1 (30.03.2010 11:44:51 отредактировано i2ks)

Доброго времени суток. Вопрос уже задавал одному из участников форума, но явного ответа не получил, но не будем говорить о компетентности, все бывает ab Далее по теме:

uname -a
Linux vifiteh-wstat 2.6.31.12-0.2-default #1 SMP 2010-03-16 21:25:39 +0100 i686 i686 i386 GNU/Linux
OS: OpenSuse 11.2

eth2 - internet
eth1 - lan

почему в netstat -an|grep tcp отражается только eth1 а eth2 молчит? с FW может это быть связанно?

ifconfig -a
eth1      Link encap:Ethernet  HWaddr 00:13:D4:F3:98:3D  
          inet addr:192.168.0.211  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8955612 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5855948 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:802018489 (764.8 Mb)  TX bytes:1411214749 (1345.8 Mb)
          Interrupt:23 Base address:0xec00 

eth2      Link encap:Ethernet  HWaddr 00:14:D1:15:E2:E6  
          inet addr:192.168.1.36  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5851383 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8540280 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1411169036 (1345.7 Mb)  TX bytes:770495561 (734.8 Mb)
          Interrupt:17 Base address:0xe400 

netstat -i

netstat -i
Kernel Interface table
Iface   MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth1   1500   0  8956042      0      0      0  5856230      0      0      0 BMRU
eth2   1500   0  5851654      0      0      0  8540590      0      0      0 BMRU
lo    16436   0      458      0      0      0      458      0      0      0 LRU

netstat -an|grep tcp

# netstat -an|grep tcp
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      
tcp        0      0 192.168.0.211:22        0.0.0.0:*               LISTEN      
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      
tcp        0      0 192.168.0.211:3128      0.0.0.0:*               LISTEN      
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      
tcp        0      0 192.168.0.211:22        192.168.0.220:59056     ESTABLISHED 

iptables -L -n -v

 iptables -L -n -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   52  2600 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
 1544  112K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state ESTABLISHED 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED 
12262 1731K input_int  all  --  eth1   *       0.0.0.0/0            0.0.0.0/0           
  559 64162 input_ext  all  --  eth2   *       0.0.0.0/0            0.0.0.0/0           
    0     0 input_ext  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET ' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
69900 4025K TCPMSS     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x02 TCPMSS clamp to PMTU 
 489K  188M forward_int  all  --  eth1   *       0.0.0.0/0            0.0.0.0/0           
 489K  387M forward_ext  all  --  eth2   *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWD-ILL-ROUTING ' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 181 packets, 7240 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   52  2600 ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0           
 1255  825K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
  105  4200 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-OUT-ERROR ' 

Chain forward_ext (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 0 
  391 30240 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 
   62  4240 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 11 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 12 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 14 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 18 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 code 2 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 5 
    0     0 LOG        all  --  *      *       192.168.1.36         192.168.0.211       limit: avg 3/min burst 5 state NEW LOG flags 6 level 4 prefix `SFW2-FWDext-ACC-FORW ' 
    0     0 ACCEPT     all  --  *      *       192.168.1.36         192.168.0.211       state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  *      *       192.168.0.211        192.168.1.36        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.13        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.25        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.29        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.42        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.51        state RELATED,ESTABLISHED 
 220K  112M ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.53        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.58        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.212       state RELATED,ESTABLISHED 
19690   24M ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.219       state RELATED,ESTABLISHED 
68464   60M ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.220       state RELATED,ESTABLISHED 
 5941  905K ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.222       state RELATED,ESTABLISHED 
 175K  189M ACCEPT     all  --  eth2   eth1    0.0.0.0/0            192.168.0.225       state RELATED,ESTABLISHED 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
    0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 state NEW LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain forward_int (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 0 
   19  2985 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 11 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 12 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 14 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 18 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 code 2 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 5 
    0     0 LOG        all  --  *      *       192.168.1.36         192.168.0.211       limit: avg 3/min burst 5 state NEW LOG flags 6 level 4 prefix `SFW2-FWDint-ACC-FORW ' 
    0     0 ACCEPT     all  --  *      *       192.168.1.36         192.168.0.211       state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  *      *       192.168.0.211        192.168.1.36        state RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth1   eth2    192.168.0.13         0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth1   eth2    192.168.0.25         0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth1   eth2    192.168.0.29         0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth1   eth2    192.168.0.42         0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth1   eth2    192.168.0.51         0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
 272K  161M ACCEPT     all  --  eth1   eth2    192.168.0.53         0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth1   eth2    192.168.0.58         0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
    0     0 ACCEPT     all  --  eth1   eth2    192.168.0.212        0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
15655 1575K ACCEPT     all  --  eth1   eth2    192.168.0.219        0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
66309   10M ACCEPT     all  --  eth1   eth2    192.168.0.220        0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
 6013  461K ACCEPT     all  --  eth1   eth2    192.168.0.222        0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
 129K   14M ACCEPT     all  --  eth1   eth2    192.168.0.225        0.0.0.0/0           state NEW,RELATED,ESTABLISHED 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
    0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 state NEW LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
  182 10081 reject_func  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain input_ext (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 4 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 8 
    0     0 LOG        tcp  --  *      *       192.168.0.0/24       0.0.0.0/0           limit: avg 3/min burst 5 state NEW tcp dpt:3128 LOG flags 6 level 4 prefix `SFW2-INext-ACC-TRUST ' 
    0     0 ACCEPT     tcp  --  *      *       192.168.0.0/24       0.0.0.0/0           state NEW,RELATED,ESTABLISHED tcp dpt:3128 
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 mark match 0x1 state NEW LOG flags 6 level 4 prefix `SFW2-INext-ACC-REDIR ' 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED mark match 0x1 
  115  3220 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
    0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 state NEW LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
  444 60942 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain input_int (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   41 14140 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast udp dpt:67 
12185 1713K DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 4 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 8 
    0     0 LOG        tcp  --  *      *       192.168.0.0/24       0.0.0.0/0           limit: avg 3/min burst 5 state NEW tcp dpt:3128 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TRUST ' 
    0     0 ACCEPT     tcp  --  *      *       192.168.0.0/24       0.0.0.0/0           state NEW,RELATED,ESTABLISHED tcp dpt:3128 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:80 flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TCP ' 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:80 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:443 flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TCP ' 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:443 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:53 flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TCP ' 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:53 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:25 flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TCP ' 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:465 flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TCP ' 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:465 
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:3128 flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TCP ' 
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:3128 
    2   128 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:22 flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-TCP ' 
    2   128 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:22 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:80 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:443 
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:53 
    7  2310 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:67 
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 mark match 0x1 state NEW LOG flags 6 level 4 prefix `SFW2-INint-ACC-REDIR ' 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED mark match 0x1 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
   27  1548 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
    0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min burst 5 state NEW LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
   27  1548 reject_func  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain reject_func (2 references)
 pkts bytes target     prot opt in     out     source               destination         
  209 11629 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with tcp-reset 
    0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-port-unreachable 
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-proto-unreachable 
# 

может FW косячно настроен? я не могу понять почему он eth2 не отображает все соеденения O_o http и тд Может я что не догоняю? ac

It is good day to die ...
MS Windows 10
Заметки о главном...

2 (30.03.2010 01:25:21 отредактировано UTe11ok)

i2ks пишет:

Доброго времени суток. Вопрос уже задавал одному из участников форума, но явного ответа не получил, но не будем говорить о компетентности, все бывает ab

Я надеюсь, что Вы поняли, что я недостаточно компетентен, и впредь доставать меня своими вопросами не будете be

3

UTe11ok,  опять начинаешь?  ah

It is good day to die ...
MS Windows 10
Заметки о главном...

4

i2ks, UTe11ok, перестаньте провоцировать друг-друга.  ah

Linux можно любить, можно НЕ любить, но совершенно точно его уже нельзя игнорировать.

5

i2ks пишет:

UTe11ok,  опять начинаешь?  ah

стоп, так не я начал ab

6

прикройте тему, а то во флейм превратиться

It is good day to die ...
MS Windows 10
Заметки о главном...