[ LUGOS ] demand dial filter

Tor Dec 28 17:45:52 CET 1999

hail

vem, da se je o tem že pisalo na tej listi, a specifičnega odgovora na moj
problem še nisem našel. in sicer. nastavljen imam demand dial samo s
pppdjem, ki je verzije 2.3.7. stvar lepo špila, a problem je, ker imam linux
box nastavljen kot router za internet za manjšo mrežo. na mreži so NT
postaje. in te iz neznanega razloga dvigujejo link. s tcpdumpom sem malce
prisluškoval dogajanju na eth0 in ujel naslednje, iz česar sklepam, da smb
paketi dvigujejo link. zanima pa me,  kako bi filtriral smb pakete, da ne bi
dvigovali linka? je kakšen manj skrajen primer, kot ipchains ?

root na vampyria:~# ipchains -L forward
Chain forward (policy DENY):
target     prot opt     source                destination           ports
MASQ       all  ------  192.168.7.0/24        anywhere              n/a

in še tcpdump:

16:57:20.233336 helio.1045 > vampyria.telnet: . ack 68 win 8496 (DF)
16:57:20.244747 helio.1045 > vampyria.telnet: F 15:15(0) ack 68 win 8496
(DF)
16:57:20.244978 vampyria.telnet > helio.1045: . ack 16 win 32120 (DF)

16:57:31.106761 helio.1028 > vampyria.netbios-ssn: P 529475:529514(39) ack
658136594 win 7592 (DF)
16:57:31.107548 vampyria.netbios-ssn > helio.1028: P 1:76(75) ack 39 win
2920 (DF) [tos 0x10]
16:57:31.108251 helio.1028 > vampyria.netbios-ssn: P 39:78(39) ack 76 win
7517 (DF)
16:57:31.108777 vampyria.netbios-ssn > helio.1028: P 76:151(75) ack 78 win
2920 (DF) [tos 0x10]
16:57:31.111296 helio.1028 > vampyria.netbios-ssn: P 78:124(46) ack 151 win
7442 (DF)
16:57:31.112085 vampyria.netbios-ssn > helio.1028: P 151:190(39) ack 124 win
2920 (DF) [tos 0x10]
16:57:31.219911 helio.1028 > vampyria.netbios-ssn: . ack 190 win 7403 (DF)
16:57:45.085140 helio.1046 > vampyria.ssh: R 924539:924539(0) win 0 (DF)
16:57:47.447689 helio.1028 > vampyria.netbios-ssn: P 124:163(39) ack 190 win
7403 (DF)
16:57:47.463848 vampyria.netbios-ssn > helio.1028: . ack 163 win 2920 (DF)
[tos 0x10]
16:57:47.523675 vampyria.netbios-ssn > helio.1028: P 190:229(39) ack 163 win
2920 (DF) [tos 0x10]
16:57:47.524457 helio.1028 > vampyria.netbios-ssn: P 163:206(43) ack 229 win
7364 (DF)
16:57:47.543858 vampyria.netbios-ssn > helio.1028: . ack 206 win 2920 (DF)
[tos 0x10]
16:57:47.559897 vampyria.netbios-ssn > helio.1028: P 229:272(43) ack 206 win
2920 (DF) [tos 0x10]
16:57:47.746767 helio.1028 > vampyria.netbios-ssn: . ack 272 win 7321 (DF)
16:57:52.601015 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:57:52.886963 helio.netbios-dgm > 192.168.7.255.netbios-dgm: udp 201
16:57:54.865031 helio.netbios-dgm > 192.168.7.255.netbios-dgm: udp 201
16:57:54.865772 helio.netbios-ssn > vampyria.1054: R 1525929:1525929(0) win
0 (DF)
16:57:54.959816 helio.1028 > vampyria.netbios-ssn: P 206:245(39) ack 272 win
7321 (DF)
16:57:54.960537 vampyria.netbios-ssn > helio.1028: P 272:311(39) ack 245 win
2920 (DF) [tos 0x10]
16:57:54.961293 helio.1028 > vampyria.netbios-ssn: P 245:288(43) ack 311 win
8760 (DF)
16:57:54.961829 vampyria.netbios-ssn > helio.1028: P 311:354(43) ack 288 win
2920 (DF) [tos 0x10]
16:57:54.962486 helio.1028 > vampyria.netbios-ssn: F 288:288(0) ack 354 win
8717 (DF)
16:57:54.962694 vampyria.netbios-ssn > helio.1028: . ack 289 win 2920 (DF)
[tos 0x10]
16:57:54.963139 vampyria.netbios-ssn > helio.1028: F 354:354(0) ack 289 win
2920 (DF) [tos 0x10]
16:57:54.963639 helio.1028 > vampyria.netbios-ssn: . ack 355 win 8717 (DF)
16:57:55.059400 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:57:55.292398 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:57:55.292538 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:19.443019 arp who-has helio tell helio
16:59:20.439600 arp who-has helio tell helio
16:59:21.441203 arp who-has helio tell helio
16:59:25.588595 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:26.339340 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:27.090522 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:27.842085 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:35.858279 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:36.605952 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:37.357182 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:38.108398 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:38.867335 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:39.610838 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:39.864284 helio.netbios-dgm > 192.168.7.255.netbios-dgm: udp 201
16:59:40.362036 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:41.113351 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:41.870033 helio.netbios-dgm > 192.168.7.255.netbios-dgm: udp 201
16:59:41.962531 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:42.705866 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:43.457101 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:44.208312 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 68
16:59:44.960767 helio.netbios-dgm > 192.168.7.255.netbios-dgm: udp 176
16:59:44.961726 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 230
16:59:44.962438 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 209
16:59:44.964782 helio.netbios-dgm > 192.168.7.255.netbios-dgm: udp 201
17:03:54.964485 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 230
17:03:54.965243 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 209
17:08:54.964386 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 230
17:08:54.965113 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 209
17:11:46.302578 helio.netbios-dgm > 192.168.7.255.netbios-dgm: udp 201
17:14:56.304430 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 230
17:14:56.305158 vampyria.netbios-dgm > 192.168.7.255.netbios-dgm: udp 209
17:20:08.181325 helio.netbios-ns > 192.168.7.255.netbios-ns: udp 50
17:20:08.182413 vampyria.netbios-ns > helio.netbios-ns: udp 62
17:20:08.183137 arp who-has vampyria tell helio
17:20:08.183292 arp reply vampyria is-at 0:80:48:b9:75:f1
17:20:08.183715 helio.1030 > vampyria.netbios-ssn: S 1418393:1418393(0) win
8192 <mss 1460> (DF)
17:20:08.184751 vampyria.netbios-ssn > helio.1030: S
3719635745:3719635745(0) ack 1418394 win 32120 <mss 1460> (DF)
17:20:08.185270 helio.1030 > vampyria.netbios-ssn: . ack 1 win 8760 (DF)

.....