diagnosis - was Re: some reality about iptables, please

To: Jacob Anawalt <jacob@cachevalley.com>
Cc: Debian-User List <debian-user@lists.debian.org>
Subject: diagnosis - was Re: some reality about iptables, please
From: Bret Comstock Waldow <bwaldow@alum.mit.edu>
Date: 28 Aug 2003 18:36:00 -0400
Message-id: <[🔎] 1062110159.1570.128.camel@ganesha>
In-reply-to: <[🔎] 3F4DA2C3.5050309@cachevalley.com>
References: <[🔎] 1061946734.3524.23.camel@ganesha> <[🔎] 1061954046.4931.10.camel@debian.potter> <[🔎] 1061957952.954.23.camel@ganesha> <[🔎] 1061959146.4931.23.camel@debian.potter> <[🔎] 1061960873.943.16.camel@ganesha> <[🔎] 3F4D736F.5060005@cachevalley.com> <[🔎] 1062048932.6690.84.camel@ganesha> <[🔎] 3F4DA2C3.5050309@cachevalley.com>

On Thu, 2003-08-28 at 02:35, Jacob Anawalt wrote:

> Wow, those were some rules. It will take a bit for me to get my head 
> around them.  Are you looking at a book on ipchains at the same time by 
> chance? You have so many similar rules in the input, forward and output 
> chains, that it reminds me of my old ipchains rules.

The rules are from Real World Linux Security by Bob Toxen.

> 
> I need to know some stuff though.
> 
> Email from Linux account or VMWare client works? Try both and let us know.

Email from Debian works.  I don't get email via Win98 - I might as well
douse myself in steak sauce and jump in the tiger pit at the zoo.
> 
> Browser from Linux account or in VMWare Win98 works? Try both and let us 
> know.
IE from Win98 works, Mozilla from Debian doesn't.

With these rules, samba couldn't restore the mapped drive I have from
Win98 to /home/user.


> Also:
> Does ping to www.debian.org work from either/both?
Debian: yes VMware: yes
> Does ftp to ftp.us.debian.org work from either/both?
Debian: yes VMware: yes
> Does imap3 to some imap account (if you have one) work from either/both?
Not a clue.  I don't have an imap account.
> Does https to some secure server work from either/both?
Yes from IE in Win98.
No from Debian Mozilla.  Here's an example of the messages:
Aug 28 17:35:55 ganesha kernel: DROPl:IN= OUT=eth0 SRC=192.168.2.30
DST=205.156.51.200 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=21328 DF
PROTO=TCP SPT=34131 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0

I'm curious that IN is blank.

Thanks,
Bret

-- 
bwaldow at alum dot mit dot edu

Reply to:

Follow-Ups:
- Re: diagnosis - was Re: some reality about iptables, please
  - From: Jacob Anawalt <jacob@cachevalley.com>
- Re: diagnosis - was Re: some reality about iptables, please
  - From: David <dbree@duo-county.com>

References:
- some reality about iptables, please
  - From: Bret Comstock Waldow <bwaldow@alum.mit.edu>
- Re: some reality about iptables, please
  - From: Kevin Mark <kevin@localhost>
- Re: some reality about iptables, please
  - From: Bret Comstock Waldow <bwaldow@alum.mit.edu>
- Re: some reality about iptables, please
  - From: Kevin Mark <kmark@pipeline.com>
- Re: some reality about iptables, please
  - From: Bret Comstock Waldow <bwaldow@alum.mit.edu>
- Re: some reality about iptables, please
  - From: Jacob Anawalt <jacob@cachevalley.com>
- Re: some reality about iptables, please
  - From: Bret Comstock Waldow <bwaldow@alum.mit.edu>
- Re: some reality about iptables, please
  - From: Jacob Anawalt <jacob@cachevalley.com>

Prev by Date: Re: OT: Why is C so popular?
Next by Date: Re: Debian Networking problems
Previous by thread: Re: some reality about iptables, please
Next by thread: Re: diagnosis - was Re: some reality about iptables, please
Index(es):
- Date
- Thread