On Tuesday 15 November 2005 19:36, Darryl Gregorash wrote:
I'm even more confused:
Nov 15 09:05:49 athena kernel: SFW2-FWDint-DROP-DEFLT IN=eth0 OUT=modem0 SRC=192.168.2.20 DST=64.243.71.82 LEN=73 TOS=0x00 PREC=0x00 TTL=127 ID=33119 PROTO=UDP SPT=1027 DPT=53 LEN=53
This is a DNS lookup from "isis" that was just dropped, yet you say your wife is able to resolve hostnames.
"isis" runs Windows XP Home Edition. Perhaps it caches recently used domain name data? It also has a modem, which she can't use when I'm online.
Maybe someone else will spot something, but I cannot immediately see any problem. Perhaps posting the output of "iptables -L -n" will help (and you will have to run that as root).
Thanks. I did this under 8.2, 9.3, and 10.0. The full output from 10.0 follows, but first, here is the "diff" between 9.3 and 10.0: "diff" between output from SuSE 9.3 and 10.0, online, "iptables -L -n" (9.3 is "<", 10.0 is ">"): 34,36c34 < ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED < ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED < LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' ---
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 52,54c50 < ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED < ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED < LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT '
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 74c70 < LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
Under SuSE 8.2, I used the "personal" firewall, and things are so different that I don't know where to begin in comparing them. Output from SuSE 10.0, online, "iptables -L -n": Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED input_int all -- 0.0.0.0/0 0.0.0.0/0 input_ext all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU forward_int all -- 0.0.0.0/0 0.0.0.0/0 forward_ext all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWD-ILL-ROUTING ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-OUT-ERROR ' Chain forward_ext (1 references) target prot opt source destination ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 code 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 5 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain forward_int (1 references) target prot opt source destination ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 code 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 5 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain input_ext (1 references) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 code 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 5 reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 state NEW LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain input_int (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 Chain reject_func (1 references) target prot opt source destination REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable Thanks, Peter Taylor