IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1834.79 MB
Powered by
Channel Info
Network: freenodeChannel: #iptables |
Search in www.irclog.org
Log from #iptables at freenode 2006-06-02
[19:49]<zj20>_Sam--: http://sam.pastebin.com/753787 ... lines 9 and 10, do you know what those are doing?
[19:49]<rwpr>i don't want to use the iprange
[19:49]<rwpr>i dont know why it wont let me use -s
[19:49]<rwpr>with multiple networks
[19:49]<xzzm__wzzn>lol ....
[19:49]<xzzm__wzzn>rob0: i thought the same thing
[19:49]<_srd-->rob0: honestly, no. i put them in when i put the masq rules in.
[19:50]<zj20>Those rules allow everything.
[19:50]<xzzm__wzzn>_Sam--> i sugest you try something like http://hwfirewall.sf.net
[19:50]<zj20>(--state NEW that is.)
[19:50]<_srd-->thats good then, becuase i want everything allowed on them
[19:50]<zj20>Everything on EVERY interface.
[19:50]<_srd-->thats not true...telnet to my port 25..you wont get in
[19:51]<_srd-->like i said, i dont know what those lines mean, but i know my rules work!
[19:51]<_srd-->if you want to test them, i can give you the ip :)
[19:52]<zj20>sure
[19:52]<zj20>you have something listening on 25?
[19:52]<_srd-->yes
[19:55]<rwpr>anyother way to have multiple hosts, network via same -source switch?
[19:56]<zj20>_Sam--: anyway, as I said, the firewall is allowing access for anyone. Only thing that might hit your REJECT rules at the bottom would be --state INVALID.
[19:57]<zj20>Note all the zero packet counters in INPUT.
[19:57]<_srd-->thank you.
[19:57]<xzzm__wzzn>nc 207.245.79.253 25
[19:57]<xzzm__wzzn>220 Mail ESMTP Server
[19:57]<_srd-->wrong host
[19:57]<xzzm__wzzn>hehe prolly so
[19:58]<_srd-->that host is our mail server, of course it is going to allow :)
[19:58]<xzzm__wzzn>i was probing all kind of address's
[19:58]<xzzm__wzzn>so i addedd that one in
[19:58]<_srd-->rob0 was right though.
[19:58]<xzzm__wzzn>well yes
[19:58]<xzzm__wzzn>the iptables rules say it all
[19:59]<xzzm__wzzn>but that shouldnt stop FORWARDed traffic
[19:59]<_srd-->but its odd, because i had to add some specific rules just yesterday to allow someone to connect to me via sip
[19:59]<_srd-->and if all traf was allowed, i dont know why i would have needed to
[19:59]<zj20>There are no blockin rules in FORWARD, either.
[20:00]<_srd-->i have done some more diagnosing on that problem, and i think the problem lies in a wireless gateway router on the 0 network.
[20:00]<xzzm__wzzn>well ...
[20:00]<_srd-->from the 0 network i can connect through the iptables box to hosts on the 1 network fine
[20:00]<xzzm__wzzn>i see
[20:00]<_srd-->but from the 1 network i cant get through to the 0
[20:00]<xzzm__wzzn>sounds like you need to use ebtables
[20:00]<_srd-->and the 0's i am trying to get to, are all off of a wireless gateway
[20:01]<xzzm__wzzn>and make network x.1.x.x become x.0.x.x like the others
[20:02]<xzzm__wzzn>you can also then use iptables /w netfilter to block layer 3 and 2 where needed
[20:02]<xzzm__wzzn>and also allow both networks to co-exist , without hopefully haveing to replace the WLan AP if it really is the rat
[20:03]<xzzm__wzzn>lol s/netfilter/ebtables/
[20:03]<xzzm__wzzn>nite ... work in the morning ...
[20:03]<_srd-->you are talking about stuff maybe 3 or 4 levels over my head, but i did understand the WLAN AP :)
[20:03]<_srd-->and it runs the linux wrt54g crap on it
[20:15]<zdjjxcy>i added smb to my iptables( config 137, 138, and 139), when i added udp 137, tcp 137... it failed, but when i reversed the entries, tcp 137, udp 137...., it worked! why?
[20:27]<zdjjxcy>when i added the ports for smb to my iptable's rules, 137-139, i added the udp before the tcp(udp 137, tcp137, udp 138...) and it didn't work but when i reversed it( tcp 137, udp 137, tcp 138...) it worked, why?
[20:32]<_srd-->rob0: thanks again for the help, hard_ware too even though you are gone. my iptables was 100% fine. it was the wlan ap
[20:32]<_srd-->and now i fixed it.
[21:44]<zdjjxcy>when opening holes for smb, i put udp 137 before tcp 137, likewise for 138 and 139, and it didn't work, but when i reversed them, tcp 137 and then udp 137, etc. it worked. why?
[23:31]<zupyus2frac>when you use a "-j LOG" command in iptables, where does that packet get logged to?
[23:33]<-- syzzzyus xzs puyv>http://www.bagdadsoftware.de")
[23:38]<huk0b>hello My problem is with syn flood I think I have apache and somebody atack me and my apache stop when I start tcp dump I see may be 100 connections per second to port 80 how I can fix this some way to limit can I make something like 3 connections from 1 ip for 1 second or something?
[23:39]<vyrn-vnzsr>rufiusblack: depends on the the kernel logging facility used, check /var/log/messages /var/log/everything/current
[23:39]<zupyus2frac>vice-versa: like syslogd?
[23:39]<vyrn-vnzsr>rufiusblack: yes
[23:39]<zupyus2frac>hmm
[23:43]<zupyus2frac>cool thanks
[23:43]<zupyus2frac>vice: how do i clear the statistics that iptables collected
[23:43]<zupyus2frac>iptables -n i believe?
[23:45]<-- svgvr2rmgg xrs fu>/dev/null")
[23:48]<vyrn-vnzsr>rufiusblack: iptables -Z for all chains or iptables -Z INPUT for just the INPUT chain
[23:49]<zupyus2frac>yeah i got it from the man page
[23:49]<zupyus2frac>thanks tho
