Re: Could someone please explain this output?
Hi,
Here is the output from 'ipchains -L input -v' :
Chain input (policy DENY: 0 packets, 0 bytes):
pkts bytes target prot opt tosa tosx ifname mark
outsize source destination ports
380 34580 ACCEPT all ------ 0xFF 0x00 lo
anywhere anywhere n/a
0 0 DENY all ----l- 0xFF 0x00 !lo
127.0.0.0/8 anywhere n/a
10502 1034K ACCEPT all ------ 0xFF 0x00 eth1
localnet/24 anywhere n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
localnet/24 anywhere n/a
15049 9223K ACCEPT all ------ 0xFF 0x00 eth0
anywhere cs9349-21.austin.rr.com n/a
0 0 ACCEPT all ------ 0xFF 0x00 eth0
anywhere 255.255.255.255 n/a
0 0 DENY all ----l- 0xFF 0x00 any
anywhere anywhere n/a
This confirms Vineet's diagnosis. I cant help notice that the 'l'
flag is set in the 'opt' field every time the target is DENY. Is this a
coincidence? Where is the meaning of this output documented? I couldnt
find it anywhere.
Also, I am not sure of the purpose of these rules - especially the
ones with DENY. Why are they blocking what they are blocking?
Thanks,
Jor-el
On Thu, 16 Aug 2001, Vineet Kumar wrote:
>
> >
> > How do I interpret this output? For example, the lines handling
> > the source = localnet/24 - will they let a packet from outside pass in or
> > be rejected? Why are there two lines? This configuration is the result of
> > me doing a 'apt-get install ipmasq' - so there really hasnt been any
> > customization by me.
> >
>
> You'll get more meaningful output with
>
> ipchains -L -v
>
> What I suspect is going on is that the rules say something like
> localhost/8 -i ! lo -j DENY and localnet/24 -i eth0 -j ACCEPT and
> localnet/24 -i ! et0 -j DENY. The -v flag will show you the interfaces
> specified in the rules as well, so you can understand what's going on.
>
> Cheers,
>
> --
> Vineet http://www.anti-dmca.org
> Unauthorized use of this .sig may constitute violation of US law.
> Qba\'g gernq ba zr\! |tr 'a-zA-Z' 'n-za-mN-ZA-M'
>
Reply to: