Curious failure with F-13
Timothy Murphy
gayleard at eircom.net
Tue Nov 2 15:14:56 UTC 2010
JB wrote:
> Timothy Murphy <gayleard <at> eircom.net> writes:
>
> look at these; if you want to share with us the outputs (unedited) that's
> OK.
>
> $ ping -c 1 87.248.112.181
> $ cat /etc/hosts
> $ cat /etc/host.conf
> $ cat /etc/resolv.conf
> $ cat /etc/nsswitch.conf
> $ route -n
> # iptables -nvL
Rather wordy, but:
---------------------------------
Script started on Tue 02 Nov 2010 02:26:05 PM GMT
[tim at helen ~]$ ping -c 1 87.248.112.181
PING 87.248.112.181 (87.248.112.181) 56(84) bytes of data.
64 bytes from 87.248.112.181: icmp_seq=1 ttl=54 time=83.2 ms
--- 87.248.112.181 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 83ms
rtt min/avg/max/mdev = 83.219/83.219/83.219/0.000 ms
[tim at helen ~]$ cat /etc/hosts
127.0.0.1 helen.gayleard.com helen localhost.localdomain
localhost
::1 helen.gayleard.com helen localhost6.localdomain6
localhost6
134.226.81.3 lanczos.maths.tcd.ie lanczos proxy
proxy.maths.tcd.ie
134.226.81.250 birdsnest.maths.tcd.ie birdsnest
192.168.2.1 alfred alfred.gayleard.com
192.168.5.34 alfred-vpn
192.168.2.2 helen helen.gayleard.com
192.168.5.1 helen-vpn
192.168.2.3 rose rose.gayleard.com
192.168.5.42 rose-vpn
192.168.2.4 carrie carrie.gayleard.com T43a
192.168.5.38 carrie-vpn
192.168.3.6 martha martha.gayleard.com T23a
192.168.2.14 blanche blanche.gayleard.com BigTarga
192.168.2.8 althea althea.gayleard.com HP
192.168.5.22 althea-vpn
192.168.2.27 blanche-ether
192.168.2.9 med177072 med177072.gayleard.com latitude
192.168.2.10 med178239 med178239.gayleard.com dell
192.168.2.11 elizabeth elizabeth.gayleard.com thinkpad
192.168.2.12 wrt router
192.168.2.7 harriet harriet.gayleard.com
LittleTarga
192.168.2.19 mary mary.gayleard.com T43b
192.168.2.39 mary-ether mary.gayleard.com T43b
192.168.2.28 william william.gayleard.com T43c
192.168.2.22 alice alice.gayleard.com
192.168.2.23 Rosys-iPod
192.168.2.30 Camera
192.168.2.26 eulalie eulalie.gayleard.com eeepc
192.168.2.15 inspiron deirdre
deirdre.gayleard.com
86.43.71.228 gayleard.com www.gayleard.com
192.168.5.6 mary-vpn
192.168.5.10 martha-vpn
159.134.198.138 www.eircom.net
# Remote gateway 159.134.155.19
2001:770:100:134::1 gayleard6
2001:770:10:300::86e2:5103 lanczos6
[tim at helen ~]$ cat /etc/hosts.conf
cat: /etc/hosts.conf: No such file or directory
[tim at helen ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
domain gayleard.com
search gayleard.com
#nameserver 208.67.222.222
#nameserver 208.67.220.220
nameserver 159.134.237.6
nameserver 159.134.248.17
[tim at helen ~]$ cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called
YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files
shadow: files
group: files
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
[tim at helen ~]$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0
[tim at helen ~]$ ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:1D:09:2B:75:2D
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21d:9ff:fe2b:752d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:770 errors:0 dropped:0 overruns:0 frame:0
TX packets:80 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:49508 (48.3 KiB) TX bytes:12785 (12.4 KiB)
Interrupt:18
eth1 Link encap:Ethernet HWaddr 00:40:F4:4D:60:8A
inet addr:192.168.2.2 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::240:f4ff:fe4d:608a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:338 errors:0 dropped:0 overruns:0 frame:0
TX packets:105 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:24228 (23.6 KiB) TX bytes:17054 (16.6 KiB)
Interrupt:17 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2480 (2.4 KiB) TX bytes:2480 (2.4 KiB)
[tim at helen ~]$ sudo iptables -nvL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
266 17639 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID,NEW
2673 1133K net2fw all -- eth0 * 0.0.0.0/0
0.0.0.0/0
88 12892 loc2fw all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 loc2fw all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 vpn2fw all -- tun0 * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0 [goto]
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
744 46832 dynamic all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID,NEW
0 0 net_frwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
744 46832 loc_frwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 loc_frwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 vpn_frwd all -- tun0 * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0 [goto]
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
2662 253K fw2net all -- * eth0 0.0.0.0/0
0.0.0.0/0
57 7291 fw2loc all -- * eth1 0.0.0.0/0
0.0.0.0/0
0 0 fw2loc all -- * eth2 0.0.0.0/0
0.0.0.0/0
0 0 fw2vpn all -- * tun0 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- * lo 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0 [goto]
Chain Drop (3 references)
pkts bytes target prot opt in out source
destination
207 9436 all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:113 /* Auth */
207 9436 dropBcast all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 11 /* Needed ICMP types */
202 8876 dropInvalid all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 multiport dports 135,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpts:137:139 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */
0 0 DROP tcp -- * * 0.0.0.0/0
0.0.0.0/0 multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1900 /* UPnP */
0 0 dropNotSyn tcp -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp spt:53 /* Late DNS Replies */
Chain Reject (4 references)
pkts bytes target prot opt in out source
destination
0 0 all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:113 /* Auth */
0 0 dropBcast all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 3 code 4 /* Needed ICMP types */
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 11 /* Needed ICMP types */
0 0 dropInvalid all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject udp -- * * 0.0.0.0/0
0.0.0.0/0 multiport dports 135,445 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpts:137:139 /* SMB */
0 0 reject udp -- * * 0.0.0.0/0
0.0.0.0/0 udp spt:137 dpts:1024:65535 /* SMB */
0 0 reject tcp -- * * 0.0.0.0/0
0.0.0.0/0 multiport dports 135,139,445 /* SMB */
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1900 /* UPnP */
0 0 dropNotSyn tcp -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0
0.0.0.0/0 udp spt:53 /* Late DNS Replies */
Chain dropBcast (2 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
5 560 DROP all -- * * 0.0.0.0/0
224.0.0.0/4
Chain dropInvalid (2 references)
pkts bytes target prot opt in out source
destination
28 1568 DROP all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID
Chain dropNotSyn (2 references)
pkts bytes target prot opt in out source
destination
0 0 DROP tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp flags:!0x17/0x02
Chain dynamic (2 references)
pkts bytes target prot opt in out source
destination
Chain fw2loc (2 references)
pkts bytes target prot opt in out source
destination
41 5037 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0
16 2254 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain fw2net (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpts:67:68
2296 230K ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
274 16990 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:53 /* DNS */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:53 /* DNS */
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0
92 5780 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain fw2vpn (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain loc2fw (2 references)
pkts bytes target prot opt in out source
destination
33 4929 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
1 60 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 /* SSH */
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8 /* Ping */
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1194
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:123 /* NTP */
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:514 /* Syslog */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:901 /* SMBswat */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:3306 /* MySQL */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:631 /* IPP */
54 7903 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain loc2net (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
744 46832 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain loc2vpn (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1194
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain loc_frwd (2 references)
pkts bytes target prot opt in out source
destination
744 46832 loc2net all -- * eth0 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- * eth1 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- * eth2 0.0.0.0/0
0.0.0.0/0
0 0 loc2vpn all -- * tun0 0.0.0.0/0
0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain logflags (5 references)
pkts bytes target prot opt in out source
destination
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 4 level 6 prefix `Shorewall:logflags:DROP:'
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source
destination
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net2fw (1 references)
pkts bytes target prot opt in out source
destination
211 9676 smurfs all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID,NEW
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpts:67:68
1160 1021K tcpflags tcp -- * * 0.0.0.0/0
0.0.0.0/0
2462 1123K ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0
0.0.0.0/0 icmp type 8 /* Ping */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80 /* HTTP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:443 /* HTTPS */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:993 /* IMAPS */
4 240 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:143 /* IMAP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:389 /* LDAP */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:22 /* SSH */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:3690 /* SVN */
0 0 ACCEPT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:3306 /* MySQL */
207 9436 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
174 7308 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:'
174 7308 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net2loc (2 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0
192.168.2.30 tcp dpt:80 ctorigdstport 2317
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2loc:DROP:'
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net2vpn (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2vpn:DROP:'
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain net_frwd (1 references)
pkts bytes target prot opt in out source
destination
0 0 smurfs all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate INVALID,NEW
0 0 tcpflags tcp -- * * 0.0.0.0/0
0.0.0.0/0
0 0 net2loc all -- * eth1 0.0.0.0/0
0.0.0.0/0
0 0 net2loc all -- * eth2 0.0.0.0/0
0.0.0.0/0
0 0 net2vpn all -- * tun0 0.0.0.0/0
0.0.0.0/0
Chain reject (11 references)
pkts bytes target prot opt in out source
destination
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0 ADDRTYPE match src-type BROADCAST
0 0 DROP all -- * * 224.0.0.0/4
0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0
0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0
0.0.0.0/0 reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0
0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0
0.0.0.0/0 reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0
0.0.0.0/0 reject-with icmp-host-prohibited
Chain shorewall (0 references)
pkts bytes target prot opt in out source
destination
Chain smurflog (2 references)
pkts bytes target prot opt in out source
destination
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP all -- * * 0.0.0.0/0
0.0.0.0/0
Chain smurfs (2 references)
pkts bytes target prot opt in out source
destination
0 0 RETURN all -- * * 0.0.0.0
0.0.0.0/0
0 0 smurflog all -- * * 0.0.0.0/0
0.0.0.0/0 [goto] ADDRTYPE match src-type BROADCAST
0 0 smurflog all -- * * 224.0.0.0/4
0.0.0.0/0 [goto]
Chain tcpflags (2 references)
pkts bytes target prot opt in out source
destination
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 [goto] tcp flags:0x3F/0x29
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 [goto] tcp flags:0x3F/0x00
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 [goto] tcp flags:0x06/0x06
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 [goto] tcp flags:0x03/0x03
0 0 logflags tcp -- * * 0.0.0.0/0
0.0.0.0/0 [goto] tcp spt:0 flags:0x17/0x02
Chain vpn2fw (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1194
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain vpn2loc (2 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 udp dpt:1194
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:vpn2loc:REJECT:'
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0 [goto]
Chain vpn2net (1 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0
Chain vpn_frwd (1 references)
pkts bytes target prot opt in out source
destination
0 0 vpn2net all -- * eth0 0.0.0.0/0
0.0.0.0/0
0 0 vpn2loc all -- * eth1 0.0.0.0/0
0.0.0.0/0
0 0 vpn2loc all -- * eth2 0.0.0.0/0
0.0.0.0/0
[tim at helen ~]$ exit
exit
Script done on Tue 02 Nov 2010 02:31:07 PM GMT
---------------------------------
--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
More information about the users
mailing list