Re: iptables question

To: debian-user@lists.debian.org
Subject: Re: iptables question
From: deloptes <deloptes@gmail.com>
Date: Mon, 14 Nov 2016 08:16:08 +0100
Message-id: <[🔎] o0bobk$re3$1@blaine.gmane.org>
Reply-to: deloptes@gmail.com
References: <[🔎] o080pt$ok8$1@blaine.gmane.org> <[🔎] 20161112223216.2c7cf605@jresid.jretrading.com> <[🔎] o08bim$b11$1@blaine.gmane.org> <[🔎] CAAKASGwMC8N0Ycq_FtdQj5uvby6po_LPngp_jvPso9gfFgfYag@mail.gmail.com>

Igor Cicimov wrote:

> Run tcpdump and check whats happening

That is strange - I will look into this direction - let me know if you have
any ideas

regards


tcpdump -vvv dst 10.0.0.7
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535
bytes
08:07:11.591763 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has RM696
tell 10.0.0.1, length 28
08:07:12.591729 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has RM696
tell 10.0.0.1, length 28
08:07:13.591686 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has RM696
tell 10.0.0.1, length 28
08:07:14.595695 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has RM696
tell 10.0.0.1, length 28
08:07:15.595632 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has RM696
tell 10.0.0.1, length 28
08:07:16.595620 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has RM696
tell 10.0.0.1, length 28



tcpdump -vvv dst 10.0.0.138
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535
bytes
08:04:55.765744 IP (tos 0x0, ttl 63, id 26002, offset 0, flags [DF], proto
TCP (6), length 60)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [S], cksum 0xc2c6 (correct), seq
2408995280, win 29200, options [mss 1460,sackOK,TS val 223296578 ecr
0,nop,wscale 7], length 0
08:04:55.767594 IP (tos 0x0, ttl 63, id 26003, offset 0, flags [DF], proto
TCP (6), length 40)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [.], cksum 0x242c (correct), seq
2408995281, ack 3147433360, win 229, length 0
08:04:55.772423 IP (tos 0x0, ttl 63, id 44890, offset 0, flags [none], proto
UDP (17), length 69)
    10.0.0.1.24455 > 10.0.0.138.domain: [udp sum ok] 7454+ PTR?
138.0.0.10.in-addr.arpa. (41)
08:04:55.774778 IP (tos 0x0, ttl 63, id 26004, offset 0, flags [DF], proto
TCP (6), length 79)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [P.], cksum 0xfb15 (correct), seq
0:39, ack 1, win 229, length 39
08:04:55.787360 IP (tos 0x0, ttl 63, id 26005, offset 0, flags [DF], proto
TCP (6), length 40)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [.], cksum 0x23eb (correct), seq
39, ack 27, win 229, length 0
08:04:55.789504 IP (tos 0x0, ttl 63, id 26006, offset 0, flags [DF], proto
TCP (6), length 1500)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [.], cksum 0x7c86 (correct), seq
39:1499, ack 27, win 229, length 1460
08:04:55.789680 IP (tos 0x0, ttl 63, id 26007, offset 0, flags [DF], proto
TCP (6), length 228)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [P.], cksum 0x46dd (correct), seq
1499:1687, ack 27, win 229, length 188
08:04:55.791326 IP (tos 0x0, ttl 63, id 26008, offset 0, flags [DF], proto
TCP (6), length 312)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [P.], cksum 0xb0d6 (correct), seq
1687:1959, ack 339, win 237, length 272
08:04:55.796226 IP (tos 0x0, ttl 63, id 44893, offset 0, flags [none], proto
UDP (17), length 67)
    10.0.0.1.63625 > 10.0.0.138.domain: [udp sum ok] 17121+ PTR?
1.0.0.10.in-addr.arpa. (39)
08:04:58.223139 IP (tos 0x0, ttl 63, id 26009, offset 0, flags [DF], proto
TCP (6), length 56)
    10.0.0.1.52112 > 10.0.0.138.ssh: Flags [P.], cksum 0x0ea9 (correct), seq
1959:1975, ack 915, win 246, length 16

Reply to:

Follow-Ups:
- Re: iptables question
  - From: deloptes <deloptes@gmail.com>

References:
- iptables question
  - From: deloptes <deloptes@gmail.com>
- Re: iptables question
  - From: Joe <joe@jretrading.com>
- Re: iptables question
  - From: deloptes <deloptes@gmail.com>
- Re: iptables question
  - From: Igor Cicimov <icicimov@gmail.com>

Prev by Date: hello my friend
Next by Date: Re: Does debconf-set-selections automatically deletes values from debconf database once they are used?
Previous by thread: Re: iptables question
Next by thread: Re: iptables question
Index(es):
- Date
- Thread