[Firehol-support] windows messenger
Thomas Arendsen Hein
thomas at intevation.de
Thu Jun 22 13:44:20 BST 2006
* Rick Marshall <rjm at zenucom.com> [20060622 09:47]:
> Thomas Arendsen Hein wrote:
> >* Rick Marshall <rjm at zenucom.com> [20060622 03:27]:
> >>Jun 22 11:13:21 cgate kernel: PASS-unknown:IN=eth1 OUT=eth0 SRC=192.168.1.238 DST=207.68.178.61
> >>LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=16928 DF PROTO=TCP SPT=1278 DPT=80 WINDOW=64685 RES=0x00 ACK
> >>FIN URGP=0
> >>
> >>Does anyone know why these packets are being blocked and logged? is it the window size? i don't
> >>have any further info yet, but i will dig deeper if needed.
> >>
> >
> >PASS-unknown means that there is no router which feels responsible
> >for this. Maybe you've added Microsoft to your UNROUTABLE_IPS? ;-)
>
> tempting as that may be, it's not the case:
>
> traceroute to 207.68.178.61 (207.68.178.61), 30 hops max, 46 byte packets
> 1 192.168.7.155 (192.168.7.155) 0.239 ms 0.140 ms 0.126 ms
> ...
> 13 207.68.178.61 (207.68.178.61) 188.062 ms 187.474 ms 187.877 ms
"router" is something you should find in your firehol.conf
Is 192.168.7.155 the FireHOL host? The SRC= argument above shows
192.168.1.238 as the client's IP, so I'd expect your FireHOL host to
be in 192.168.1.0/24 not .7.0/24
Thomas
--
Email: thomas at intevation.de
http://intevation.de/~thomas/
More information about the Firehol-support
mailing list