2.6.16-rc1-mm3 XFRM+NAT issue
Christophe Saout
christophe at saout.de
Mon Jan 30 00:11:10 CET 2006
Am Sonntag, den 29.01.2006, 23:43 +0100 schrieb Patrick McHardy:
> > This time with -4 on the command line:
>
> Please also add the chain names to the logging rules.
Good idea.
Jan 29 23:58:31 server PREROUTING IN=eth0 OUT= MAC=00:01:80:5c:0f:48:00:02:8a:ba:b8:58:08:00 SRC=192.168.80.90 DST=<inet host> LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=51295 DF PROTO=TCP SPT=33806 DPT=25 WINDOW=5840 RES=0x00 CWR ECE SYN URGP=0
Jan 29 23:58:31 server FORWARD IN=eth0 OUT=ppp0 SRC=192.168.80.90 DST=<inet host> LEN=60 TOS=0x10 PREC=0x00 TTL=63 ID=51295 DF PROTO=TCP SPT=33806 DPT=25 WINDOW=5840 RES=0x00 CWR ECE SYN URGP=0
Jan 29 23:58:31 server POSTROUTING IN= OUT=ppp0 SRC=192.168.80.90 DST=<inet host> LEN=60 TOS=0x10 PREC=0x00 TTL=63 ID=51295 DF PROTO=TCP SPT=33806 DPT=25 WINDOW=5840 RES=0x00 CWR ECE SYN URGP=0
Jan 29 23:58:31 server OUTPUT IN= OUT=ppp0 SRC=<gateway pub ip> DST=<inet host> LEN=104 TOS=0x10 PREC=0x00 TTL=63 ID=51295 DF PROTO=ESP SPI=0xe2d41c8
Jan 29 23:58:31 server POSTROUTING IN= OUT=ppp0 SRC=<gateway pub ip> DST=<inet host> LEN=104 TOS=0x10 PREC=0x00 TTL=63 ID=51295 DF PROTO=ESP SPI=0xe2d41c8
Jan 29 23:58:31 server PREROUTING IN=ppp0 OUT= MAC= SRC=<inet host> DST=<gateway pub ip> LEN=104 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=ESP SPI=0x865c0e26
Jan 29 23:58:31 server INPUT IN=ppp0 OUT= MAC= SRC=<inet host> DST=<gateway pub ip> LEN=104 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=ESP SPI=0x865c0e26
Jan 29 23:58:31 server PREROUTING IN=ppp0 OUT= MAC=45:00:00:68:00:00:40:00:37:06:61:ee:d5:ef:c5:f1:54:38:f1:5c:86:5c SRC=<inet host> DST=<gateway pub ip> LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=25 DPT=33806 WINDOW=5792 RES=0x00 ECE ACK SYN URGP=0
Jan 29 23:58:31 server INPUT IN=ppp0 OUT= MAC=45:00:00:68:00:00:40:00:37:06:61:ee:d5:ef:c5:f1:54:38:f1:5c:86:5c SRC=<inet host> DST=192.168.80.90 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=25 DPT=33806 WINDOW=5792 RES=0x00 ECE ACK SYN URGP=0
-- Something seems to go wrong here.
Jan 29 23:58:31 server OUTPUT IN= OUT=ppp0 SRC=<gateway pub ip> DST=<inet host> LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=6 DF PROTO=TCP SPT=33806 DPT=25 WINDOW=0 RES=0x00 RST URGP=0
Jan 29 23:58:31 server POSTROUTING IN= OUT=ppp0 SRC=<gateway pub ip> DST=<inet host> LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=6 DF PROTO=TCP SPT=33806 DPT=25 WINDOW=0 RES=0x00 RST URGP=0
Jan 29 23:58:31 server OUTPUT IN= OUT=ppp0 SRC=<gateway pub ip> DST=<inet host> LEN=88 TOS=0x00 PREC=0x00 TTL=64 ID=6 DF PROTO=ESP SPI=0xe2d41c8
Jan 29 23:58:31 server POSTROUTING IN= OUT=ppp0 SRC=<gateway pub ip> DST=<inet host> LEN=88 TOS=0x00 PREC=0x00 TTL=64 ID=6 DF PROTO=ESP SPI=0xe2d41c8
There are no messages about invalid connections or so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /pipermail/netfilter-devel/attachments/20060130/5081f96e/attachment.pgp
More information about the netfilter-devel
mailing list