Hi all folks, Can any help me to understand /etc/shorewall/rules Protocol icmp, udp, tcp, etc. Destination Port 53, 22, 8, etc. Thanks in advance. B.R. Stephen Liu To Get Your Own iCareHK.com Email Address? Go To www.iCareHK.com.
On Sun, 2003-09-14 at 10:10, Stephen Liu wrote:> Can any help me to understandYes....but the general discussion of this is way off topic...but...> /etc/shorewall/rules > > Protocol > icmp, udp, tcp, etc. > > Destination Port > 53, 22, 8, etc. > > Thanks in advance.A good source would be "TCP/IP Illustrated, Volume 1 - The Protocols". Author W. Richard Stevens - ISBN 0-201-63346-9 (v.1) Publisher Addison-Wesley. I''ve the 6th printing from 1995 but the basics haven''t changed. Ed
On Sun, 2003-09-14 at 11:44, Ed Greshko wrote:> On Sun, 2003-09-14 at 10:10, Stephen Liu wrote: > > > Can any help me to understand > > Yes....but the general discussion of this is way off topic...but...I also hate when my cat hits send before I''m finishing writing....> > /etc/shorewall/rules > > > > Protocol > > icmp, udp, tcp, etc.icmp = Internet Control Message Protocol. UDP = User Datagram Protocol (A connectionless protocol) TCP = Transmission Control Protocol (A connection-oriented protocol)> > > > Destination Port > > 53, 22, 8, etc.Ports define the service offered at the destination. Most can be found in your /etc/services file.... In your list above you have "8" and I suspect you mean that one in reference to an ICMP message since you are seeing lots of those in your logs. The ports for TCP and UDP use the same port definition while ICMP "8" is the message type. A good source, although outdated, is RFC1700> > Thanks in advance. > > A good source would be "TCP/IP Illustrated, Volume 1 - The Protocols". > Author W. Richard Stevens - ISBN 0-201-63346-9 (v.1) Publisher Addison-Wesley. > > I''ve the 6th printing from 1995 but the basics haven''t changed. > > Ed > > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm-- http://www.shorewall.net Shorewall, for all your firewall needs
Hi Ed, Thanks for your advice which gives me a good information and hint. From Internet search I found follow interesting links; Port Numbers http://www.iana.org/assignments/port-numbers IP Protrocol Suite http://www.networksorcery.com/enp/topic/ipsuite.htm I do hope that I got the right source. If not please correct me. Thanks On Sun, 2003-09-14 at 12:07, Ed Greshko wrote: - snip -> > > Protocol > > > icmp, udp, tcp, etc. > > icmp = Internet Control Message Protocol. > UDP = User Datagram Protocol (A connectionless protocol) > TCP = Transmission Control Protocol (A connection-oriented protocol)Noted with thanks> > > Destination Port > > > 53, 22, 8, etc. > > Ports define the service offered at the destination. Most can be found > in your /etc/services file....Noted with thanks> In your list above you have "8" and I suspect you mean that one in > reference to an ICMP message since you are seeing lots of those in your > logs. The ports for TCP and UDP use the same port definition while ICMP > "8" is the message type."8" appears next to "icmp" ACCEPT loc fw icmp 8 ACCEPT net fw icmp 8 ACCEPT fw loc icmp 8 ACCEPT fw net icmp 8> A good source, although outdated, is RFC1700I found /etc/shorewall/rfc1918 instead B.R. Stephen To Get Your Own iCareHK.com Email Address? Go To www.iCareHK.com.
On Sun, 2003-09-14 at 13:10, Stephen Liu wrote:> Thanks for your advice which gives me a good information and hint. From > Internet search I found follow interesting links; > > Port Numbers > http://www.iana.org/assignments/port-numbersYes, that is more recent....> IP Protrocol Suite > http://www.networksorcery.com/enp/topic/ipsuite.htmThis is good if you already have a background...maybe a bit too detailed for someone wanting to learn. That''s why I like the book. Good text explanations and examples...> "8" appears next to "icmp" > > ACCEPT loc fw icmp 8 > ACCEPT net fw icmp 8 > ACCEPT fw loc icmp 8 > ACCEPT fw net icmp 8In the case of ICMP the 8 is not a port but a message type. Message type 8 is an "echo request".> > A good source, although outdated, is RFC1700 > > I found /etc/shorewall/rfc1918 instead???? This has nothing to do with what you are asking about above.... RFC1918 is "Address Allocation for Private Internets". This is not related to the protocols. Ed
Hey Stephen, If your particularly interested in ICMP types and codes then here''s a pretty good link. A search on "Google.com" "icmp protocol types and codes" will give you more info than you want. Here''s a link though. http://livenudefrogs.com/~anubis/icmp/#type8 This has hyper links to other sites as well..Pretty dry read though. If your new to how ICMP works then your probably want to refine your search to "icmp for beginners" or something like that, that will give you a more hopefully better understanding. The wierd thing about the ICMP protocol is that windows uses a form of TCP when initiating Ping and Tracert. Unix/linux uses UDP and the way that it uses it is kind of funky if you come from a windows background... Just a little heads-up... Lots of info on Unix/Linux UDP ICMP on Google as well.... Joshua Banks __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com