Mailinglist Archive: opensuse-security (224 mails)
| < Previous | Next > |
RE: [suse-security] My SuSEFirewall blocks something than my LAM can not surfing in internet anymore.
- From: "Peer Stefan" <stefan.peer@xxxxxxxx>
- Date: Fri, 28 Feb 2003 14:21:59 +0100
- Message-id: <01B66D0A11EB3E439676C0EAA891D89F0EE591@xxxxxxxxxxxxxxx>
Hi Prabu,
Sorry to say so, but this trace shows nothing more than a connection-trace of your ssh-session (DPT=22 ...).
Don't tail /var/log/messages, it's quite big and gets filled really fast.
Do a "cat /var/log/messages|grep DTP=80|grep -v DST=192.168.23.10" in order to get all the outgoing http-stuff.
so long,
Stefan
btw. I'm called Stefan - it's a bit queer here in Austria, we always put the last name in front ;-)
> From: Prabu Subroto [mailto:prabu_subroto@xxxxxxxxx]
> Dear my friend, Peer...
>
> Today morning, it happened again. I follow your advice
> and this is the 60 lines of my "/var/log/messages"
> file:
> "
> proxy:/var/log # tail -n 60 messages
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4343 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4344 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4345 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4346 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4347 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4348 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4349 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4350 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4351 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4352 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4353 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4354 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4355 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4356 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=18824 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4357 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=18824 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4358 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=18824 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4359 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=21720 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4360 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=24616 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1D04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4361 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1D04A2BFF9)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4362 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DBA04A2BFF9)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4363 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DBD04A2C09A)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4364 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DCA04A2C09A)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4365 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DCA04A2C0A6)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4366 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DD804A2C0A6)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4367 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DDB04A2C0B8)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4368 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DF004A2C0B8)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4369 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DF304A2C0CF)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4370 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097E1104A2C0CF)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4371 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097E1504A2C0F1)
> Feb 27 14:04:54 proxy kernel: SuSE-FW-ILLEGAL-TARGET
> IN=eth0 OUT=
> MAC=ff:ff:ff:ff:ff:ff:00:50:bf:77:77:f8:08:00
> SRC=192.168.23.238 DST=192.168.23.0 LEN=174 TOS=0x00
> PREC=0x00 TTL=64 ID=25437 DF PROTO=UDP SPT=631 DPT=631
> LEN=154
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4372 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097FD004A2C0F1)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4373 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097FD404A2C2B0)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4374 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097FF804A2C2B0)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4375 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097FFB04A2C2D8)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4376 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009800C04A2C2D8)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4377 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009800F04A2C2EB)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4378 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009805304A2C2EB)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4379 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009805704A2C333)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4380 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009806F04A2C333)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4381 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009806F04A2C34C)
> Feb 27 14:04:58 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4382 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000980A304A2C34C)
> Feb 27 14:04:58 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4383 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000980A604A2C382)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4384 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000980EB04A2C382)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4385 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000980ED04A2C3CA)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4386 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009810304A2C3CA)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4387 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009810604A2C3E2)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4388 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009811F04A2C3E2)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4389 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009812204A2C3FE)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4390 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009813304A2C3FE)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4391 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009813604A2C412)
> Feb 27 14:05:00 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4392 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009814304A2C412)
> Feb 27 14:05:00 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4393 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009814604A2C422)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4394 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000981A204A2C422)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4395 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000981A504A2C481)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4396 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000981B204A2C481)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4397 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000981B504A2C491)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4398 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000981CD04A2C491)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4399 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000981CF04A2C4AC)
> Feb 27 14:05:05 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4400 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009835104A2C4AC)
> Feb 27 14:05:05 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4401 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009835104A2C62E)
> proxy:/var/log #
> "
>
> Please tell me your solution... Should I allow
> "145.254.88.223"? But how?
>
> Thank you, Peer.
> --- Peer Stefan <stefan.peer@xxxxxxxx> wrote:
> > Hi
> > > From: Prabu Subroto
> > [mailto:prabu_subroto@xxxxxxxxx]
> > > Dear my collegues...
> > >
> > > I have SuSE Linux 8.1 with SuSEfirewall2, BIND 8,
> > > ip-masquerading and squid server. This server use
> > ISDN
> > > dial up to arcor (www.arcor.de).
> > >
> > > Everything runs properly, I have opened "53 3128
> > 67 25
> > > 110". But after sometimes than my LAN User can not
> > > surfing to internet anymore but they still can use
> > > e-mail (pop and smtp) properly.I don't know when
> > the
> > > problem comes, lookslike after our ISP
> > reset/change
> > > the IP number of our ISDN card (I guess so).
> > >
> > > The LAN user can go to the internet only after I
> > > restart my SuSEfirewall, such as:
> > > "
> > > SuSEfirewall2 stop
> > > SuSEfirewall2 start
> > > "
> > >
> > > Thank you very much.
> >
> > Have a look at /var/log/messages -> are there any
> > entries which show dropped or rejected packages?
> >
> > >
> > > ps. If I start my SuSEfirewall2 than comes this
> > error
> > > message:
> > > "
> > > proxy:~ # SuSEfirewall2 start
> > > Warning: FW_SERVICE_DNS defined, but no DNS server
> > > found running!
> > > proxy:~ #
> > > "
> >
> > Does your DNS crash sometimes? Again look at
> > /var/log/messages, it's all in there ;-)
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - forms, calculators, tips, more
> http://taxes.yahoo.com/
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>
Sorry to say so, but this trace shows nothing more than a connection-trace of your ssh-session (DPT=22 ...).
Don't tail /var/log/messages, it's quite big and gets filled really fast.
Do a "cat /var/log/messages|grep DTP=80|grep -v DST=192.168.23.10" in order to get all the outgoing http-stuff.
so long,
Stefan
btw. I'm called Stefan - it's a bit queer here in Austria, we always put the last name in front ;-)
> From: Prabu Subroto [mailto:prabu_subroto@xxxxxxxxx]
> Dear my friend, Peer...
>
> Today morning, it happened again. I follow your advice
> and this is the 60 lines of my "/var/log/messages"
> file:
> "
> proxy:/var/log # tail -n 60 messages
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4343 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4344 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4345 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4346 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4347 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4348 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4349 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4350 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4351 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4352 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF7)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4353 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4354 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1B04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4355 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=16192 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4356 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=18824 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4357 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=18824 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4358 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=18824 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4359 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=21720 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1C04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4360 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=24616 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1D04A2BFF8)
> Feb 27 14:04:49 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4361 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097D1D04A2BFF9)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4362 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DBA04A2BFF9)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4363 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DBD04A2C09A)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4364 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DCA04A2C09A)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4365 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DCA04A2C0A6)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4366 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DD804A2C0A6)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4367 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DDB04A2C0B8)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4368 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097DF004A2C0B8)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4369 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097DF304A2C0CF)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4370 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097E1104A2C0CF)
> Feb 27 14:04:51 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4371 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097E1504A2C0F1)
> Feb 27 14:04:54 proxy kernel: SuSE-FW-ILLEGAL-TARGET
> IN=eth0 OUT=
> MAC=ff:ff:ff:ff:ff:ff:00:50:bf:77:77:f8:08:00
> SRC=192.168.23.238 DST=192.168.23.0 LEN=174 TOS=0x00
> PREC=0x00 TTL=64 ID=25437 DF PROTO=UDP SPT=631 DPT=631
> LEN=154
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4372 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097FD004A2C0F1)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4373 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097FD404A2C2B0)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4374 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A00097FF804A2C2B0)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4375 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A00097FFB04A2C2D8)
> Feb 27 14:04:56 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4376 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009800C04A2C2D8)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4377 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009800F04A2C2EB)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4378 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009805304A2C2EB)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4379 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009805704A2C333)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4380 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009806F04A2C333)
> Feb 27 14:04:57 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4381 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009806F04A2C34C)
> Feb 27 14:04:58 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4382 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000980A304A2C34C)
> Feb 27 14:04:58 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4383 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000980A604A2C382)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4384 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000980EB04A2C382)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4385 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000980ED04A2C3CA)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4386 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009810304A2C3CA)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4387 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009810604A2C3E2)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4388 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009811F04A2C3E2)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4389 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009812204A2C3FE)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4390 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009813304A2C3FE)
> Feb 27 14:04:59 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4391 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009813604A2C412)
> Feb 27 14:05:00 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4392 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009814304A2C412)
> Feb 27 14:05:00 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4393 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009814604A2C422)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4394 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000981A204A2C422)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4395 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000981A504A2C481)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4396 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000981B204A2C481)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4397 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000981B504A2C491)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4398 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A000981CD04A2C491)
> Feb 27 14:05:01 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4399 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A000981CF04A2C4AC)
> Feb 27 14:05:05 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=100 TOS=0x10
> PREC=0x00 TTL=64 ID=4400 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK PSH URGP=0 OPT
> (0101080A0009835104A2C4AC)
> Feb 27 14:05:05 proxy kernel:
> SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> SRC=192.168.23.237 DST=192.168.23.10 LEN=52 TOS=0x10
> PREC=0x00 TTL=64 ID=4401 DF PROTO=TCP SPT=1132 DPT=22
> WINDOW=27512 RES=0x00 ACK URGP=0 OPT
> (0101080A0009835104A2C62E)
> proxy:/var/log #
> "
>
> Please tell me your solution... Should I allow
> "145.254.88.223"? But how?
>
> Thank you, Peer.
> --- Peer Stefan <stefan.peer@xxxxxxxx> wrote:
> > Hi
> > > From: Prabu Subroto
> > [mailto:prabu_subroto@xxxxxxxxx]
> > > Dear my collegues...
> > >
> > > I have SuSE Linux 8.1 with SuSEfirewall2, BIND 8,
> > > ip-masquerading and squid server. This server use
> > ISDN
> > > dial up to arcor (www.arcor.de).
> > >
> > > Everything runs properly, I have opened "53 3128
> > 67 25
> > > 110". But after sometimes than my LAN User can not
> > > surfing to internet anymore but they still can use
> > > e-mail (pop and smtp) properly.I don't know when
> > the
> > > problem comes, lookslike after our ISP
> > reset/change
> > > the IP number of our ISDN card (I guess so).
> > >
> > > The LAN user can go to the internet only after I
> > > restart my SuSEfirewall, such as:
> > > "
> > > SuSEfirewall2 stop
> > > SuSEfirewall2 start
> > > "
> > >
> > > Thank you very much.
> >
> > Have a look at /var/log/messages -> are there any
> > entries which show dropped or rejected packages?
> >
> > >
> > > ps. If I start my SuSEfirewall2 than comes this
> > error
> > > message:
> > > "
> > > proxy:~ # SuSEfirewall2 start
> > > Warning: FW_SERVICE_DNS defined, but no DNS server
> > > found running!
> > > proxy:~ #
> > > "
> >
> > Does your DNS crash sometimes? Again look at
> > /var/log/messages, it's all in there ;-)
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - forms, calculators, tips, more
> http://taxes.yahoo.com/
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>
| < Previous | Next > |