iptables BUG help me!!
Dose this look way odd to any one?
Chain FORWARD (policy ACCEPT 354 packets, 18360 bytes)
pkts bytes target prot opt in out source
destination
37 1900 LOG tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:8436 LOG flags 0 level 4
0 0 REJECT all -- * eth2+ 0.0.0.0/0
10.0.0.0/24 reject-with icmp-net-unreachable
0 0 DROP all -- eth2+ * 0.0.0.0/0
0.0.0.0/0 state INVALID
0 0 REJECT all -- eth2+ eth2+ 0.0.0.0/0
0.0.0.0/0 reject-with icmp-net-unreachable
2889 173K ACCEPT all -- eth0+ * 0.0.0.0/0
0.0.0.0/0 state NEW
4637 553K ACCEPT all -- eth0+ * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 LOG all -- eth0+ * 0.0.0.0/0
0.0.0.0/0 state INVALID LOG flags 0 level 4
4314 1559K ACCEPT all -- eth2+ * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED
0 0 LOG tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:8436 LOG flags 0 level 4
Why dose the first log match and the last one not!! These rules were made
by a "iptables -{I,A} FORWARD -p tcp --sport 8436 -j LOG". I am trying to
get my "iptables -t nat -A PREROUTING -i $IFACE+ -p tcp --dport 8436\
-j DNAT --to-destination 10.0.0.20:8436" rule working.
Here is some dmsg output.
IN=eth0 OUT=eth2 SRC=10.0.0.20 DST=202.180.123.192 LEN=48 TOS=0x00
PREC=0x00 TTL=63 ID=0 DF PROTO=TCP SPT=8436 DPT=4164 WINDOW=5840 RES=0x00
ACK SYN URGP=0
IN=eth0 OUT=eth2 SRC=10.0.0.20 DST=65.160.248.169 LEN=40 TOS=0x00
PREC=0x00 TTL=63 ID=31805 DF PROTO=TCP SPT=8436 DPT=4797 WINDOW=0 RES=0x00
ACK RST URGP=0
IN=eth0 OUT=eth2 SRC=10.0.0.20 DST=65.160.248.169 LEN=40 TOS=0x00
PREC=0x00 TTL=63 ID=31806 DF PROTO=TCP SPT=8436 DPT=4797 WINDOW=0 RES=0x00
ACK RST URGP=0
Is this a connection tracing problem?
train:/etc/network# iptables -v -n -t nat -L
Chain PREROUTING (policy ACCEPT 2611 packets, 193K bytes)
pkts bytes target prot opt in out source
destination
0 0 DNAT tcp -- eth2+ * 0.0.0.0/0
0.0.0.0/0 tcp dpt:8080 to:10.0.0.130:8080
0 0 DNAT tcp -- eth2+ * 0.0.0.0/0
0.0.0.0/0 tcp dpt:6344 to:10.0.0.25:6344
0 0 DNAT tcp -- eth2+ * 0.0.0.0/0
0.0.0.0/0 tcp dpt:6699 to:10.0.0.25:6699
0 0 DNAT udp -- eth2+ * 0.0.0.0/0
0.0.0.0/0 udp dpt:6257 to:10.0.0.25:6257
368 19039 DNAT tcp -- eth2+ * 0.0.0.0/0
0.0.0.0/0 tcp dpt:8436 to:10.0.0.20:8436
0 0 DNAT tcp -- eth2+ * 0.0.0.0/0
0.0.0.0/0 tcp dpt:6346 to:10.0.0.20:8436
Chain POSTROUTING (policy ACCEPT 393 packets, 21072 bytes)
pkts bytes target prot opt in out source
destination
2406 145K SNAT all -- * eth2+ 0.0.0.0/0
0.0.0.0/0 to:24.245.9.227
Chain OUTPUT (policy ACCEPT 85 packets, 6566 bytes)
pkts bytes target prot opt in out source
destination
Hope some one knows the problem.
__________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html
Reply to: