iptables BUG help me!!

To: "lists.debian.org debian-firewal" <debian-firewall@lists.debian.org>
Subject: iptables BUG help me!!
From: Mike Mestnik <cheako911@yahoo.com>
Date: Fri, 16 Apr 2004 13:44:30 -0700 (PDT)
Message-id: <[🔎] 20040416204430.96342.qmail@web11905.mail.yahoo.com>

Dose this look way odd to any one?

Chain FORWARD (policy ACCEPT 354 packets, 18360 bytes)
 pkts bytes target     prot opt in     out     source              
destination
   37  1900 LOG        tcp  --  *      *       0.0.0.0/0           
0.0.0.0/0           tcp spt:8436 LOG flags 0 level 4
    0     0 REJECT     all  --  *      eth2+   0.0.0.0/0           
10.0.0.0/24         reject-with icmp-net-unreachable
    0     0 DROP       all  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           state INVALID
    0     0 REJECT     all  --  eth2+  eth2+   0.0.0.0/0           
0.0.0.0/0           reject-with icmp-net-unreachable
 2889  173K ACCEPT     all  --  eth0+  *       0.0.0.0/0           
0.0.0.0/0           state NEW
 4637  553K ACCEPT     all  --  eth0+  *       0.0.0.0/0           
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 LOG        all  --  eth0+  *       0.0.0.0/0           
0.0.0.0/0           state INVALID LOG flags 0 level 4
 4314 1559K ACCEPT     all  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 LOG        tcp  --  *      *       0.0.0.0/0           
0.0.0.0/0           tcp spt:8436 LOG flags 0 level 4

Why dose the first log match and the last one not!!  These rules were made
by a "iptables -{I,A} FORWARD -p tcp --sport 8436 -j LOG".  I am trying to
get my "iptables -t nat -A PREROUTING -i $IFACE+ -p tcp --dport 8436\
                -j DNAT --to-destination 10.0.0.20:8436" rule working. 
Here is some dmsg output.

IN=eth0 OUT=eth2 SRC=10.0.0.20 DST=202.180.123.192 LEN=48 TOS=0x00
PREC=0x00 TTL=63 ID=0 DF PROTO=TCP SPT=8436 DPT=4164 WINDOW=5840 RES=0x00
ACK SYN URGP=0 
IN=eth0 OUT=eth2 SRC=10.0.0.20 DST=65.160.248.169 LEN=40 TOS=0x00
PREC=0x00 TTL=63 ID=31805 DF PROTO=TCP SPT=8436 DPT=4797 WINDOW=0 RES=0x00
ACK RST URGP=0 
IN=eth0 OUT=eth2 SRC=10.0.0.20 DST=65.160.248.169 LEN=40 TOS=0x00
PREC=0x00 TTL=63 ID=31806 DF PROTO=TCP SPT=8436 DPT=4797 WINDOW=0 RES=0x00
ACK RST URGP=0 

Is this a connection tracing problem?
train:/etc/network# iptables -v -n -t nat -L
Chain PREROUTING (policy ACCEPT 2611 packets, 193K bytes)
 pkts bytes target     prot opt in     out     source              
destination         
    0     0 DNAT       tcp  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           tcp dpt:8080 to:10.0.0.130:8080 
    0     0 DNAT       tcp  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           tcp dpt:6344 to:10.0.0.25:6344 
    0     0 DNAT       tcp  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           tcp dpt:6699 to:10.0.0.25:6699 
    0     0 DNAT       udp  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           udp dpt:6257 to:10.0.0.25:6257 
  368 19039 DNAT       tcp  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           tcp dpt:8436 to:10.0.0.20:8436 
    0     0 DNAT       tcp  --  eth2+  *       0.0.0.0/0           
0.0.0.0/0           tcp dpt:6346 to:10.0.0.20:8436 

Chain POSTROUTING (policy ACCEPT 393 packets, 21072 bytes)
 pkts bytes target     prot opt in     out     source              
destination         
 2406  145K SNAT       all  --  *      eth2+   0.0.0.0/0           
0.0.0.0/0           to:24.245.9.227 

Chain OUTPUT (policy ACCEPT 85 packets, 6566 bytes)
 pkts bytes target     prot opt in     out     source              
destination         

Hope some one knows the problem.



	
		
__________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html

Reply to:

Prev by Date: RE: Port 135
Next by Date: Re: SV: iptables BUG help me!!
Previous by thread: RE: Port 135
Next by thread: Re: SV: iptables BUG help me!!
Index(es):
- Date
- Thread