From mboxrd@z Thu Jan 1 00:00:00 1970 From: "JOSE MIGUEL MARTINEZ" Subject: Not seeing injected packets traversing iptables Date: Thu, 01 Jul 2004 14:03:21 +0200 Sender: netfilter-admin@lists.netfilter.org Message-ID: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: Content-Language: es Content-Disposition: inline Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="iso-8859-1" To: netfilter@lists.netfilter.org, txemi2@euskalnet.net I am injecting packets in a network=2E I can see this packets from = libpcap = from several machines so the packets are there=2E The machine supposed = to receive = the packets can see them too in a tcpdump=2E Besides it answers to some = of them = (syn/ack if I inject tcp syncs) so packets are arriving=2E The tools I = use to inject = packets are packit=2C nemesis and others home-made over libnet=2E The = problem is that = in spite of packets being received they does not seem to enter = iptables as I cannot = LOG or ULOG them in destination machine=2E This does not happen with = convencional traffic as pings or tcp connections that can be logged = normally=2E = It seems to be a problem related to =22artificially=22 injected traffic = not reaching iptables=2E = =BFIs conttrack or some part of iptables realising this packets are not = legal enough to reach = iptables=3F = = logging rule is quite simple = = = root=40bipt08=3A=7E=23 iptables-save = =23 Generated by iptables-save v1=2E2=2E9 on Thu Jul 1 13=3A58=3A09 2004= = *nat = =3APREROUTING ACCEPT =5B737=3A65375=5D = =3APOSTROUTING ACCEPT =5B1962=3A84481=5D = =3AOUTPUT ACCEPT =5B1962=3A84481=5D = -A PREROUTING -i eth1 -j ULOG --ulog-prefix =22catch it please=22 = COMMIT = =23 Completed on Thu Jul 1 13=3A58=3A09 2004 = =23 Generated by iptables-save v1=2E2=2E9 on Thu Jul 1 13=3A58=3A09 2004= = *filter = =3AINPUT ACCEPT =5B31481=3A4480745=5D = =3AFORWARD ACCEPT =5B0=3A0=5D = =3AOUTPUT ACCEPT =5B37288=3A10900591=5D = COMMIT = =23 Completed on Thu Jul 1 13=3A58=3A09 2004 = =23 Generated by iptables-save v1=2E2=2E9 on Thu Jul 1 13=3A58=3A09 2004= = *mangle = =3APREROUTING ACCEPT =5B31500=3A4483968=5D = =3AINPUT ACCEPT =5B31482=3A4480797=5D = =3AFORWARD ACCEPT =5B0=3A0=5D = =3AOUTPUT ACCEPT =5B37289=3A10900787=5D = =3APOSTROUTING ACCEPT =5B37289=3A10900787=5D = COMMIT = =23 Completed on Thu Jul 1 13=3A58=3A09 2004 = = = = = -- = =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F = =3C hola=2C soy una firma horrible =3E = ------------------------------ = =5C =5E=5F=5F=5E = =5C (oo)=5C=5F=5F=5F=5F=5F=5F=5F = (=5F=5F)=5C )=5C/=5C = =7C=7C----w =7C = =7C=7C =7C=7C = = mail=3A txemi =3Ctxemi2=40euskalnet=2Enet=3E = web=3A http=3A//txemi=2Ewebhop=2Eorg = mirror=3A http=3A//txemi2=2Ewebhop=2Eorg