Re: IPTABLES

To: Eduardo Lopes <du.lopes@gmail.com>
Cc: dup <debian-user-portuguese@lists.debian.org>
Subject: Re: IPTABLES
From: Junior Polegato - Linux <linux@juniorpolegato.com.br>
Date: Fri, 15 May 2009 16:23:28 -0300
Message-id: <[🔎] 4A0DC130.4080002@juniorpolegato.com.br>
In-reply-to: <[🔎] 4ebf98f0905151116i41b22d1bm7d1ff7a3e7128486@mail.gmail.com>
References: <[🔎] 4ebf98f0905140454m33efcf21ue77257b59d887b43@mail.gmail.com> <[🔎] 4A0C6309.8030408@fing.edu.uy> <[🔎] 4ebf98f0905141159p5bad8f01u718be2606572adb9@mail.gmail.com> <[🔎] 4A0C739E.3080701@juniorpolegato.com.br> <[🔎] 4ebf98f0905141313t4dfa6977wff528b21f6a0a140@mail.gmail.com> <[🔎] 4A0C7E26.1060305@juniorpolegato.com.br> <[🔎] 4ebf98f0905150535i536326d9mcb7a89ae1e2907ce@mail.gmail.com> <[🔎] 4A0D87C0.1030608@juniorpolegato.com.br> <[🔎] 4ebf98f0905151116i41b22d1bm7d1ff7a3e7128486@mail.gmail.com>

Eduardo Lopes escreveu:

Fiz as alterações e agora consegui alguma coisa na saída do tcpdump,
testei fazendo um telnet no ip externo na porta 8088:
tcpdump | grep 172.16.1.156
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
15:12:31.063332 IP 172.16.1.156.2129 > tecnico.jotec.com.br.omniorb: S
2582386495:2582386495(0) win 5840 <mss 1460,sackOK,timestamp 545352926
0,nop,wscale 3>
15:12:33.120348 arp who-has 172.16.1.156 tell 172.16.1.94
15:12:37.064438 IP 172.16.1.156.2129 > tecnico.jotec.com.br.omniorb: S
2582386495:2582386495(0) win 5840 <mss 1460,sackOK,timestamp 545354426
0,nop,wscale 3>
15:12:42.065307 arp who-has 172.16.1.254 tell 172.16.1.156
15:12:45.223288 arp who-has 172.16.1.156 tell 172.16.1.103
15:12:45.702267 IP 172.16.1.156.ipp > 172.16.1.255.ipp: UDP, length 115
15:13:13.349152 IP 172.16.1.156.3966 >
189-039-011-037.static.spo.ctbc.com.br.omniorb: S
2617773432:2617773432(0) win 5840 <mss 1460,sackOK,timestamp 545363495
0,nop,wscale 3>
15:13:16.347584 IP 172.16.1.156.3966 >
189-039-011-037.static.spo.ctbc.com.br.omniorb: S
2617773432:2617773432(0) win 5840 <mss 1460,sackOK,timestamp 545364245
0,nop,wscale 3>
15:13:17.420482 IP 172.16.1.156.ipp > 172.16.1.255.ipp: UDP, length 115
15:13:22.348654 IP 172.16.1.156.3966 >
189-039-011-037.static.spo.ctbc.com.br.omniorb: S
2617773432:2617773432(0) win 5840 <mss 1460,sackOK,timestamp 545365745
0,nop,wscale 3>
15:13:34.350858 IP 172.16.1.156.3966 >
189-039-011-037.static.spo.ctbc.com.br.omniorb: S
2617773432:2617773432(0) win 5840 <mss 1460,sackOK,timestamp 545368745
0,nop,wscale 3>
^C16349 packets captured
20004 packets received by filter
3651 packets dropped by kernel

Mas ainda nada de funcionar.

Cara, você precisa rodar o tcpdump na máquina que está enviando [1], nofirewall [2] e na que receberá [3] para ver o caminho do pacote.


[1] tcpdump -i any host <ip_externo> and port 8088

[2] tcpdump -i any host <ip_sua_máquina> and port 8088 or<ip_máquina_dnat> and port 80[3] tcpdump -i any host <ip_externo> and port 80 or <ip_firewall> andport 80

Veja se consegue descobrir o caminho do pacote, onde ele morre. Reparetambém que além de regras no iptables, você tem regras no roteamento,veja com "ip route" e "ip rule" no firewall e passe para mim todas asinformações obtidas e sempre descreva bem os testes que fizer.


[]'s
          Junior Polegato

Reply to:

References:
- IPTABLES
  - From: Eduardo Lopes <du.lopes@gmail.com>
- Re: IPTABLES
  - From: Miguel Da Silva - URI <mdasilva@fing.edu.uy>
- Re: IPTABLES
  - From: Eduardo Lopes <du.lopes@gmail.com>
- Re: IPTABLES
  - From: Junior Polegato - Linux <linux@juniorpolegato.com.br>
- Re: IPTABLES
  - From: Eduardo Lopes <du.lopes@gmail.com>
- Re: IPTABLES
  - From: Junior Polegato - Linux <linux@juniorpolegato.com.br>
- Re: IPTABLES
  - From: Eduardo Lopes <du.lopes@gmail.com>
- Re: IPTABLES
  - From: Junior Polegato - Linux <linux@juniorpolegato.com.br>
- Re: IPTABLES
  - From: Eduardo Lopes <du.lopes@gmail.com>

Prev by Date: Migrar PDC Samba
Next by Date: [OFF-TOPIC] Dúvida Perl Script
Previous by thread: Re: IPTABLES
Next by thread: Re: IPTABLES
Index(es):
- Date
- Thread