Re: [suse-isdn] TCPMSS-Firewallregel greift nicht

1 Jul 2003

      Robert Gött wrote:
...
FORWARD-Regeln
# iptables -L -vn
...
Chain FORWARD (policy DROP 32 packets, 1408 bytes)
pkts bytes target    prot opt in   out   source         destination
  32  1408 TCPMSS    tcp  --  *    *     0.0.0.0/0      0.0.0.0/0       
tcp flags:0x06/0x02 TCPMSS clamp to PMTU
   0     0 ACCEPT    all  --  ppp0 eth0  0.0.0.0/0      192.168.175.0/24
state RELATED,ESTABLISHED
  32  1408 LOG       all  --  *    *     0.0.0.0/0      0.0.0.0/0       
...
# tail -f /var/log/messages
...
Jun 30 19:44:02 dslserver kernel: BLOCKED_F: IN=eth0 OUT=ppp0
SRC=192.168.0.10 DST=207.68.185.58 LEN=44 TOS=0x00 PREC=0x00 TTL=63 ID=3842
DF PROTO=TCP SPT=1056 DPT=80 WINDOW=60352 RES=0x00 SYN URGP=0
--state NEW vergessen?

Was soll denn ausgehend erlaubt sein?

Peter

Re: [suse-isdn] TCPMSS-Firewallregel greift nicht

Peter Wiersig