[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nufw-users] Netfilter chain port 80
|
From: |
Eric Leblond |
|
Subject: |
Re: [Nufw-users] Netfilter chain port 80 |
|
Date: |
Tue, 17 May 2011 16:06:18 +0200 |
Hi,
On Tue, 2011-05-17 at 07:52 -0300, Oliveiros Peixoto (Netinho) wrote:
> Hi,
>
>
>
> I installed nufw and try to test. I create the chain to test
> authentication in iptables.
>
...
>
> [19:28:51] Answ Packet: src=192.168.200.21 dst=189.91.13.123 proto=6
> sport=54117 dport=22, decision=ACCEPT, IN=eth0 OUT=eth0, packet_id=85,
> mark=2, user=admin, OS=Windows 7 7600, app=c:\users\peixoto\documents
> \putty.exe, exptime=-1
>
Authentication is working well here.
>
>
> I have succcesfull authenticated, but when try to use this chain on
> port 80 this not work.
>
>
>
> iptables -A FORWARD -s 192.168.200.0/24 -p tcp --dport 80 -m state
> --state NEW --syn -j QUEUE
>
> iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
>
>
>
>
>
> [19:26:55] NuFW Packet: src=192.168.200.165 dst=200.154.56.73 proto=6
> sport=1841 dport=80, IN=eth0 OUT=eth0, packet_id=83, mark=0,
> exptime=-1
>
> [19:27:01] NuFW Packet: src=192.168.200.165 dst=200.154.56.73 proto=6
> sport=1841 dport=80, IN=eth0 OUT=eth0, packet_id=84, mark=0,
> exptime=-1
>
> [19:27:08] Answ Packet: src=192.168.200.165 dst=200.154.56.73 proto=6
> sport=1841 dport=80, decision=DROP, IN=eth0 OUT=eth0, packet_id=84,
> mark=0, exptime=-1
>
> [19:27:08] Answ Packet: src=192.168.200.165 dst=200.154.56.73 proto=6
> sport=1841 dport=80, decision=DROP, IN=eth0 OUT=eth0, packet_id=83,
> mark=0, exptime=-1
>
> [19:27:08] Answ Packet: src=192.168.200.165 dst=200.154.56.73 proto=6
> sport=1841 dport=80, decision=DROP, IN=eth0 OUT=eth0, packet_id=82,
> mark=0, exptime=-1
There is no message sent by user maybe your NuFW client is not connected
anymore. What give the command :
nuauth_command
# users
when doing the test ?
BR,
--
Eric Leblond