All of lore.kernel.org
 help / color / mirror / Atom feed
* about a LOG rule
@ 2013-05-19 12:11 julioarr
  2013-05-25 12:39 ` Pascal Hambourg
  0 siblings, 1 reply; 2+ messages in thread
From: julioarr @ 2013-05-19 12:11 UTC (permalink / raw)
  To: netfilter

Hello

What does this mean?

May 18 12:14:55 firewall kernel: [97390.813579] INPUT_ALL_ACCEPT_lo-1
IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=10.0.0.2
DST=10.0.0.2 LEN=107 TOS=0x00 PREC=0xC0 TTL=64 ID=62342 PROTO=ICMP TYPE=3
CODE=1 [SRC=10.0.0.2 DST=173.194.69.108 LEN=79 TOS=0x00 PREC=0x00 TTL=64
ID=61005 DF PROTO=TCP SPT=38040 DPT=587 WINDOW=133 RES=0x00 ACK PSH FIN
URGP=0 ]


173.194.69.108=smtp.gmail.com

I have these rules:

iptables -A INPUT -i lo ! -s 127.0.0.1 -j LOG --log-prefix
"INPUT_ALL_ACCEPT_lo-1 "
iptables -A INPUT -i lo -j ACCEPT

And openvpn client configured with the interface:

tap1      Link encap:Ethernet  HWaddr e6:c9:1e:fe:bf:1b
          inet addr:10.0.0.2  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:224580 errors:0 dropped:0 overruns:0 frame:0
          TX packets:242150 errors:0 dropped:43492 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:35320350 (33.6 MiB)  TX bytes:87466562 (83.4 MiB)

Thanks in advanced,
julio



^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: about a LOG rule
  2013-05-19 12:11 about a LOG rule julioarr
@ 2013-05-25 12:39 ` Pascal Hambourg
  0 siblings, 0 replies; 2+ messages in thread
From: Pascal Hambourg @ 2013-05-25 12:39 UTC (permalink / raw)
  To: julioarr; +Cc: netfilter

Hello,

julioarr@fisica.uh.cu a écrit :
> 
> What does this mean?
> 
> May 18 12:14:55 firewall kernel: [97390.813579] INPUT_ALL_ACCEPT_lo-1
> IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=10.0.0.2
> DST=10.0.0.2 LEN=107 TOS=0x00 PREC=0xC0 TTL=64 ID=62342 PROTO=ICMP TYPE=3
> CODE=1 [SRC=10.0.0.2 DST=173.194.69.108 LEN=79 TOS=0x00 PREC=0x00 TTL=64
> ID=61005 DF PROTO=TCP SPT=38040 DPT=587 WINDOW=133 RES=0x00 ACK PSH FIN
> URGP=0 ]

Some iptables rule logged that the local machine 10.0.0.2 sent to itself
an ICMP packet with type 3 (destination unreachable) and code 1 (host
unreachable) in response to an attempt to send a TCP packet to
173.194.69.108.

"Host unreachable" usually means ARP resolution failure, but
173.194.69.108 is not on the network directly connected to 10.0.0.2, so
it probably means that the ARP resolution for the gateway IP address
found in the routing table for that destination failed for any reason
(wrong gateway address, network failure...).

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-05-25 12:39 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-05-19 12:11 about a LOG rule julioarr
2013-05-25 12:39 ` Pascal Hambourg

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.