bonjour,
excuse-moi du retard!
extrait de /etc/sysctl.conf:
Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
dommage je ne lis pas bien whireshark ou tcpdump
il y a interrogation des DNS du FAI, je ne vois pas le retour!
firewall firestarter non lancé:
root@alpha30:/etc# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
dtc-dos-in all -- anywhere anywhere
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain dtc-dos-in (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
root@alpha30:/etc#
firestarter lancé:
root@alpha30:/etc# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
dtc-dos-in all -- anywhere anywhere
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain dtc-dos-in (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
root@alpha30:/etc# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- ns3.wanadoo.fr anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- ns3.wanadoo.fr anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 1/sec burst 5
ACCEPT udp -- anywhere anywhere udp dpt:33434
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
LSI icmp -- anywhere anywhere
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.1.255
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 10.255.255.255
DROP all -- base-address.mcast.net/8 anywhere
DROP all -- anywhere base-address.mcast.net/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere default
DROP all -- anywhere anywhere ctstate INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
INBOUND all -- anywhere alpha30
INBOUND all -- anywhere alpha30.bohain.org
INBOUND all -- anywhere 10.255.255.255
LOG_FILTER all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 1/sec burst 5
ACCEPT udp -- anywhere anywhere udp dpt:33434
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
LSI icmp -- anywhere anywhere
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
OUTBOUND all -- anywhere anywhere
ACCEPT tcp -- anywhere 10.0.0.0/8 ctstate RELATED,ESTABLISHED
ACCEPT udp -- anywhere 10.0.0.0/8 ctstate RELATED,ESTABLISHED
LOG_FILTER all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- alpha30.bohain.org ns3.wanadoo.fr tcp dpt:domain
ACCEPT udp -- alpha30.bohain.org ns3.wanadoo.fr udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- base-address.mcast.net/8 anywhere
DROP all -- anywhere base-address.mcast.net/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere default
DROP all -- anywhere anywhere ctstate INVALID
OUTBOUND all -- anywhere anywhere
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
Chain INBOUND (4 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- 10.0.0.60 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT udp -- anywhere anywhere udp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:2222
ACCEPT udp -- anywhere anywhere udp dpt:2222
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT udp -- anywhere anywhere udp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT udp -- anywhere anywhere udp dpt:25
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (4 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
root@alpha30:/etc#
j’ai un nom de domaine depuis plus de 2 ans
firestarter a les paramètres d’accepter la machine 10.0.0.60 ainsi que le port 80
merci de consacrer du temps
bon appétit
A+
JB1