Hello-
I¹m trying to send UDP echo (to test jitter and latency) from an
internal machine to my Shorewall host.
I have a UDP echo server residing on the Firewall sitting on port 9003.
When I try and echo the UDP server using hping3 -u -p 9003
<servername>
I get the following error messages.
Mar 19 15:09:26 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=41600 PROTO=TCP
SPT=1180 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:09:27 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=52671 PROTO=TCP
SPT=1181 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:12:34 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=42276 PROTO=TCP
SPT=1535 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:12:35 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=64046 PROTO=TCP
SPT=1536 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:12:36 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=11316 PROTO=TCP
SPT=1537 DPT=9003 WINDOW=512 RES=0x00 URGP=0
I¹ve got ping(ACCEPT) and tracrt(ACCEPT) allowed in my rules file from loc
to $FW and $FW to loc, but the error messages still appear.
If I clear Shorewall, the UDP ping works fine. (I notice above that the
traffic being blocked is listed as TCP outbound, which is a bit strange).
Any tips for what I might be able to do to allow this traffic? (Or what I¹m
doing wrong?) I¹ve searched through the docs and mailing list and come up
empty.
SIP Helpers are NOT loaded.
--
Keith Mitchell
CTO
Productivity Associates, Inc.
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
Never mind.
I was doing it wrong.
Sorry!
Should have been hping3 2 p 9003 servername.
--
Keith Mitchell
CTO
Productivity Associates, Inc.
From: Keith Mitchell <keithm@paisd.com>
Reply-To: Shorewall Users <shorewall-users@lists.sourceforge.net>
Date: Mon, 19 Mar 2012 15:26:07 -0700
To: Shorewall Users <shorewall-users@lists.sourceforge.net>
Subject: [Shorewall-users] UDP Echo
Hello-
I¹m trying to send UDP echo (to test jitter and latency) from an
internal machine to my Shorewall host.
I have a UDP echo server residing on the Firewall sitting on port 9003.
When I try and echo the UDP server using hping3 -u -p 9003
<servername>
I get the following error messages.
Mar 19 15:09:26 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=41600 PROTO=TCP
SPT=1180 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:09:27 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=52671 PROTO=TCP
SPT=1181 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:12:34 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=42276 PROTO=TCP
SPT=1535 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:12:35 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=64046 PROTO=TCP
SPT=1536 DPT=9003 WINDOW=512 RES=0x00 URGP=0
Mar 19 15:12:36 <servername> kernel: Shorewall:logflags:DROP:IN=br0
OUTMAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1
DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=11316 PROTO=TCP
SPT=1537 DPT=9003 WINDOW=512 RES=0x00 URGP=0
I¹ve got ping(ACCEPT) and tracrt(ACCEPT) allowed in my rules file from loc
to $FW and $FW to loc, but the error messages still appear.
If I clear Shorewall, the UDP ping works fine. (I notice above that the
traffic being blocked is listed as TCP outbound, which is a bit strange).
Any tips for what I might be able to do to allow this traffic? (Or what I¹m
doing wrong?) I¹ve searched through the docs and mailing list and come up
empty.
SIP Helpers are NOT loaded.
--
Keith Mitchell
CTO
Productivity Associates, Inc.
----------------------------------------------------------------------------
--
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
On 3/19/12 3:26 PM, "Keith Mitchell" <keithm@paisd.com> wrote:> UDP Echo > Hello- > > I¹m trying to send UDP echo (to test jitter and latency) from an internal > machine to my Shorewall host. > > I have a UDP echo server residing on the Firewall sitting on port 9003. > > When I try and echo the UDP server using hping3 -u -p 9003 <servername> I > get the following error messages. > > Mar 19 15:09:26 <servername> kernel: Shorewall:logflags:DROP:IN=br0 OUT> MAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1 > DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=41600 PROTO=TCP SPT=1180 > DPT=9003 WINDOW=512 RES=0x00 URGP=0 > Mar 19 15:09:27 <servername> kernel: Shorewall:logflags:DROP:IN=br0 OUT> MAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1 > DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=52671 PROTO=TCP SPT=1181 > DPT=9003 WINDOW=512 RES=0x00 URGP=0 > Mar 19 15:12:34 <servername> kernel: Shorewall:logflags:DROP:IN=br0 OUT> MAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1 > DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=42276 PROTO=TCP SPT=1535 > DPT=9003 WINDOW=512 RES=0x00 URGP=0 > Mar 19 15:12:35 <servername> kernel: Shorewall:logflags:DROP:IN=br0 OUT> MAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1 > DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=64046 PROTO=TCP SPT=1536 > DPT=9003 WINDOW=512 RES=0x00 URGP=0 > Mar 19 15:12:36 <servername> kernel: Shorewall:logflags:DROP:IN=br0 OUT> MAC=00:15:17:b9:df:50:c8:9c:1d:98:19:d8:08:00 SRC=192.168.1.1 > DST=10.254.100.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=11316 PROTO=TCP SPT=1537 > DPT=9003 WINDOW=512 RES=0x00 URGP=0 > > I¹ve got ping(ACCEPT) and tracrt(ACCEPT) allowed in my rules file from loc to > $FW and $FW to loc, but the error messages still appear. > > If I clear Shorewall, the UDP ping works fine. (I notice above that the > traffic being blocked is listed as TCP outbound, which is a bit strange). > > Any tips for what I might be able to do to allow this traffic? (Or what I¹m > doing wrong?) I¹ve searched through the docs and mailing list and come up > empty.As shown in the log messages, the packets being dropped are TCP, not UDP. My reading of the hping3 manage suggests that UDP is specified by "-2" or "--udp". -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice. ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure