[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: Selective web access and SuSe 11
From: Phil Dibowitz <phil () ipom ! com>
Date: 2009-01-19 20:22:04
Message-ID: 23690_1232396931_4974E282_23690_7855_1_4974E0EC.30507 () ipom ! com
[Download RAW message or body]
James Raftery wrote:
> Tcpdump shows that there is a handshake and then a timeout for these sites:
> mysite.port# --> external.http S
> external.http --> mysite.port# S
> mysite.port# --> external.http . ack 1
> mysite.port# --> external.http P 1:389
> external.http --> mysite.port# . ack 389
A much more useful tcpdump is from both sides of the ipfilter machine, not
the suse machine.
Also, try adding 'log' to your rules to see what ipfilter is doing.
> The flow of the subnet is through a dual homed vintage machine running IRIX 6.2
> AND IP_fil3.4.16. If I take ipfilter down then no problem.
The *ancient* version shouldn't cause this problem, but I don't think it's
supported, and you may want to plan an upgrade soon anyway.
--
Phil Dibowitz phil@ipom.com
Open Source software and tech docs Insanity Palace of Metallica
http://www.phildev.net/ http://www.ipom.com/
"Never write it in C if you can do it in 'awk';
Never do it in 'awk' if 'sed' can handle it;
Never use 'sed' when 'tr' can do the job;
Never invoke 'tr' when 'cat' is sufficient;
Avoid using 'cat' whenever possible" -- Taylor's Laws of Programming
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic