[ale] next stupid ipchains question

Joe Knapka jknapka at earthlink.net
Thu Sep 7 21:42:41 EDT 2000 

So denali is attempting to establish a telnet connection
to a.dmz.edu. But a.dmz.edu is never responding.

>From this, it looks like 192.168.10.220 is a.dmz.edu, and

192.168.10.215 is the router. Is that right?

-- Joe

Wandered Inn wrote:
> 
> Joe Knapka wrote:
> 
> > It may be useful to add a logging rule to firewall_a's input chain
> > to see if anything is getting that far.
> 
> Well, I'm on to something here.  I changed the forward rule on the
> router from MASQ to ACCEPT.  I then stuck a sniffer on the interface of
> one machine on net_1.  I then attempted to telnet from net_2 machine to
> the machine with the sniffer.  Things are getting through the router to
> the sniffed interface, but I don't know why things aren't normal.  I'm
> not up on decyphering sniffer data, even as pretty as ethereal makes
> it.  Any suggestions will be greatly appreciated, while I dig into what
> all this is supposed to be telling me.  Here's the output from the
> sniffer:
> 
>    No. Time        Source                Destination           Protocol
> Info
>       1 0.000000    denali.home.edu       a.dmz.edu             TCP
> 2130 > telnet [SYN] Seq=502284224 Ack=0 Win=32120
>       2 2.999825    denali.home.edu       a.dmz.edu             TCP
> 2130 > telnet [SYN] Seq=502284224 Ack=0 Win=32120
>       3 4.998166    00:a0:cc:63:57:dd     00:20:78:02:71:d2     ARP
> Who has 192.168.10.215?  Tell 192.168.10.220
>       4 4.998283    00:20:78:02:71:d2     00:a0:cc:63:57:dd     ARP
> 192.168.10.215 is at 00:20:78:02:71:d2
>       5 9.000733    denali.home.edu       a.dmz.edu             TCP
> 2130 > telnet [SYN] Seq=502284224 Ack=0 Win=32120
>       6 21.002630   denali.home.edu       a.dmz.edu             TCP
> 2130 > telnet [SYN] Seq=502284224 Ack=0 Win=32120
>       7 45.006437   denali.home.edu       a.dmz.edu             TCP
> 2130 > telnet [SYN] Seq=502284224 Ack=0 Win=32120
>       8 93.014173   denali.home.edu       a.dmz.edu             TCP
> 2130 > telnet [SYN] Seq=502284224 Ack=0 Win=32120
>       9 98.006034   00:a0:cc:63:57:dd     00:20:78:02:71:d2     ARP
> Who has 192.168.10.215?  Tell 192.168.10.220
>      10 98.006149   00:20:78:02:71:d2     00:a0:cc:63:57:dd     ARP
> 192.168.10.215 is at 00:20:78:02:71:d2
>      11 189.029306  denali.home.edu       a.dmz.edu             TCP
> 2130 > telnet [SYN] Seq=502284224 Ack=0 Win=32120
>      12 194.024483  00:a0:cc:63:57:dd     00:20:78:02:71:d2     ARP
> Who has 192.168.10.215?  Tell 192.168.10.220
>      13 194.024600  00:20:78:02:71:d2     00:a0:cc:63:57:dd     ARP
> 192.168.10.215 is at 00:20:78:02:71:d2
> 
> >
> > -- Joe
> >
> > *** Joseph Knapka ***
> > In any formula, constants (especially those obtained from handbooks)
> > are to be treated as variables.
> > --
> > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
> 
> --
> Until later: Geoffrey           esoteric at denali.atlnet.com
> 
> Microsoft != Innovation

-- 
*** Joseph Knapka ***
In any formula, constants (especially those obtained from handbooks)
are to be treated as variables.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list