'RE: [dante-misc] Dante won't forward my ssh connection'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dante-misc
Subject:    RE: [dante-misc] Dante won't forward my ssh connection
From:       Adrian Dimitrov <adrian.dimitrov () efellows ! bg>
Date:       2017-05-23 6:14:35
Message-ID: 490FA8C6CC4CDA44A7D3E449D75BF1F7406918 () exchanger ! efellows ! bg
[Download RAW message or body]

Hello Michael ,

Thank you very much for the help and the time spent I will check what could be \
blocking this traffic.

Best Regards,
Adrian Dimitrov
System Administrator


-----Original Message-----
From: Michael Shuldman [mailto:michaels@inet.no] 
Sent: Tuesday, May 23, 2017 9:02 AM
To: Adrian Dimitrov <adrian.dimitrov@efellows.bg>
Cc: dante-misc@inet.no
Subject: Re: [dante-misc] Dante won't forward my ssh connection

Adrian Dimitrov wrote,
> Hello Michael,
> 
> Thanks for your time spent on my troubles.
> 
> Here is what u asked for (in the file attached).
> 
> The configuration is as follows. Ubuntu 16.04.01 machine in our environment working \
> with tsocks with local address and going out through  firewall with ip address \
> 1.1.1.1 . Ubuntu 16.04.01 machine in the customer environment with danted (v1.1.19) \
> installed. The public IP address is on the firewall 2.2.2.2 with DNAT to the local \
> (danted) machine.  
> I want to connect to machine 3.3.3.3 which is in the local network of the danted \
> machine in the customer environment.

Hello, assuming that Dante's internal IP-address is 4.4.4.4, port 2222, the tcpdump \
log confirms that this is not a problem related to Dante.

"""
tcpdump host 1.1.1.1


# the socks client (1.1.1.1) connects to Dante.
#
11:23:24.501681 IP (tos 0x0, ttl 55, id 14440, offset 0, flags [DF], proto TCP ( 6), \
length 60) ip-1-1-1-1.efellows.bg.38458 > 4.4.4.4.2222: Flags [S], cksum 0x056f \
(correct), seq 1537685575, win 29200, options [mss 1380,sackOK,TS val 125830638 ecr \
0,n op,wscale 7], length 0

# The machine Dante runs on (4.4.4.4) accepts the connection from the # socks client.
#
11:23:24.501737 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), \
length 60)  4.4.4.4.2222 > ip-1-1-1-1.efellows.bg.38458: Flags [S.], cksum
    0x8705 (incorrect -> 0x1eab), seq 407302957, ack 1537685576,
    win 15928, options [mss 1460,sackOK,TS val 39849070 ecr
    125830638,nop,wscale 0], length 0

# The TCP three-way handshake completes.  The connection between # the socks client \
is established. 11:23:24.504784 IP (tos 0x0, ttl 55, id 14441, offset 0, flags [DF], \
proto TCP (6), length 52)  ip-1-1-1-1.efellows.bg.38458 > 4.4.4.4.2222: Flags [.], \
cksum  0x8ac2 (correct), seq 1, ack 1, win 229, options [nop,nop,TS
    val 125830639 ecr 39849070], length 0


# The socks client should send the socks protocol request to Dante,
# but nothing more appears in the tcpdump log on Dante's side, 
# meaning Dante does not receive any request from the client.
"""

However, on the socks client side, the tcpdump log shows the
client sending the socks request to Dante:
"""
tcpdump host 2.2.2.2 -vv

...

11:23:24.503688 IP (tos 0x0, ttl 64, id 14442, offset 0, flags [DF],
proto TCP ( 6), length 67)
    Rancid.Rancid.38458 > 2.2.2.2.2222: Flags [P.], cksum 0x32e6
    (incorrect -> 0xa621), seq 1:16, ack 1, win 229, options
    [nop,nop,TS val 125830639 ecr 39849070 ], length 15

"""


So: the problem lies somewhere between the socks client and Dante.
Not with Dante and not with the socks client.  The socks client
is able to establish the connection to Dante, but something is
blocking the data it then subsequently sends to Dante.

With kind regards,

-- 
  _ // 
  \X/ -- Michael Shuldman 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic