search for: tcp

...Sep 2 05:26:50 localhost kernel: printk: 348 messages suppressed. Sep 2 05:26:50 localhost kernel: ip_conntrack: table full, dropping packet. ... [root at localhost log]# netstat -n Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 localhost:80 124.234.65.55:2058 SYN_RECV tcp 0 0 localhost:80 211.103.128.148:3232 SYN_RECV tcp 0 0 localhost:80 59.56.127.21:1320 SYN_RECV tcp 0 0 localhost:80 204.15.74.53:2661 SYN_RECV tcp...

...ver port 389 with my browser. service seems to be running. I am not running selinux, port 389 are open on both client and server. Message from browser: Access to this port is disabled for security reasons. Added command (hint from earlier posting) and got this list # netstat -aptn | grep :389 tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 2407/slapd tcp 0 0 127.0.0.1:389 127.0.0.1:33057 ESTABLISHED 2407/slapd tcp 0 0 127.0.0.1:389 127.0.0.1:32833 ESTABLISHED 2407/slapd tcp 0 0 127.0.0.1:...

...lem when connecting host os(ubuntu samba server) from guest os Windows XP. I referenced this article, http://troy.jdmz.net/samba/fw/, so I put the following sources in the middle of the source. -A INPUT -p udp -m udp --dport 137 -j ACCEPT -A INPUT -p udp -m udp --dport 138 -j ACCEPT -A INPUT -p tcp -m tcp --dport 139 -j ACCEPT -A INPUT -p tcp -m tcp --dport 445 -j ACCEPT Finally, it doesn't work. I feel now very frustrated... I tried with a lot of combinations, but all failed due to errors as shown below: # smbclient -U cheeky -L 172.16.6.1 timeout connecting to 172.16.6.1:445 time...

On CentOS7 I have following firewalld setting. external (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: dns ftp http https imaps pop3s smtp ssh ports: 110/tcp 21/tcp 20000/tcp 106/tcp 53/tcp 990/tcp 5432/tcp 8447/tcp 113/tcp 143/tcp 3306/tcp 5224/tcp 22/tcp 465/tcp 995/tcp 25/tcp 10000/tcp 8443/tcp 993/tcp 443/tcp 8880/tcp 587/tcp 20/tcp 53/udp 12768/tcp protocols: masquerade: yes forward-ports: sourceports: icmp-blocks: rich rules: But by s...

...rypt passwords = true passdb backend = tdbsam obey pam restrictions = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . printing = cups printcap name = cups socket options = TCP_NODELAY [homes] comment = Home Directories browseable = no read only = no create mask = 0700 directory mask = 0700 valid users = %S [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create m...

OK, Something wacky. I'm getting many, many of these, it just keeps building: --snip-- netstat -vat: tcp 0 0 192.168.103.99:http statusurl.e-gold.com:57015 SYN_RECV tcp 0 0 192.168.103.99:http statusurl.e-gold.com:26377 SYN_RECV tcp 0 0 192.168.103.99:http statusurl.e-gold.com:64279 SYN_RECV tcp 0 0 192.168.103.99:http...

Dear Gordon Messmer, Thank you. Please teach me one more. By 'firewall-cmd --list' its answer is following. external (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: dns ftp http https imaps pop3s smtp ssh ports: 110/tcp 21/tcp 20000/tcp 106/tcp 53/tcp 990/tcp 5432/tcp 8447/tcp 113/tcp 143/tcp 3306/tcp 5224/tcp 22/tcp 465/tcp 995/tcp 25/tcp 10000/tcp 8443/tcp 993/tcp 443/tcp 8880/tcp 587/tcp 20/tcp 53/udp 12768/tcp protocols: masquerade: yes forward-ports: sourceports: icmp-blocks: rich rules: Now I ca...

...ce iptables save # DEFAULT FIREWALL POLICY iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # ------------------------------------------------------ # INPUT CHAIN RULES # ------------------------------------------------------ # MOST COMMON ATTACKS iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # LOOPBACK, ESTABLISHED & RELATED CONNECTIONS iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #...

...er returns the following message: [root at sl01 log]# mount -t nfs4 192.168.15.200:/opt/company_data /mnt mount.nfs4: Operation not permitted As nearest as I can tell, I was able to setup the ports correctly in /etc/sysconfig/nfs [root at centos sysconfig]# grep -v \# nfs RQUOTAD_PORT=875 LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 MOUNTD_PORT=892 STATD_PORT=662 As well as my /etc/services file: # Local services rquotad 875/tcp lockd 32803/tcp lockd 32769/tcp mountd 892/tcp statd 662/tcp rquotad 875/udp lockd 32803/udp lockd 32769/udp mountd 892/udp statd 662/udp [root at centos sy rpcin...

Hello, today I came to my job and I noticed that apache is not running. When I tried to run it, I learned that port 80 uis already in use. Using netstat -aenpl I tried to learn wha proces is using port 80, but I only leatned this: tcp 0 0 172.16.0.1:80 172.16.0.1:35664 SYN_RECV 0 0 - tcp 0 0 172.16.0.1:80 172.16.0.1:43464 SYN_RECV 0 0 - tcp 0 0 172.16.0.1:80 172.16.0.1:33764 SYN_RECV 0 0 - tcp 0 0 172.16.0.1:80 172.16.0.1:51384 SYN_RECV 0 0 - tcp 0 0 172.16.0.1:80 172.16.0.1:47699 SYN_RECV 0 0 - tcp 0 0 172.16.0.1:80 172.16.0.1:...

...CP. I had some testing ports opened for a web server which I have totally closed now but when I chose option 10 (filter log) on pfSense I get all of this type of traffic (note that it was only 1 single IP and once I blocked that one it was like opening a can full of bees with all different IPs): tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes 000000 rule 70/0(match): block in on vr1: 221.132.34.165.33556 > 69.90.78.53.52229: tcp 20 [...

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to proxy is in the 192.168.3.0/24 range connected to eth3.. The web browsers are loading pages fine, but not getting routed through Squid.. Here''s the info from the firewall: firewall:...

...0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:135 3484 666K DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445 4248 204K DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:135 303 14680 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 9269 445K DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 Chain DropUPnP (2 references) pkts bytes target prot...

...0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:135 3484 666K DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445 4248 204K DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:135 303 14680 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 9269 445K DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 Chain DropUPnP (2 references) pkts bytes target prot...

Hi, I've been able to get tinc setup when I flush all my iptables, but after enabling iptables and a delay I get a "Destination Net Unknown". I have three host (HOME10.0.3.2, MASTER 10.0.3.1, WEB 10.0.3.3) MASTER and WEB are in Digital ocean in the same data centre. HOME <---> MASTER <---> WEB I've tried multiple forwarding/masquerading/etc rules and

...ks 1-5 through the pub1 route table, and marks 6-10 through the pub2 routing table. Using the nat table, I SNAT to one of the 10 IPs assigned from the two /29''s. 1) Now, if i remove the default route (via PUB1 gw) from the main table, everything halts. Why? 2) If I pass a forwarded tcp syn packet out on the PUB2 interface, with the correct SNAT ip, I can see the syn+ack returning from the external server. Logging then indicates that this packet gets passed through mangle/PREROUTING, after which it appears to simply be lost. It''s definitely not going out on any of the...

...mail.com>) escribió: > Here is an extract of my current iptables that are not working: > > iptables -L -n -v > > Chain INPUT (policy DROP 8 packets, 1120 bytes) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT tcp -- lo * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:3306 > 0 0 ACCEPT udp -- lo * 0.0.0.0/0 > 0.0.0.0/0 udp dpt:3306 > 0 0 NRPE tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:5666 > 0 0...

Here's an interesting thing I notice between NTSP3 and Linux 2.0.33+ w/samba 1.9.18p8 [TCP_NODELAY, read prediction on, SND and RCV buffers to 64k, though I've tried 16k, 32K, 64k, max size 2k, 4k, 8k, 16k, no difference] When I copy a file from any share to my NT's HD, I get perhaps 280KB/sec. When I copy from NT HD to Samba share, I get almost 1MB/sec. Doesn't matter...

...to point several things: 1. You're not dropping packets in status 'INVALID' on top of your script, which is strange regarding you have 3 rules to detect other non-standard behavior; 2. Since you're blocking outgoing UDP, you should be certain that all UDP services are set up to use TCP instead and add corresponding rules for them. I'm talking about DNS queries and NTP time sync requests (as most common, but not limited to). These services using UDP, but you disabled it and haven't created outgoing rule for DNS over TCP or NTP using TCP. You can't do DNS queries, and i...

...44(smb_panic_default) PANIC: internal error Same error we get on command line with this command: samba-tool dns query ad01.domain.test domain.test @ ALL -UAdministrator netstat before connecting : netstat -anp | grep '88\|135\|389\|464\|636\|1024\|3268\|3269\|53' | grep -i listen tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN 27695/samba tcp 0 0 10.30.0.2:53 0.0.0.0:* LISTEN 26519/named-sdb tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 26519/named-sdb tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN 27695/samba tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 26519/named-sdb tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN 2...