Re: Curious failure with F-13

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



JB wrote:

> Timothy Murphy <gayleard <at> eircom.net> writes:
> 
> look at these; if you want to share with us the outputs (unedited) that's
> OK.
> 
> $ ping -c 1 87.248.112.181
> $ cat /etc/hosts
> $ cat /etc/host.conf
> $ cat /etc/resolv.conf
> $ cat /etc/nsswitch.conf
> $ route -n
> # iptables -nvL

Rather wordy, but:
---------------------------------
Script started on Tue 02 Nov 2010 02:26:05 PM GMT

[tim@helen ~]$ ping -c 1 87.248.112.181
PING 87.248.112.181 (87.248.112.181) 56(84) bytes of data.
64 bytes from 87.248.112.181: icmp_seq=1 ttl=54 time=83.2 ms

--- 87.248.112.181 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 83ms
rtt min/avg/max/mdev = 83.219/83.219/83.219/0.000 ms

[tim@helen ~]$ cat /etc/hosts
127.0.0.1	helen.gayleard.com	helen	localhost.localdomain	
localhost
::1	helen.gayleard.com	helen	localhost6.localdomain6	
localhost6
134.226.81.3	lanczos.maths.tcd.ie	lanczos	proxy	
proxy.maths.tcd.ie
134.226.81.250	birdsnest.maths.tcd.ie	birdsnest
192.168.2.1	alfred	alfred.gayleard.com
192.168.5.34	alfred-vpn
192.168.2.2	helen	helen.gayleard.com
192.168.5.1	helen-vpn
192.168.2.3	rose	rose.gayleard.com
192.168.5.42	rose-vpn
192.168.2.4	carrie	carrie.gayleard.com	T43a
192.168.5.38	carrie-vpn
192.168.3.6	martha	martha.gayleard.com	T23a
192.168.2.14	blanche	blanche.gayleard.com	BigTarga
192.168.2.8	althea	althea.gayleard.com	HP
192.168.5.22	althea-vpn
192.168.2.27	blanche-ether
192.168.2.9	med177072	med177072.gayleard.com	latitude
192.168.2.10	med178239	med178239.gayleard.com	dell
192.168.2.11	elizabeth	elizabeth.gayleard.com	thinkpad
192.168.2.12	wrt		router
192.168.2.7	harriet		harriet.gayleard.com	
LittleTarga
192.168.2.19	mary		mary.gayleard.com	T43b
192.168.2.39	mary-ether	mary.gayleard.com	T43b
192.168.2.28	william		william.gayleard.com	T43c
192.168.2.22	alice		alice.gayleard.com
192.168.2.23	Rosys-iPod
192.168.2.30	Camera
192.168.2.26	eulalie		eulalie.gayleard.com	eeepc
192.168.2.15	inspiron	deirdre			
deirdre.gayleard.com
86.43.71.228	gayleard.com	www.gayleard.com
192.168.5.6	mary-vpn
192.168.5.10	martha-vpn
159.134.198.138 www.eircom.net
# Remote gateway 159.134.155.19
2001:770:100:134::1 gayleard6
2001:770:10:300::86e2:5103 lanczos6

[tim@helen ~]$ cat /etc/hosts.conf
cat: /etc/hosts.conf: No such file or directory

[tim@helen ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
domain gayleard.com
search gayleard.com
#nameserver 208.67.222.222
#nameserver 208.67.220.220
nameserver 159.134.237.6
nameserver 159.134.248.17

[tim@helen ~]$ cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
#	nisplus			Use NIS+ (NIS version 3)
#	nis			Use NIS (NIS version 2), also called 
YP
#	dns			Use DNS (Domain Name Service)
#	files			Use the local files
#	db			Use the local database (.db) files
#	compat			Use NIS on compat mode
#	hesiod			Use Hesiod for user lookups
#	[NOTFOUND=return]	Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files     

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   nisplus

publickey:  nisplus

automount:  files nisplus
aliases:    files nisplus

[tim@helen ~]$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1003   0        0 eth1
0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0

[tim@helen ~]$ ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:1D:09:2B:75:2D  
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::21d:9ff:fe2b:752d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:770 errors:0 dropped:0 overruns:0 frame:0
          TX packets:80 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:49508 (48.3 KiB)  TX bytes:12785 (12.4 KiB)
          Interrupt:18 

eth1      Link encap:Ethernet  HWaddr 00:40:F4:4D:60:8A  
          inet addr:192.168.2.2  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::240:f4ff:fe4d:608a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:338 errors:0 dropped:0 overruns:0 frame:0
          TX packets:105 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:24228 (23.6 KiB)  TX bytes:17054 (16.6 KiB)
          Interrupt:17 Base address:0x2000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2480 (2.4 KiB)  TX bytes:2480 (2.4 KiB)

[tim@helen ~]$ sudo iptables -nvL
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
  266 17639 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate INVALID,NEW 
 2673 1133K net2fw     all  --  eth0   *       0.0.0.0/0            
0.0.0.0/0           
   88 12892 loc2fw     all  --  eth1   *       0.0.0.0/0            
0.0.0.0/0           
    0     0 loc2fw     all  --  eth2   *       0.0.0.0/0            
0.0.0.0/0           
    0     0 vpn2fw     all  --  tun0   *       0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 Reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] 

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
  744 46832 dynamic    all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate INVALID,NEW 
    0     0 net_frwd   all  --  eth0   *       0.0.0.0/0            
0.0.0.0/0           
  744 46832 loc_frwd   all  --  eth1   *       0.0.0.0/0            
0.0.0.0/0           
    0     0 loc_frwd   all  --  eth2   *       0.0.0.0/0            
0.0.0.0/0           
    0     0 vpn_frwd   all  --  tun0   *       0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 Reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] 

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
 2662  253K fw2net     all  --  *      eth0    0.0.0.0/0            
0.0.0.0/0           
   57  7291 fw2loc     all  --  *      eth1    0.0.0.0/0            
0.0.0.0/0           
    0     0 fw2loc     all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0           
    0     0 fw2vpn     all  --  *      tun0    0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     all  --  *      lo      0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 Reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] 

Chain Drop (3 references)
 pkts bytes target     prot opt in     out     source               
destination         
  207  9436            all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 reject     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:113 /* Auth */ 
  207  9436 dropBcast  all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 3 code 4 /* Needed ICMP types */ 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 11 /* Needed ICMP types */ 
  202  8876 dropInvalid  all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 135,445 /* SMB */ 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpts:137:139 /* SMB */ 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp spt:137 dpts:1024:65535 /* SMB */ 
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 135,139,445 /* SMB */ 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:1900 /* UPnP */ 
    0     0 dropNotSyn  tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp spt:53 /* Late DNS Replies */ 

Chain Reject (4 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0            all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 reject     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:113 /* Auth */ 
    0     0 dropBcast  all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 3 code 4 /* Needed ICMP types */ 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 11 /* Needed ICMP types */ 
    0     0 dropInvalid  all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 reject     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 135,445 /* SMB */ 
    0     0 reject     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpts:137:139 /* SMB */ 
    0     0 reject     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp spt:137 dpts:1024:65535 /* SMB */ 
    0     0 reject     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           multiport dports 135,139,445 /* SMB */ 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:1900 /* UPnP */ 
    0     0 dropNotSyn  tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp spt:53 /* Late DNS Replies */ 

Chain dropBcast (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ADDRTYPE match dst-type BROADCAST 
    5   560 DROP       all  --  *      *       0.0.0.0/0            
224.0.0.0/4         

Chain dropInvalid (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
   28  1568 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate INVALID 

Chain dropNotSyn (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp flags:!0x17/0x02 

Chain dynamic (2 references)
 pkts bytes target     prot opt in     out     source               
destination         

Chain fw2loc (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
   41  5037 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           
   16  2254 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain fw2net (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpts:67:68 
 2296  230K ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
  274 16990 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:53 /* DNS */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:53 /* DNS */ 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           
   92  5780 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain fw2vpn (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain loc2fw (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
   33  4929 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    1    60 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:22 /* SSH */ 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8 /* Ping */ 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:1194 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:123 /* NTP */ 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:514 /* Syslog */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:901 /* SMBswat */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:3306 /* MySQL */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:631 /* IPP */ 
   54  7903 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain loc2net (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
  744 46832 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain loc2vpn (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:1194 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain loc_frwd (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
  744 46832 loc2net    all  --  *      eth0    0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     all  --  *      eth1    0.0.0.0/0            
0.0.0.0/0           
    0     0 ACCEPT     all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0           
    0     0 loc2vpn    all  --  *      tun0    0.0.0.0/0            
0.0.0.0/0           

Chain logdrop (0 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain logflags (5 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 4 level 6 prefix `Shorewall:logflags:DROP:' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain logreject (0 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain net2fw (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
  211  9676 smurfs     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate INVALID,NEW 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpts:67:68 
 1160 1021K tcpflags   tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           
 2462 1123K ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           icmp type 8 /* Ping */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:80 /* HTTP */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:443 /* HTTPS */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:993 /* IMAPS */ 
    4   240 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:143 /* IMAP */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:389 /* LDAP */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:22 /* SSH */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:3690 /* SVN */ 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           tcp dpt:3306 /* MySQL */ 
  207  9436 Drop       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
  174  7308 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:net2fw:DROP:' 
  174  7308 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain net2loc (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            
192.168.2.30        tcp dpt:80 ctorigdstport 2317 
    0     0 Drop       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:net2loc:DROP:' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain net2vpn (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 Drop       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:net2vpn:DROP:' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain net_frwd (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 smurfs     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate INVALID,NEW 
    0     0 tcpflags   tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 net2loc    all  --  *      eth1    0.0.0.0/0            
0.0.0.0/0           
    0     0 net2loc    all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0           
    0     0 net2vpn    all  --  *      tun0    0.0.0.0/0            
0.0.0.0/0           

Chain reject (11 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ADDRTYPE match src-type BROADCAST 
    0     0 DROP       all  --  *      *       224.0.0.0/4          
0.0.0.0/0           
    0     0 DROP       2    --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with tcp-reset 
    0     0 REJECT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with icmp-port-unreachable 
    0     0 REJECT     icmp --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with icmp-host-unreachable 
    0     0 REJECT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           reject-with icmp-host-prohibited 

Chain shorewall (0 references)
 pkts bytes target     prot opt in     out     source               
destination         

Chain smurflog (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain smurfs (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 RETURN     all  --  *      *       0.0.0.0              
0.0.0.0/0           
    0     0 smurflog   all  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] ADDRTYPE match src-type BROADCAST 
    0     0 smurflog   all  --  *      *       224.0.0.0/4          
0.0.0.0/0           [goto] 

Chain tcpflags (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] tcp flags:0x3F/0x29 
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] tcp flags:0x3F/0x00 
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] tcp flags:0x06/0x06 
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] tcp flags:0x03/0x03 
    0     0 logflags   tcp  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] tcp spt:0 flags:0x17/0x02 

Chain vpn2fw (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:1194 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain vpn2loc (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            
0.0.0.0/0           udp dpt:1194 
    0     0 Reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:vpn2loc:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           [goto] 

Chain vpn2net (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           ctstate RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
0.0.0.0/0           

Chain vpn_frwd (1 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 vpn2net    all  --  *      eth0    0.0.0.0/0            
0.0.0.0/0           
    0     0 vpn2loc    all  --  *      eth1    0.0.0.0/0            
0.0.0.0/0           
    0     0 vpn2loc    all  --  *      eth2    0.0.0.0/0            
0.0.0.0/0           

[tim@helen ~]$ exit
exit

Script done on Tue 02 Nov 2010 02:31:07 PM GMT
---------------------------------


-- 
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux