IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1834.74 MB
Powered by
Channel Info
Network: freenodeChannel: #iptables |
Search in www.irclog.org
Log from #iptables at freenode 2006-06-08
[15:47]<suzpran>is it possible to use iptables to log incidents to another file instead of messages?
[15:53]<suzpran>can be done?
[15:56]<sydjgzvg>with syslog or syslog-ng, not iptables per se
[15:56]<zj20>2 ways. One: reconfigure your syslogd. Two: use ULOG to pass to a process other than syslogd.
[16:00]<suzpran>emmm... thx i have to rtfm first
[16:01]<sydjgzvg>yeh and ulogd+ULOG. forgot about that one
[16:02]<suzpran>emm... i don't have ulogd, is it need to download
[16:04]<suzpran>ahhh its an option in iptables
[17:37]<axzjg>it fucking worked
[17:37]<axzjg>jesus christ
[17:39]<pyznpyzxvnzbfu1>what did?
[17:49]<frrrrfrm_prrruyr>Good Morning All! I have an odd question and I'm not sure where to get the appropriate answer. Perhaps someone here might be able to help. Is it possible to setup a firewall rule to take all traffic and route it to a particular php script? Or am I barking up the wrong tree?
[17:50]<pyznpyzxvnzbfu1>that's not exactly accomplished with iptables alone
[17:50]<frrrrfrm_prrruyr>What else might I be looking at?
[17:51]<pyznpyzxvnzbfu1>what you would do is use iptables to direct all traffic to a particular IP and port pair, then set up apache (or other web server) to regmatch and serve all clients just one php script location
[17:51]<frrrrfrm_prrruyr>Ah, I see
[17:52]<pyznpyzxvnzbfu1>example iptables script that takes all traffice coming in on port 80, eth1, tcp, and sends it to 127.0.0.1:8080:
[17:52]<pyznpyzxvnzbfu1>iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth1 -j REDIRECT --to-port 8080
[17:53]<pyznpyzxvnzbfu1>then set up apache to issue an internal redirect to send all browsers to /myscript.php
[17:53]<pyznpyzxvnzbfu1>i can't do that one off the top of my head ;)
[17:53]<pyznpyzxvnzbfu1>oh, that's --to-ports (plural) btw
[17:53]<pyznpyzxvnzbfu1>my bad
[17:54]<frrrrfrm_prrruyr>Sweet! Thanks, that helps alot!
[17:55]<pyznpyzxvnzbfu1>:)
[17:56]<pyznpyzxvnzbfu1>for apache, try something like this
[17:56]<pyznpyzxvnzbfu1>RewriteEngine On
[17:57]<pyznpyzxvnzbfu1>RedirectMatch ^/(.*)$ http://blue-labs.org/myscript.php
[17:58]<frrrrfrm_prrruyr>That's awesome, only the distro that I'm working with (m0n0wall) I don't think is using apache.
[17:58]<pyznpyzxvnzbfu1>hm. i can't help you with that
[17:59]<frrrrfrm_prrruyr>No worries, I'm going to see about switching to a distro with apache.
[17:59]<frrrrfrm_prrruyr>:)
[17:59]<pyznpyzxvnzbfu1>apache is good stuff
[17:59]<pyznpyzxvnzbfu1>i'm a gentoo fan
[17:59]<pyznpyzxvnzbfu1>but pick a distro you're familiar with and like
[17:59]<frrrrfrm_prrruyr>Me too actually :D
[18:00]<pyznpyzxvnzbfu1>good then :)
[18:00]<frrrrfrm_prrruyr>The only prob is that I'm thinking of putting this into an embedded system (soekris)
[18:00]<pyznpyzxvnzbfu1>*nod*
[18:03]<frrrrfrm_prrruyr>How well would gentoo run on a 100Mhz processor?
[18:04]<pyznpyzxvnzbfu1>i probably wouldn't
[18:04]<pyznpyzxvnzbfu1>i would try an embedded distro
[18:05]<pyznpyzxvnzbfu1>it's not that gentoo would run bad, it's a linux kernel. but gentoo comes with a lot of stuff in it and you probably wouldn't need 99% of the stuff gentoo installs
[18:05]<frrrrfrm_prrruyr>Yeah, that what I thought too. :( But so far m0n0wall is looking promising but I don't think it's apache that comes with it.
[18:05]<pyznpyzxvnzbfu1>what webserver comes with it? does that webserver have a rewrite engine?
[18:06]<frrrrfrm_prrruyr>mini_httpd is the name, looking to see if it has a rewrite engine..
[18:08]<frrrrfrm_prrruyr>hrm, in the features list it does not appear to have any rewrite capabilities.. :(
[18:10]<pyznpyzxvnzbfu1>:(
[19:08]<mznzz>hi. is osf part of the unpatched 2.6.16.16?
[19:39]<snnfn_>hello, I have this simple rules to make a simple route, http://pastebin.com/767669, but I can't make ping to any public IP (208.35.102.13) inside my network any suggest??
[19:40]<rrcq000>hi all
[19:48]<snnfn_>hi JackaLX
[19:48]<snnfn_>hi jak2000
[19:48]<snnfn_>jejej
[19:48]<rrcq000>seele_ hi
[20:08]<mznzz>i get this: iptables v1.3.5: Couldn't load match 'osf':/lib/iptables/libipt_osf.so: cannot open shared object file: No such file or directory.
[20:09]<rrcq000>why not work these rule: /sbin/iptables -A INPUT -s 192.168.0.88 -p tcp --dport 5900 -j ACCEPT --syn
[20:09]<rrcq000>i try connect via vnc from: 192.168.0.49 and can!
[20:22]<rnryv>jak2000: from 192.168.0.88 ?
[20:23]<zj20>jak2000: That is an ACCEPT rule. Did you expect it to block anything?
[20:24]<rrcq000>Regit, form 88 yes i can too
[20:25]<rrcq000>Regit, rob0: http://rafb.net/paste/results/DlKUO125.html the lines 21, and 22 not work...
[20:27]<zj20>jak2000: see line 19.
[20:27]<rrcq000>yes i see
[20:28]<rrcq000>ok i comment the lines: 17 and 19
[20:31]<rrcq000>cant connect...
[20:36]<snnfn_>hello, I have this simple rules to make a simple route, http://pastebin.com/767669, but I can't make ping to any public IP (208.35.102.13) inside my network any suggest??
[20:41]<mznzz>anyone managed to get TARPIT chain to work?
[20:42]<mznzz>contains a beautiful and highly valuable idea btw.
[20:58]<mnvyf2funs>hi I'm trying to mark packets to another interface based on destination port, but although it routes the traffic to correct interface, it doesn't work, I followed this howto: http://lartc.org/howto/lartc.netfilter.html
[21:06]<mnvyf2funs>can anybody help me
[21:28]<drvvx_>devilblues: did you turned off the rp_filter ?
[21:29]<mnvyf2funs>matth_: i did echo 0 > /proc/sys/net/ipv4/conf/eth1/rp_filter
[21:30]<drvvx_>that fixed the blocked response for the little test I just made
[21:34]<mnvyf2funs>i have this when i run tcpdump
[21:34]<mnvyf2funs>IP 172.16.2.253 > 192.168.0.160: icmp 36: redirect 213.205.87.88 to host 0.0.0.0
[21:34]<mnvyf2funs>IP 192.168.0.160.1076 > 213.205.87.88.ssh: S 1985912858:1985912858(0) win 65535 <mss 1460,nop,nop,sackOK>
[21:36]<mnvyf2funs>matth_: what commands did you run
[21:36]<drvvx_>juste the one on the tutorial
[21:37]<drvvx_>is that all you can provide as network trace ?
[21:37]<drvvx_>I bet the icmp redirect is not the first one
[21:37]<mnvyf2funs>just a sec
[21:38]<mnvyf2funs>first line is this
[21:38]<mnvyf2funs>192.168.0.160.1087 > 213.205.87.88.ssh: S 617382408:617382408(0) win 65535 <mss 1460,nop,nop,sackOK>
[21:38]<mnvyf2funs>then this
[21:38]<mnvyf2funs>IP 172.16.2.253 > 192.168.0.160: icmp 36: redirect 213.205.87.88 to host 0.0.0.0
[21:40]<drvvx_>do you have control on .253 ?
[21:40]<mnvyf2funs>yes
[21:40]<drvvx_>the sniffing is more interesting from that point
[21:40]<mnvyf2funs>it's my router
[21:41]<mnvyf2funs>the 253 is the router
[21:41]<mnvyf2funs>it's not linux
[21:41]<mnvyf2funs>it's a dlink
[21:42]<mnvyf2funs>maybe it's a problem with my firewall script
[21:42]<drvvx_>I don't get the whole picture then
[21:43]<mnvyf2funs>can you have look at it?
[21:43]<drvvx_>I better not
