Re: what am i doung wrong?
This is a discussion on Re: what am i doung wrong? within the IPFilter forums, part of the System Security and Security Related category; " From: Jim Sandoz <sandoz@lucent.com> " " andrew, " to help, we need to know a ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-20-2005
|
|||
|
|||
Re: what am i doung wrong?
" From: Jim Sandoz <sandoz@lucent.com>
" " andrew, " to help, we need to know a little more about your config. " see this ipf faq entry: " http://www.phildev.net/ipf/IPFmail.html#mail3 oops! i have the faq but haven't read it as closely as i should... " also, what does (as root) " # /usr/sbin/ndd /dev/ip ip_forwarding " report? i did catch that one... okay, here's the buttload -- btw i see that ipfstat reports 73 blocked outgoing packets, but this isn't apparently related to the notebook; i just tried again and that number didn't change. # uname -a SunOS tiamat 5.8 Generic_117350-25 sun4u sparc SUNW,Ultra-1 # isainfo -vk 64-bit sparcv9 kernel modules # ifconfig -a lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 le0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 10.0.0.1 netmask ff000000 broadcast 10.255.255.255 ether 8:0:20:82:be:ba ipdptp0: flags=10088d1<UP,POINTOPOINT,RUNNING,NOARP,MULTICA ST,PRIVATE,IPv4> mtu 1500 index 3 inet 216.41.37.11 --> 208.218.128.9 netmask ffffff00 ether 0:0:0:0:0:0 # netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- 208.218.128.9 216.41.37.11 UH 1 13 ipdptp0 10.0.0.0 10.0.0.1 U 1 80 le0 224.0.0.0 216.41.37.11 U 1 0 ipdptp0 default 216.41.37.11 U 1 61933 ipdptp0 127.0.0.1 127.0.0.1 UH 113179009 lo0 # netstat -i Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis Queue lo0 8232 loopback localhost 3180254 0 3180254 0 0 0 le0 1500 arpanet tiamat.arpa 66168 0 13642 1 3 0 ipdptp0 1500 208.218.128.9 tiamat.an.bradford.ma.us 0 0 0 0 0 0 # netstat -s -P ip IPv4 ipForwarding = 1 ipDefaultTTL = 255 ipInReceives =1783670 ipInHdrErrors = 1 ipInAddrErrors = 0 ipInCksumErrs = 0 ipForwDatagrams =278144 ipForwProhibits = 30429 ipInUnknownProtos = 0 ipInDiscards = 706 ipInDelivers =4648070 ipOutRequests =1336345 ipOutDiscards = 13 ipOutNoRoutes = 0 ipReasmTimeout = 60 ipReasmReqds = 0 ipReasmOKs = 0 ipReasmFails = 0 ipReasmDuplicates = 0 ipReasmPartDups = 0 ipFragOKs = 0 ipFragFails = 0 ipFragCreates = 0 ipRoutingDiscards = 0 tcpInErrs = 24 udpNoPorts = 13900 udpInCksumErrs = 3 udpInOverflows = 0 rawipInOverflows = 0 ipsecInSucceeded = 0 ipsecInFailed = 0 ipInIPv6 = 0 ipOutIPv6 = 0 ipOutSwitchIPv6 = 1359 # ipf -V ipf: IP Filter: v3.4.35 (496) Kernel: IP Filter: v3.4.35 Running: yes Log Flags: 0 = none set Default: pass all, Logging: available Active list: 0 # ipfstat dropped packets: in 0 out 0 non-data packets: in 13 out 13 no-data packets: in 0 out 0 non-ip packets: in 1 out 0 bad packets: in 0 out 0 copied messages: in 53 out 78 IPv6 packets: in 0 out 0 input packets: blocked 38849 passed 1783853 nomatch 43880 counted 0 short 0 output packets: blocked 73 passed 1614401 nomatch 408 counted 0 short 0 input packets logged: blocked 1764 passed 0 output packets logged: blocked 0 passed 0 packets logged: input 0 output 0 log failures: input 0 output 0 fragment state(in): kept 0 lost 0 not fragmented 0 fragment state(out): kept 0 lost 0 not fragmented 0 packet state(in): kept 6117 lost 0 packet state(out): kept 89650 lost 73 ICMP replies: 0 TCP RSTs sent: 0 Invalid source(in): 0 Result cache hits(in): 44158 (out): 18378 IN Pullups succeeded: 0 failed: 0 OUT Pullups succeeded: 1958 failed: 0 Fastroute successes: 0 failures: 0 TCP cksum fails(in): 0 (out): 0 Packet log flags set: (0) none # ipfstat -io pass out on ipdptp0 proto tcp/udp from 216.41.37.11/32 to any keep state pass out on ipdptp0 proto icmp from 216.41.37.11/32 to any keep state block in log quick on ipdptp0 proto icmp from any to 216.41.37.11/32 block in log quick from any to any with ipopt block in log quick proto tcp from any to any with short block in on ipdptp0 from any to any pass in on ipdptp0 proto tcp from 208.218.130.0/27 to 216.41.37.11/32 port = 25 flags S/FSRPAU keep state keep frags pass in on ipdptp0 proto tcp from any to 216.41.37.11/32 port > 32767 flags S/FSRPAU keep state keep frags head 100 block in from 0.0.0.0/8 to any group 100 block in from 10.0.0.0/8 to any group 100 block in from 127.0.0.0/8 to any group 100 block in from 169.154.0.0/16 to any group 100 block in from 172.16.0.0/12 to any group 100 block in from 192.0.2.0/24 to any group 100 block in from 192.168.0.0/16 to any group 100 block in from 216.41.37.11/32 to any group 100 block in from 224.0.0.0/3 to any group 100 # ipnat -slv mapped in 311 out 194 added 73 expired 66 no memory 0 bad nat 0 inuse 0 rules 2 wilds 0 table ffffffff7fffe7b0 list 300000583c8 List of active MAP/Redirect filters: map ipdptp0 10.0.0.0/8 -> 216.41.37.11/32 portmap tcp/udp auto map ipdptp0 10.0.0.0/8 -> 216.41.37.11/32 List of active sessions: List of active host mappings: # ndd /dev/ip ip_forwarding 1 __________________________________________________ ______________________ Andrew Hay the genius nature internet rambler is to see what all have seen adh@an.bradford.ma.us and think what none thought 
|
Linear Mode
