Re: [Fwbuilder-discussion] ping
Brought to you by:
mikehorn
Menu
▾
▴
Re: [Fwbuilder-discussion] ping
|
From: ryan <ry...@zo...> - 2005-07-25 23:47:27
|
Claude Jones wrote: > On Wed July 20 2005 11:17 am, Vadim Kurland wrote: > >>On Jul 20, 2005, at 8:10 AM, Claude Jones wrote: >> >>>On Wednesday 20 July 2005 2:19 am, Vadim Kurland wrote: >>> >>>>I usually just add a global policy rule with ICMP service object >>>>"ping request" in service, firewall object in source and destination >>>>"any". This rule should NOT be stateless because iptables and other >>>>firewalls can keep track of ping requests and replies. > > >>there should be log record of blocked packets. How does it look like ? >> >>--vk > > > Well, I must betray my newness here - one thing I've not figured out is a way > to deal with logs in Linux. There used to be an imperfect tool in Fedora but > it seems to have been taken out of FC 4. Is there a preferred way to view > logs? I'm not even sure where all the logs are. I guess most are > in /var/logs, but I can't find a log there for fwbuilder - am I looking for > the wrong thing? I'm on the home machine now - it's configured exactly as the > machine at my office - yet ping doesn't work. Other things I configure on the > firewall work as soon as I install them, so I don't think this is a fwbuilder > issue, but I can't say absolutely, because I'm not knowledgeable enough yet. fwlogwatch is an excellent tool for viewing logfiles. Here is an FC 4 RPM: http://dries.studentenweb.org/rpm/packages/fwlogwatch/info.html Install, then (as root) run fwlogwatch -d to see all dropped packets, their source IP, dest. IP and destination port. For example, on my workstation (its in viewable from the 'net even though its on a private address), "fwlogwatch -d" gives the below, plus another 900 or so lines: 1 udp packet from 61.92.77.217 to 192.168.2.2 port 6881 1 udp packet from 82.223.6.17 to 192.168.2.2 port 6881 1 udp packet from 61.189.136.116 to 192.168.2.2 port 6881 1 udp packet from 221.232.125.233 to 192.168.2.2 port 6881 1 udp packet from 220.161.28.231 to 192.168.2.2 port 6881 1 tcp packet from 61.29.171.2 to 192.168.2.2 port 6881 1 udp packet from 60.0.217.77 to 192.168.2.2 port 6881 1 udp packet from 221.232.119.101 to 192.168.2.2 port 6881 1 udp packet from 24.217.125.168 to 192.168.2.2 port 6881 1 udp packet from 222.64.100.148 to 192.168.2.2 port 6881 1 udp packet from 218.0.142.156 to 192.168.2.2 port 6881 1 udp packet from 220.166.162.172 to 192.168.2.2 port 6881 |