not then the rules aren't doing what you think they
are.
You may find a command like the following helpful:
watch iptables -v -L
Cheers,
-Ted
next prev parent reply other threads:[~2007-01-26 15:55 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-26 11:19 Iptables problem Saurabh Mehrotra
2007-01-26 13:53 ` Ted Phelps
2007-01-26 14:17 ` Saurabh Mehrotra
2007-01-26 15:17 ` Ted Phelps
2007-01-26 15:49 ` Saurabh Mehrotra
2007-01-26 15:55 ` Ted Phelps [this message]
-- strict thread matches above, loose matches on Subject: below --
2008-09-05 11:12 iptables problem Cam Bazz
2008-09-05 12:39 ` Matt Zagrabelny
2008-09-05 15:35 ` Grant Taylor
2007-10-06 16:28 IPtables problem Per Jørgensen
2007-10-06 18:25 ` Pascal Hambourg
2006-10-19 4:52 Iptables problem tarak
2005-11-08 17:08 IPTABLES PROBLEM Micol lupen
2005-11-08 18:56 ` Rob Sterenborg
2005-11-08 19:08 ` /dev/rob0
2005-11-01 18:06 iptables problem Ashley M. Kirchner
2005-11-02 0:31 ` Buddy wu
2004-08-25 20:04 Iptables problem Jason Opperisano
2004-08-25 19:52 Marcelo Sinhorini
2004-08-26 0:24 ` Jose Maria Lopez
2003-08-13 17:09 Glenn Hancock
2003-08-13 17:36 ` Rob Sterenborg
2003-05-14 11:45 IPTables problem Tech
2003-05-13 15:13 iptables problem hare ram
2003-05-13 17:02 ` Guilherme Viebig
2003-05-14 11:17 ` hare ram
2003-05-14 11:38 ` Bikrant Neupane
2003-03-13 9:57 Iptables problem De Jager Laubscher
2003-03-13 10:16 ` Maciej Soltysiak
2002-12-12 11:52 IPtables Problem Amit Kumar Gupta
2002-11-27 3:26 iptables problem 김도균
2003-01-17 5:32 ` Raymond Leach
2003-01-18 0:35 ` Diego Sarasua
2002-10-04 17:55 IPTables Problem Niel Harper
2002-06-25 11:55 Iptables problem Paulo Andre
2002-06-25 11:57 ` Ramin Alidousti
2002-06-25 10:47 Paulo Andre
2002-06-25 11:51 ` Ramin Alidousti
[not found] <CC845BB8BC74D6119934000347DD23E87C0C09@jhbmail.autopage.co.za>
2002-06-24 16:03 ` Antony Stone
[not found] <CC845BB8BC74D6119934000347DD23E87C0C07@jhbmail.autopage.co.za>
2002-06-24 14:26 ` Antony Stone
[not found] <CC845BB8BC74D6119934000347DD23E87C0C01@jhbmail.autopage.co.za>
2002-06-21 14:44 ` Antony Stone
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5085.1169826959@laika.gnusto.com \
--to=phelps@gnusto.com \
--cc=netfilter@lists.netfilter.org \
--cc=support@mantara.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox