Iproute routage redirection du traffic

j2b.pub · Février 21, 2016, 2:00pm

Bonjour à tous,
(et bonnes fêtes )

Si une âme charitable peut transmettre son savoir et rendre encore plus vivante la merveilleuse communauté debian, je pourrais ainsi re-transmettre à mon tour.

J’ai une passerelle squeeze entre mon lan et mon acces internet .
dont :

une interface physique reliée à internet = bond0
une interface physique reliée à mon lan = eth0

                #======passerelle=========#  
Internet <----> # bond0  <-------->  eth0 # <----> LAN
                #=========================#

Jusque ici y’a pas de problème : j’accède à internet naturellement depuis mon lan en passant par la passerelle .

Maintenant, corsons la difficulté

Je rajoute une machine virtuelle sous wheezy (avec xen sous mode vif-nat pour les précisions mais le problème serait le même , à mon humble avis, avec une interface quelconque genre eth1) dans ma passerelle.

Voici donc le nouveau schéma réseau : tout va bien : aucun problème d’accès au net depuis le lan , ni depuis la machine virtuelle derrière l’interface vif2.0 (voir le schémas ci-dessous)

                #======passerelle=========#  
Internet <----> # bond0  <-------->  eth0 # <----> LAN
                #    ^                    #
                #    |                    #
                #    |                    #
                #    \                    #
                #     \                   #
                #      '--->  vif2.0      #
                #                ^        #
                #================|========#
                                 |
                   #=============|======#
                   #             v      #
                   #            eth0    #
                   #                    #
                   #==machine_virtuelle=#

Je peux accéder a internet depuis la machine virtuelle et depuis le lan

Mais ce que je voudrais faire avec iproute2 c’est rediriger tous les flux (sauf le ssh) entrants et sortants de ma passerelle par ma machine virtuelle c’est à dire par l 'interface vif2.0
comme le schémas ci dessous (désolé pour la faible qualité des schémas )

                #======passerelle=========#  
Internet <----> # bond0              eth0 # <----> LAN
                #    ^                 ^  #
                #    |                 |  #
                #    |                 |  #
                #    \                 |  #
                #     \                /  #
                #      '--> vif2.0 <--'   #
                #                ^        #
                #================|========#
                                 |
                   #=============|======#
                   #             v      #
                   #            eth0    #
                   #                    #
                   #==machine_virtuelle=#

le but est de faire fonctionner un SQUID 3.2.5+ en mode intercept ( = transparent) qui n’accepte plus le NAT ( à partir de SQUID3.1) dans cette machine virtuelle. (voir lien : http://squid-web-proxy-cache.1019090.n4.nabble.com/Can-t-make-Squid-3-2-work-as-Interception-proxy-td4122653.html )
(Pour info : le test avec un SQUID 3.1 fonctionne ( avec des regles iptables NAT dans la parefeux de la passerelle )dans cette configuration avec machine virtuelle. Mais il me faut absolument les fonctionnalités du SQUID 3.2.5)

Sur la passerelle comme sur la machine virtuelle : input, forward et output sont à ACCEPT
Toutes les icmp redirection de /etc/sysctl.conf … sont à 1

J’ai donc essayer de marquer les paquets entrants sur eth0 pour qu’ils passent dans la table de routage créée:

[code]# Vérifier si les tables existent déjà

si non => on les cree

if [ -z “cat /etc/iproute2/rt_tables | grep '^202'” ] ; then
echo “202 lan_vers_vm2” >> /etc/iproute2/rt_tables
fi

effacement prealable des tables

ip route flush table 202 # lan_vers_vm2

table lan_vers_vm2 (2)

ip rule add fwmark 2 table lan_vers_vm2
ip route add default via ${IP_DMZ_EXTERNE_2} dev ${IF_VM} table lan_vers_vm2

ne pas oublier les marquages mangle

iptables -t mangle -A PREROUTING -i ${IF_LAN} -s ${IP_LAN_EXTERNE} -j MARK --set-mark 2

ne pas oublier NE PAS MARQUER le SSH

iptables -t mangle -A PREROUTING -i ${IF_LAN} -p tcp -m tcp -s ${IP_LAN_EXTERNE} -d ${IP_LAN_INTERNE} --dport 22 -j MARK --set-mark 0

effacer le cache

ip route flush cache[/code]

Tout le flux marqué 2 est alors bien redirigé vers la VM mais je n’ai pas le retour depuis la VM vers le lan.

Comment faire ? que dois-je modifier, ajouter ? où sont mes erreurs ?

Merci d’avoir pris du temps pour lire (et pour répondre ^^)

PascalHambourg · Février 21, 2016, 2:00pm

Une petite description des variables d’environnement serait bienvenue, parce que des choses comme IP_LAN_EXTERNE sont un peu mystérieuses.

[quote=“j2b.pub”]
Tout le flux marqué 2 est alors bien redirigé vers la VM mais je n’ai pas le retour depuis la VM vers le lan.[/quote]
Vérfie avec tcpdump ou autre si :

les paquets provenant du LAN sont bien vus par l’interface de la VM,
des paquets sont bien émis en réponse par l’interface de la VM à destination du LAN,
ces paquets arrivent sur l’interface vif de la passerelle,
ces paquets arrivent sur l’interface LAN de la passerelle.

Si ça coince à un endroit, vérifie les règles de filtrage iptables en INPUT/OUTPUT sur la VM et en FORWARD sur la passerelle, et que rp_filter est désactivé sur l’interface vif de la passerelle (max(net.ipv4.conf.all.rp_filter, net.ipv4.conf.vif2/0.rp_filter)=0).

Remarque générale : ne serait-il pas préférable de ne router vers la VM que ce qui intéresse squid, à savoir le port 80 en TCP ?

j2b.pub · Février 21, 2016, 2:00pm

merci de ta réponse ,
je te posterai les tcpdump plus tard (je dois partir)
et une fois que j’aurais vérifier les rp_filter )
ainsi que les variables “mystérieuses” (j’aime bien ce mot)

globalement tout est en statique
sur la passerelle
-bond0 : 192.168.241.92
-vif2.0 : 10.0.1.3
-eth0 (vers lan) : 192.168.250.1
sur la VM
-eth0 : 10.0.1.4

sur le lan : 192.168.250.2 (=IP_LAN_EXTERNE)

sinon tous les imputs output forward de la passerelle sont à accept
et
tous les imputs output forward de la VM sont également à accept

mais tu as raison pour la redirection : je devrais seulement router le port 80
( de toute façon je fais mes tcpdump sur le port 80) mais pour l’instant je prefere "jouer bourrin"
je ferais uniquement le port 80 qd le “bourrinage” fonctionnera

(et j’avais peur qu’il faille autre chose à squid nouvelle version pour fonctionner …)

merci encore

j2b.pub · Février 21, 2016, 2:02pm

$ sudo tcpdump -i bond0 tcp port 80

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on bond0, link-type EN10MB (Ethernet), capture size 65535 bytes 0 packets captured 0 packets received by filter 0 packets dropped by kernel

$ sudo tcpdump -i vif2.0 tcp port 80

[code]tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vif2.0, link-type EN10MB (Ethernet), capture size 65535 bytes
15:36:28.506518 IP 192.168.250.2.27216 > ia-in-f138.1e100.net.www: Flags [S], seq 1988138350, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:28.507961 IP ia-in-f138.1e100.net.www > 192.168.250.2.27216: Flags [S.], seq 3960583047, ack 1988138351, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:28.757552 IP 192.168.250.2.27217 > ia-in-f138.1e100.net.www: Flags [S], seq 2924438736, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:28.757739 IP ia-in-f138.1e100.net.www > 192.168.250.2.27217: Flags [S.], seq 2831657399, ack 2924438737, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:31.508924 IP 192.168.250.2.27216 > ia-in-f138.1e100.net.www: Flags [S], seq 1988138350, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:31.509205 IP ia-in-f138.1e100.net.www > 192.168.250.2.27216: Flags [S.], seq 3960583047, ack 1988138351, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:31.761811 IP 192.168.250.2.27217 > ia-in-f138.1e100.net.www: Flags [S], seq 2924438736, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:31.762085 IP ia-in-f138.1e100.net.www > 192.168.250.2.27217: Flags [S.], seq 2831657399, ack 2924438737, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:32.212122 IP ia-in-f138.1e100.net.www > 192.168.250.2.27216: Flags [S.], seq 3960583047, ack 1988138351, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:32.212125 IP ia-in-f138.1e100.net.www > 192.168.250.2.27217: Flags [S.], seq 2831657399, ack 2924438737, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:37.502896 IP 192.168.250.2.27216 > ia-in-f138.1e100.net.www: Flags [S], seq 1988138350, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:36:37.503162 IP ia-in-f138.1e100.net.www > 192.168.250.2.27216: Flags [S.], seq 3960583047, ack 1988138351, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:37.756781 IP 192.168.250.2.27217 > ia-in-f138.1e100.net.www: Flags [S], seq 2924438736, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:36:37.757052 IP ia-in-f138.1e100.net.www > 192.168.250.2.27217: Flags [S.], seq 2831657399, ack 2924438737, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:38.211975 IP ia-in-f138.1e100.net.www > 192.168.250.2.27216: Flags [S.], seq 3960583047, ack 1988138351, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:38.411967 IP ia-in-f138.1e100.net.www > 192.168.250.2.27217: Flags [S.], seq 2831657399, ack 2924438737, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:49.513245 IP 192.168.250.2.27230 > ia-in-f138.1e100.net.www: Flags [S], seq 303750381, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:49.513548 IP ia-in-f138.1e100.net.www > 192.168.250.2.27230: Flags [S.], seq 3650790237, ack 303750382, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:49.761024 IP 192.168.250.2.27231 > ia-in-f138.1e100.net.www: Flags [S], seq 1132620367, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:49.761320 IP ia-in-f138.1e100.net.www > 192.168.250.2.27231: Flags [S.], seq 860997734, ack 1132620368, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:49.763846 IP 192.168.250.2.27232 > ia-in-f138.1e100.net.www: Flags [S], seq 1427551100, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:49.764127 IP ia-in-f138.1e100.net.www > 192.168.250.2.27232: Flags [S.], seq 2280194673, ack 1427551101, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:50.211706 IP ia-in-f138.1e100.net.www > 192.168.250.2.27216: Flags [S.], seq 3960583047, ack 1988138351, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:50.411691 IP ia-in-f138.1e100.net.www > 192.168.250.2.27217: Flags [S.], seq 2831657399, ack 2924438737, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:52.513281 IP 192.168.250.2.27230 > ia-in-f138.1e100.net.www: Flags [S], seq 303750381, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:52.513548 IP ia-in-f138.1e100.net.www > 192.168.250.2.27230: Flags [S.], seq 3650790237, ack 303750382, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:52.611650 IP ia-in-f138.1e100.net.www > 192.168.250.2.27230: Flags [S.], seq 3650790237, ack 303750382, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:52.757362 IP 192.168.250.2.27231 > ia-in-f138.1e100.net.www: Flags [S], seq 1132620367, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:52.757632 IP ia-in-f138.1e100.net.www > 192.168.250.2.27231: Flags [S.], seq 860997734, ack 1132620368, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:52.768086 IP 192.168.250.2.27232 > ia-in-f138.1e100.net.www: Flags [S], seq 1427551100, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:36:52.768341 IP ia-in-f138.1e100.net.www > 192.168.250.2.27232: Flags [S.], seq 2280194673, ack 1427551101, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:53.611624 IP ia-in-f138.1e100.net.www > 192.168.250.2.27232: Flags [S.], seq 2280194673, ack 1427551101, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:54.011612 IP ia-in-f138.1e100.net.www > 192.168.250.2.27231: Flags [S.], seq 860997734, ack 1132620368, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:58.516034 IP 192.168.250.2.27230 > ia-in-f138.1e100.net.www: Flags [S], seq 303750381, win 65535, options [mss 1460,nop,nop,sackOK], length 0
15:36:58.516306 IP ia-in-f138.1e100.net.www > 192.168.250.2.27230: Flags [S.], seq 3650790237, ack 303750382, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:58.611579 IP ia-in-f138.1e100.net.www > 192.168.250.2.27230: Flags [S.], seq 3650790237, ack 303750382, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:58.761112 IP 192.168.250.2.27231 > ia-in-f138.1e100.net.www: Flags [S], seq 1132620367, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:36:58.761379 IP ia-in-f138.1e100.net.www > 192.168.250.2.27231: Flags [S.], seq 860997734, ack 1132620368, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:58.771791 IP 192.168.250.2.27232 > ia-in-f138.1e100.net.www: Flags [S], seq 1427551100, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:36:58.772048 IP ia-in-f138.1e100.net.www > 192.168.250.2.27232: Flags [S.], seq 2280194673, ack 1427551101, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:36:59.611512 IP ia-in-f138.1e100.net.www > 192.168.250.2.27232: Flags [S.], seq 2280194673, ack 1427551101, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:00.011516 IP ia-in-f138.1e100.net.www > 192.168.250.2.27231: Flags [S.], seq 860997734, ack 1132620368, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:10.611232 IP ia-in-f138.1e100.net.www > 192.168.250.2.27230: Flags [S.], seq 3650790237, ack 303750382, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:10.765253 IP 192.168.250.2.27235 > ia-in-f138.1e100.net.www: Flags [S], seq 3983928348, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:37:10.765554 IP ia-in-f138.1e100.net.www > 192.168.250.2.27235: Flags [S.], seq 1798375975, ack 3983928349, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:11.811211 IP ia-in-f138.1e100.net.www > 192.168.250.2.27232: Flags [S.], seq 2280194673, ack 1427551101, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:12.211187 IP ia-in-f138.1e100.net.www > 192.168.250.2.27231: Flags [S.], seq 860997734, ack 1132620368, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:13.771486 IP 192.168.250.2.27235 > ia-in-f138.1e100.net.www: Flags [S], seq 3983928348, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:37:13.771758 IP ia-in-f138.1e100.net.www > 192.168.250.2.27235: Flags [S.], seq 1798375975, ack 3983928349, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:14.211162 IP ia-in-f138.1e100.net.www > 192.168.250.2.27235: Flags [S.], seq 1798375975, ack 3983928349, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:14.411148 IP ia-in-f138.1e100.net.www > 192.168.250.2.27216: Flags [S.], seq 3960583047, ack 1988138351, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:37:14.411151 IP ia-in-f138.1e100.net.www > 192.168.250.2.27217: Flags [S.], seq 2831657399, ack 2924438737, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0

52 packets captured
52 packets received by filter
0 packets dropped by kernel[/code]

$ sudo tcpdump -i eth0 tcp port 80

[code]tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
15:41:59.375537 IP 192.168.250.2.27362 > ia-in-f138.1e100.net.www: Flags [S], seq 4146975644, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:41:59.625980 IP 192.168.250.2.27363 > ia-in-f138.1e100.net.www: Flags [S], seq 2202192447, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:02.377428 IP 192.168.250.2.27362 > ia-in-f138.1e100.net.www: Flags [S], seq 4146975644, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:02.629330 IP 192.168.250.2.27363 > ia-in-f138.1e100.net.www: Flags [S], seq 2202192447, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:08.382089 IP 192.168.250.2.27362 > ia-in-f138.1e100.net.www: Flags [S], seq 4146975644, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:42:08.624296 IP 192.168.250.2.27363 > ia-in-f138.1e100.net.www: Flags [S], seq 2202192447, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:42:20.395273 IP 192.168.250.2.27364 > ia-in-f138.1e100.net.www: Flags [S], seq 3674129832, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:20.624429 IP 192.168.250.2.27365 > ia-in-f138.1e100.net.www: Flags [S], seq 949644231, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:20.647012 IP 192.168.250.2.27366 > ia-in-f138.1e100.net.www: Flags [S], seq 145004302, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:23.395456 IP 192.168.250.2.27364 > ia-in-f138.1e100.net.www: Flags [S], seq 3674129832, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:23.627811 IP 192.168.250.2.27365 > ia-in-f138.1e100.net.www: Flags [S], seq 949644231, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:23.648300 IP 192.168.250.2.27366 > ia-in-f138.1e100.net.www: Flags [S], seq 145004302, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:29.400204 IP 192.168.250.2.27364 > ia-in-f138.1e100.net.www: Flags [S], seq 3674129832, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:42:29.632569 IP 192.168.250.2.27365 > ia-in-f138.1e100.net.www: Flags [S], seq 949644231, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:42:29.653052 IP 192.168.250.2.27366 > ia-in-f138.1e100.net.www: Flags [S], seq 145004302, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:42:41.652296 IP 192.168.250.2.27381 > ia-in-f138.1e100.net.www: Flags [S], seq 2130049722, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:42:44.644845 IP 192.168.250.2.27381 > ia-in-f138.1e100.net.www: Flags [S], seq 2130049722, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0

17 packets captured
17 packets received by filter
0 packets dropped by kernel[/code]

Dans un navigateur depuis le LAN
The connection has timed out
The server at 74.125.133.138 is taking too long to respond.

Dans la machine virtuelle :

$ sudo ps aux | grep squid

root 2237 0.0 0.3 15112 1916 ? Ss 14:54 0:00 /usr/local/squid/sbin/squid -YC -f /etc/squid3/squid.conf proxy 2241 0.1 3.0 46532 15872 ? S 14:54 0:03 (squid-1) -YC -f /etc/squid3/squid.conf proxy 2257 0.0 0.1 3328 980 ? S 14:54 0:00 (logfile-daemon) /var/log/squid3/access.log 1000 2376 0.0 0.1 1896 580 hvc0 S+ 15:47 0:00 grep squid

$ sudo tcpdump -i eth0 tcp port 80

[code][67486.711019] device eth0 entered promiscuous mode
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
15:50:43.029929 IP 192.168.250.2.27579 > 74.125.133.138.http: Flags [S], seq 2923623489, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:50:43.030015 IP 74.125.133.138.http > 192.168.250.2.27579: Flags [S.], seq 3277142164, ack 2923623490, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:43.280368 IP 192.168.250.2.27580 > 74.125.133.138.http: Flags [S], seq 1959278219, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:50:43.280440 IP 74.125.133.138.http > 192.168.250.2.27580: Flags [S.], seq 3932413107, ack 1959278220, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:46.027761 IP 74.125.133.138.http > 192.168.250.2.27579: Flags [S.], seq 3277142164, ack 2923623490, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:46.031765 IP 192.168.250.2.27579 > 74.125.133.138.http: Flags [S], seq 2923623489, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:50:46.031817 IP 74.125.133.138.http > 192.168.250.2.27579: Flags [S.], seq 3277142164, ack 2923623490, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:46.283751 IP 192.168.250.2.27580 > 74.125.133.138.http: Flags [S], seq 1959278219, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:50:46.283803 IP 74.125.133.138.http > 192.168.250.2.27580: Flags [S.], seq 3932413107, ack 1959278220, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:47.227770 IP 74.125.133.138.http > 192.168.250.2.27580: Flags [S.], seq 3932413107, ack 1959278220, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:52.024939 IP 192.168.250.2.27579 > 74.125.133.138.http: Flags [S], seq 2923623489, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:50:52.024992 IP 74.125.133.138.http > 192.168.250.2.27579: Flags [S.], seq 3277142164, ack 2923623490, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:52.027762 IP 74.125.133.138.http > 192.168.250.2.27579: Flags [S.], seq 3277142164, ack 2923623490, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:52.282761 IP 192.168.250.2.27580 > 74.125.133.138.http: Flags [S], seq 1959278219, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:50:52.282812 IP 74.125.133.138.http > 192.168.250.2.27580: Flags [S.], seq 3932413107, ack 1959278220, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:50:53.227770 IP 74.125.133.138.http > 192.168.250.2.27580: Flags [S.], seq 3932413107, ack 1959278220, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:04.027759 IP 74.125.133.138.http > 192.168.250.2.27579: Flags [S.], seq 3277142164, ack 2923623490, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:04.033564 IP 192.168.250.2.27595 > 74.125.133.138.http: Flags [S], seq 2130129154, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:04.033633 IP 74.125.133.138.http > 192.168.250.2.27595: Flags [S.], seq 1343004254, ack 2130129155, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:04.275422 IP 192.168.250.2.27596 > 74.125.133.138.http: Flags [S], seq 3867381250, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:04.275490 IP 74.125.133.138.http > 192.168.250.2.27596: Flags [S.], seq 2609401396, ack 3867381251, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:04.285136 IP 192.168.250.2.27597 > 74.125.133.138.http: Flags [S], seq 4281977425, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:04.285203 IP 74.125.133.138.http > 192.168.250.2.27597: Flags [S.], seq 374699999, ack 4281977426, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:05.227769 IP 74.125.133.138.http > 192.168.250.2.27580: Flags [S.], seq 3932413107, ack 1959278220, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:07.034679 IP 192.168.250.2.27595 > 74.125.133.138.http: Flags [S], seq 2130129154, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:07.034733 IP 74.125.133.138.http > 192.168.250.2.27595: Flags [S.], seq 1343004254, ack 2130129155, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:07.281734 IP 192.168.250.2.27596 > 74.125.133.138.http: Flags [S], seq 3867381250, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:07.281788 IP 74.125.133.138.http > 192.168.250.2.27596: Flags [S.], seq 2609401396, ack 3867381251, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:07.291492 IP 192.168.250.2.27597 > 74.125.133.138.http: Flags [S], seq 4281977425, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:07.291546 IP 74.125.133.138.http > 192.168.250.2.27597: Flags [S.], seq 374699999, ack 4281977426, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:07.627753 IP 74.125.133.138.http > 192.168.250.2.27595: Flags [S.], seq 1343004254, ack 2130129155, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:08.427764 IP 74.125.133.138.http > 192.168.250.2.27597: Flags [S.], seq 374699999, ack 4281977426, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:08.427794 IP 74.125.133.138.http > 192.168.250.2.27596: Flags [S.], seq 2609401396, ack 3867381251, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:13.028811 IP 192.168.250.2.27595 > 74.125.133.138.http: Flags [S], seq 2130129154, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:51:13.028866 IP 74.125.133.138.http > 192.168.250.2.27595: Flags [S.], seq 1343004254, ack 2130129155, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:13.278792 IP 192.168.250.2.27596 > 74.125.133.138.http: Flags [S], seq 3867381250, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:51:13.278848 IP 74.125.133.138.http > 192.168.250.2.27596: Flags [S.], seq 2609401396, ack 3867381251, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:13.287566 IP 192.168.250.2.27597 > 74.125.133.138.http: Flags [S], seq 4281977425, win 8192, options [mss 1460,nop,nop,sackOK], length 0
15:51:13.287619 IP 74.125.133.138.http > 192.168.250.2.27597: Flags [S.], seq 374699999, ack 4281977426, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:13.627757 IP 74.125.133.138.http > 192.168.250.2.27595: Flags [S.], seq 1343004254, ack 2130129155, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:14.427766 IP 74.125.133.138.http > 192.168.250.2.27597: Flags [S.], seq 374699999, ack 4281977426, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:14.627754 IP 74.125.133.138.http > 192.168.250.2.27596: Flags [S.], seq 2609401396, ack 3867381251, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:25.290120 IP 192.168.250.2.27598 > 74.125.133.138.http: Flags [S], seq 1787499548, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:25.290192 IP 74.125.133.138.http > 192.168.250.2.27598: Flags [S.], seq 717900622, ack 1787499549, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:25.627754 IP 74.125.133.138.http > 192.168.250.2.27595: Flags [S.], seq 1343004254, ack 2130129155, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:26.427767 IP 74.125.133.138.http > 192.168.250.2.27597: Flags [S.], seq 374699999, ack 4281977426, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:26.627751 IP 74.125.133.138.http > 192.168.250.2.27596: Flags [S.], seq 2609401396, ack 3867381251, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:28.027759 IP 74.125.133.138.http > 192.168.250.2.27579: Flags [S.], seq 3277142164, ack 2923623490, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:28.287544 IP 192.168.250.2.27598 > 74.125.133.138.http: Flags [S], seq 1787499548, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
15:51:28.287596 IP 74.125.133.138.http > 192.168.250.2.27598: Flags [S.], seq 717900622, ack 1787499549, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:29.427767 IP 74.125.133.138.http > 192.168.250.2.27580: Flags [S.], seq 3932413107, ack 1959278220, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0
15:51:29.427797 IP 74.125.133.138.http > 192.168.250.2.27598: Flags [S.], seq 717900622, ack 1787499549, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 5], length 0

52 packets captured
52 packets received by filter
0 packets dropped by kernel
[67581.411666] device eth0 left promiscuous mode[/code]

voila, voila, n’hésitez pas si ça manque d’informations à en demander…
(bonne année)