IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1825.86 MB
Powered by
Channel Info
Network: freenodeChannel: #iptables |
Search in www.irclog.org
Log from #iptables at freenode 2006-06-18
[00:16]<-- dvxn|syzzzyus xzs>http://www.bagdadsoftware.de")
[05:59]<sczrdx>????
[06:14]<fzjfjrya>Hi, what icmp packet type do I allow to enable traceroutes to work ?
[06:14]<fzjfjrya>I would have thought a traceroute would send type 8/11
[06:14]<fzjfjrya>obviously not though, as I allow but limit those icmp types
[07:02]<xzzm__wzzn>prologic: traceroute(s) can also be done via UDP afaik
[07:03]<mrrynfmr>they can be done with anything, including TCP and UDP. Linux traceroute uses UDP by default iirc
[07:03]<xzzm__wzzn>yup ..
[07:04]<xzzm__wzzn>win32 uses ICMP by default
[07:04]<sczrdx> hard__ware !!!
[07:04]<sczrdx>dude, long time no talk
[07:04]<xzzm__wzzn>hey ...
[07:04]<sczrdx>i lost all my iptables rules for the script we wrote
[07:04]<sczrdx>mostly was you though
[07:05]<xzzm__wzzn>thats cuz little miss trinity keeps me busy =P
[07:05]<sczrdx>so, i got some graphing to work but how did the iptables rules go?
[07:05]<sczrdx>did you ever work on it more?
[07:05]<xzzm__wzzn>what part ?
[07:05]<sczrdx>any of it
[07:05]<xzzm__wzzn>errr ....
[07:05]<sczrdx>but most importantly, what was the format for the iptables rule? i havent touched in like months and totally forgot
[07:06]<sczrdx> # Find SRC Data #
[07:06]<sczrdx> SPKTS="`$IPTABLES -nvL $INPUTC --exact | $AWK '/'$IPAddr'/ { print $1 }'`"
[07:06]<xzzm__wzzn>oh that
[07:07]<xzzm__wzzn>i was just thinking ...
[07:07]<sczrdx>what is the rule? I made the chains and everything..
[07:07]<xzzm__wzzn>nah my work mate ,, is a slack basatrd
[07:07]<xzzm__wzzn>he still hasnt done all the php yet
[07:07]<xzzm__wzzn>http://windy.zapto.org/iptables
[07:08]<sczrdx>if i had time, i would
[07:09]<sczrdx>i dont see the relavent rules
[07:09]<sczrdx>i just need and example
[07:10]<sczrdx>-A INPUT_COUNTERS -d 70.86.176.20 -j WHAT
[07:10]<sczrdx>:?
[07:10]<sczrdx>ill write the php soon
[07:11]<sczrdx>and i think i can get rrdtool to work with it too
[07:11]<xzzm__wzzn>huh ?
[07:11]<xzzm__wzzn>isnt what you need inside --> http://windy.zapto.org/iptables/ipt_counters.sh
[07:11]<sczrdx>i have that
[07:12]<sczrdx>but what should the rule be?
[07:13]<xzzm__wzzn>well i dont see how you mean ... arnt the rules you need in there ?
[07:14]<xzzm__wzzn>just take what you need make your own ?
[07:14]<sczrdx>uhmm
[07:14]<sczrdx>but what do i put? -j RETURN?
[07:15]<xzzm__wzzn>oh ...
[07:15]<sczrdx>-A OUTPUT_COUNTERS -s 70.86.176.20 -j WHAT
[07:15]<xzzm__wzzn>i see ... silly me
[07:15]<sczrdx>:)
[07:15]<xzzm__wzzn>hmmm need to add that then ,,,
[07:15]<xzzm__wzzn>ok hang
[07:15]<sczrdx>sure
[07:15]<sczrdx>well, i amjust looking at my local version
[07:16]<sczrdx>tell me if you make any major changes
[07:18]<xzzm__wzzn>so yes ... for local accounting of localhost ... -A OUTPUT_COUNTERS -s ip.addr -j RETURN
[07:19]<xzzm__wzzn>-A INPUT_COUNTERS -d ip.addr -j RETURN ... for remote hosts ... reverse the src & dst
[07:19]<sczrdx>so -j RETURN
[07:19]<sczrdx>ok
[07:20]<xzzm__wzzn>you can use no -j @ all ... but i think that may then follow onto the next rule, rather than fall back to the next rule in the previous table
[07:21]<sczrdx>:INPUT ACCEPT [1101:357188]
[07:21]<sczrdx>:FORWARD ACCEPT [0:0]
[07:21]<sczrdx>:OUTPUT ACCEPT [1417:753852]
[07:21]<sczrdx>:INPUT_COUNTERS - [0:0]
[07:21]<sczrdx>:OUTPUT_COUNTERS - [0:0]
[07:21]<sczrdx>thats all i need, rught?
[07:21]<xzzm__wzzn>well yes.. and of cource the rule that exist in there ... =)
[07:21]<xzzm__wzzn>rule(s)
[07:22]<sczrdx>yeah
[07:36]<fzjfjrya>Is there any particular type of idp paket to allow ?
[07:36]<fzjfjrya>I don't much care for windows boxes :)
[07:42]<sczrdx>hard__ware: still around?
[08:28]<sczrdx>?
[08:57]<xzzm__wzzn>SkramX: done: http://windy.zapto.org/iptables/ipt_counter.sh
[09:11]<sczrdx>whats it do now
[09:11]<sczrdx>heh
[09:12]<sczrdx>ok
[09:12]<sczrdx>i used it
[09:12]<sczrdx>still not getting stats
[09:12]<sczrdx>o ok
[09:12]<sczrdx>hmm
[09:13]<sczrdx>i didnt have the -A input -j input_counters
[09:13]<sczrdx>and stuff ok
[09:23]<-- wgrvwsygc wrs puy>3) bad = 1;")
[11:12]<ai_ajmnz>Just throwing this out there, but I've managed to get data off of a camera that doesn't have a driver written for it on linux yet. The data is probably jpeg since that is what the windows program saves it as. I use a=usb_bulk_write(handle, ep, in2, 0xfffff, 1000); to pull data off of the device (libusb) and I get files in a similar +-5K range as the jpegs the program saves. Does anyone know where I should go next to get images or jpegs
[11:17]<ai_ajmnz>shit, this isn't c++
[11:17]<ai_ajmnz>sorry
[13:01]<sufgzfyguw>hello
[13:02]<sufgzfyguw>what does such criterian mean and whet it's effect: Reject If protocol is TCP and TCP flags SYN,RST,ACK,FIN,URG (of ALL) are set
[13:02]<sufgzfyguw>this is from webmin-firewall
[13:09]<sufgzfyguw>hello
[13:10]<sufgzfyguw>any body?
[13:36]<d9e>tcp packets with those flags set will be rejected
[13:37]<d9e>not sure what "of all" means
[13:46]<sufgzfyguw>m4z, it means (of all flags )
[13:46]<sufgzfyguw>m4z, but what I want is what it will produce
