Manuel,
Here is my status.cgi at the moment I was trying to ping from 192.168.1.3
(remote network) to 192.168.2.3 (local network). I can ping the opposite
way without a problem. I can ping from the remote networks to my Lan
interface, 192.168.2.1 and get a response. Anywhere beyond that, and I get
no response. It appears it's making it through the WAN interface, but not
past the LAN interface.
Chris
***** Server statistics on Mon Nov 3 15:00:18 EST 2003 *****
***** System uptime *****
3:00PM up 1 day, 18:32, 0 users, load averages: 0.00, 0.00, 0.00
***** Interfaces *****
an0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.255.1 netmask 0xffffff00 broadcast 192.168.255.255
ether 00:09:b7:f0:d7:12
media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps)
status: no carrier
ssid iaroccinet 1:iaroccinet
stationname iaroccinet
channel 10 authmode OPEN powersavemode OFF powersavesleep 200
wepmode OFF weptxkey 1
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
ether 00:48:54:39:b7:23
media: Ethernet autoselect (100baseTX)
status: active
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 24.190.174.211 netmask 0xfffff000 broadcast 255.255.255.255
ether 00:00:c5:8f:64:5a
media: Ethernet autoselect (10baseT/UTP)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
***** netstat -ni *****
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs
Coll
an0 1500 <Link#1> 00:09:b7:f0:d7:12 0 0 0 0
0
an0 1500 192.168.255 192.168.255.1 0 -
0 - -
rl0 1500 <Link#2> 00:48:54:39:b7:23 727498 0 668695 0
11
rl0 1500 192.168.2 192.168.2.1 354607 -
9231 - -
fxp0 1500 <Link#3> 00:00:c5:8f:64:5a 2274418 0 394940 0
3798
fxp0 1500 24.190.160/20 24.190.174.211 157660 -
8290 - -
lo0 16384 <Link#4> 0 0 0 0
0
lo0 16384 127 127.0.0.1 0 -
0 - -
ppp0* 1500 <Link#5> 0 0 0 0
0
sl0* 552 <Link#6> 0 0 0 0
0
faith 1500 <Link#7> 0 0 0 0
0
***** ipfw show *****
00100 309221 27530890 allow ip from 192.168.2.1 to any
00200 306861 41733681 allow ip from any to 192.168.2.1
00300 200050 41575127 pipe 1 ip from 192.168.2.199 to any via rl0
00400 0 0 pipe 2 tcp from any 21 to any 21 via rl0
65535 1555821 358659512 allow ip from any to any
***** ipnat -l *****
List of active MAP/Redirect filters:
map fxp0 192.168.2.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map fxp0 192.168.2.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map fxp0 192.168.2.0/24 -> 0.0.0.0/32
map fxp0 192.168.255.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map fxp0 192.168.255.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map fxp0 192.168.255.0/24 -> 0.0.0.0/32
rdr fxp0 0.0.0.0/0 port 21 -> 192.168.2.4 port 21 tcp
rdr fxp0 0.0.0.0/0 port 22 -> 192.168.2.3 port 22 tcp
rdr fxp0 0.0.0.0/0 port 25 -> 192.168.2.3 port 25 tcp
rdr fxp0 0.0.0.0/0 port 110 -> 192.168.2.3 port 110 tcp
rdr fxp0 0.0.0.0/0 port 143 -> 192.168.2.3 port 143 tcp
rdr fxp0 0.0.0.0/0 port 3389 -> 192.168.2.72 port 3389 tcp
rdr fxp0 0.0.0.0/0 port 8081 -> 192.168.2.72 port 8081 tcp
rdr fxp0 0.0.0.0/0 port 10000 -> 192.168.2.3 port 10000 tcp
rdr fxp0 0.0.0.0/0 port 5060- 5061 -> 192.168.2.199 port 5060 udp
rdr fxp0 0.0.0.0/0 port 10100- 10500 -> 192.168.2.199 port 10100 udp
rdr fxp0 0.0.0.0/0 port 20000 -> 192.168.2.3 port 20000 tcp
List of active sessions:
MAP 192.168.2.100 4885 <- -> 24.190.174.211 26321 [199.181.134.88 80]
age 863832 use 0 sumd 0x5841/0x5841 pr 6 bkt 14/86 flags 1 drop 0/0
ifp fxp0 bytes 1405 pkts 7
MAP 192.168.2.100 4884 <- -> 24.190.174.211 26320 [12.120.29.12 80]
age 432 use 0 sumd 0x5841/0x5841 pr 6 bkt 20/108 flags 1 drop 0/0
ifp fxp0 bytes 1087 pkts 7
MAP 192.168.2.72 1171 <- -> 24.190.174.211 19331 [66.252.8.3 53]
age 518 use 0 sumd 0x4b91/0x4b91 pr 17 bkt 28/54 flags 2 drop 0/0
ifp fxp0 bytes 183 pkts 2
MAP 192.168.2.72 1171 <- -> 24.190.174.211 19331 [207.242.93.20 53]
age 420 use 0 sumd 0x4b91/0x4b91 pr 17 bkt 116/15 flags 2 drop 0/0
ifp fxp0 bytes 188 pkts 2
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [66.187.224.210 53]
age 158 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 41/106 flags 2 drop 0/0
ifp fxp0 bytes 308 pkts 2
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [195.86.128.22 53]
age 158 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 47/1 flags 2 drop 0/0
ifp fxp0 bytes 229 pkts 2
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [194.165.94.1 53]
age 158 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 86/40 flags 2 drop 0/0
ifp fxp0 bytes 947 pkts 6
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [204.251.1.12 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 123/77 flags 2 drop 0/0
ifp fxp0 bytes 420 pkts 4
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [203.20.52.5 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 5/86 flags 2 drop 0/0
ifp fxp0 bytes 432 pkts 4
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [209.204.159.15 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 9/90 flags 2 drop 0/0
ifp fxp0 bytes 502 pkts 4
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [204.152.186.189 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 31/96 flags 2 drop 0/0
ifp fxp0 bytes 436 pkts 4
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [130.94.6.10 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 126/80 flags 2 drop 0/0
ifp fxp0 bytes 484 pkts 4
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [209.208.0.104 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 17/82 flags 2 drop 0/0
ifp fxp0 bytes 414 pkts 4
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [209.61.140.1 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 44/125 flags 2 drop 0/0
ifp fxp0 bytes 204 pkts 2
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [193.190.198.10 53]
age 189 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 36/117 flags 2 drop 0/0
ifp fxp0 bytes 716 pkts 6
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [192.26.92.30 53]
age 155 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 28/109 flags 2 drop 0/0
ifp fxp0 bytes 228 pkts 2
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [66.187.233.210 53]
age 156 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 94/32 flags 2 drop 0/0
ifp fxp0 bytes 817 pkts 6
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [192.26.92.32 53]
age 155 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 108/62 flags 2 drop 0/0
ifp fxp0 bytes 208 pkts 2
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [209.142.2.8 53]
age 189 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 17/98 flags 2 drop 0/0
ifp fxp0 bytes 641 pkts 6
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [194.109.6.141 53]
age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 0/65 flags 2 drop 0/0
ifp fxp0 bytes 720 pkts 6
MAP 192.168.2.3 32769 <- -> 24.190.174.211 1789 [66.6.205.130 53]
age 427 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 25/90 flags 2 drop 0/0
ifp fxp0 bytes 1942 pkts 24
MAP 192.168.2.72 1171 <- -> 24.190.174.211 19331 [12.120.29.5 53]
age 1031 use 0 sumd 0x4b91/0x4b91 pr 17 bkt 75/101 flags 2 drop 0/0
ifp fxp0 bytes 16554 pkts 178
MAP 192.168.2.100 3752 <- -> 24.190.174.211 26448 [64.12.24.84 5190]
age 863920 use 0 sumd 0x5d2d/0x5d2d pr 6 bkt 126/33 flags 1 drop 0/0
ifp fxp0 bytes 68419 pkts 1376
MAP 192.168.2.100 2957 <- -> 24.190.174.211 26409 [205.188.179.80 5190]
age 863975 use 0 sumd 0x6021/0x6021 pr 6 bkt 84/97 flags 1 drop 0/0
ifp fxp0 bytes 228708 pkts 5299
MAP 192.168.2.199 5061 <- -> 24.190.174.211 51193 [12.144.47.27 5060]
age 1185 use 0 sumd 0xb856/0xb856 pr 17 bkt 7/24 flags 2 drop 0/0
ifp fxp0 bytes 9370076 pkts 30641
List of active host mappings:
192.168.2.3 -> 0.0.0.0 (use = 17 hv = 52)
192.168.2.100 -> 0.0.0.0 (use = 2 hv = 66)
192.168.2.100 -> 0.0.0.0 (use = 1 hv = 66)
192.168.2.100 -> 0.0.0.0 (use = 1 hv = 66)
192.168.2.72 -> 0.0.0.0 (use = 2 hv = 96)
192.168.2.72 -> 0.0.0.0 (use = 1 hv = 96)
192.168.2.199 -> 0.0.0.0 (use = 1 hv = 96)
***** ipfstat -v *****
opts 0x40 name /dev/ipl
IPv6 packets: in 0 out 0
input packets: blocked 514 passed 1311084 nomatch 0 counted 0 short 0
output packets: blocked 35579 passed 1060899 nomatch 0 counted 0 short 0
input packets logged: blocked 514 passed 32239
output packets logged: blocked 35579 passed 18384
packets logged: input 0 output 0
log failures: input 10141 output 7458
fragment state(in): kept 21 lost 0
fragment state(out): kept 21 lost 0
packet state(in): kept 15786 lost 0
packet state(out): kept 299661 lost 35579
ICMP replies: 0 TCP RSTs sent: 0
Invalid source(in): 0
Result cache hits(in): 53859 (out): 42939
IN Pullups succeeded: 0 failed: 0
OUT Pullups succeeded: 0 failed: 0
Fastroute successes: 0 failures: 0
TCP cksum fails(in): 0 (out): 0
Packet log flags set: (0x20000000)
packets blocked by filter
***** ipfstat -hio *****
0 pass out quick on lo0 from any to any
112 pass out quick on rl0 proto udp from 192.168.2.1/32 port = 67 to any
port = 68
0 pass out quick on an0 proto udp from 192.168.255.1/32 port = 67 to any
port = 68
0 pass out quick on fxp0 proto udp from any port = 68 to any port = 67
39782 block out quick on rl0 from any to any head 150
32838 pass out quick proto udp from 192.168.2.1/32 to 192.168.2.0/24 port =
53 keep state group 150
0 pass out quick proto udp from 192.168.2.1/32 to 192.168.2.0/24 port = 514
keep state group 150
0 pass out quick proto icmp from 192.168.2.1/32 to 192.168.2.0/24 keep state
group 150
9045 block out quick on fxp0 from any to any head 250
5300 pass out quick proto esp from 24.190.174.211/32 to 24.187.115.86/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.187.115.86/32
group 250
6 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.187.115.86/32 group 250
864 pass out quick proto esp from 24.190.174.211/32 to 24.185.231.163/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.185.231.163/32
group 250
6 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.185.231.163/32 group 250
2390 pass out quick proto esp from 24.190.174.211/32 to 24.190.161.244/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.190.161.244/32
group 250
5 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.190.161.244/32 group 250
0 pass out quick proto ah from 24.190.174.211/32 to 24.184.150.82/32 group
250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.184.150.82/32
group 250
0 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.184.150.82/32 group 250
0 pass out quick proto esp from 24.190.174.211/32 to 207.198.250.254/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 207.198.250.254/32
group 250
16 pass out quick proto udp from 24.190.174.211/32 port = 500 to
207.198.250.254/32 group 250
0 pass out quick proto tcp from any to any keep state group 250
0 pass out quick proto udp from any to any keep state group 250
6944 pass out quick proto icmp from any to any keep state group 250
0 block out quick on an0 from any to any head 350
0 pass out quick proto udp from 192.168.255.1/32 to 192.168.255.0/24 port =
53 keep state group 350
0 pass out quick proto udp from 192.168.255.1/32 to 192.168.255.0/24 port =
514 keep state group 350
0 pass out quick proto icmp from 192.168.255.1/32 to 192.168.255.0/24 keep
state group 350
0 block out quick from any to any
0 pass in quick on lo0 from any to any
0 block in quick from any to any with short
0 block in quick from any to any with ipopt
0 pass in quick on rl0 proto udp from any port = 68 to 255.255.255.255/32
port = 67
112 pass in quick on rl0 proto udp from any port = 68 to 192.168.2.1/32 port
= 67
0 pass in quick on an0 proto udp from any port = 68 to 255.255.255.255/32
port = 67
0 pass in quick on an0 proto udp from any port = 68 to 192.168.255.1/32 port
= 67
0 block in log quick on fxp0 from 192.168.2.0/24 to any
0 block in log quick on fxp0 from 192.168.255.0/24 to any
0 block in log quick on fxp0 proto udp from any port = 67 to 192.168.2.0/24
port = 68
718 pass in quick on fxp0 proto udp from any port = 67 to any port = 68
0 block in quick on rl0 from !192.168.2.0/24 to any
0 block in quick on an0 from !192.168.255.0/24 to any
492 skip 1 in proto tcp from any to any flags S/FSRA
0 block in quick proto tcp from any to any
2042 block in quick on rl0 from any to any head 100
180 pass in quick from 192.168.2.0/24 to 192.168.2.1/32 keep state group 100
1862 pass in log quick from 192.168.0.0/16 to any keep state keep frags
group 100
0 pass in quick from 192.168.2.0/24 to any keep state keep frags group 100
5317 block in log quick on fxp0 from any to any head 200
4065 pass in quick proto esp from 24.187.115.86/32 to 24.190.174.211/32
group 200
0 pass in quick proto ipencap from 24.187.115.86/32 to 24.190.174.211/32
group 200
4 pass in quick proto udp from 24.187.115.86/32 to 24.190.174.211/32 port =
500 group 200
0 pass in quick from 192.168.4.0/24 to 192.168.2.0/24 keep state group 200
2832 pass in quick proto esp from 24.185.231.163/32 to 24.190.174.211/32
group 200
0 pass in quick proto ipencap from 24.185.231.163/32 to 24.190.174.211/32
group 200
4 pass in quick proto udp from 24.185.231.163/32 to 24.190.174.211/32 port =
500 group 200
0 pass in quick from 192.168.3.0/24 to 192.168.2.0/24 keep state group 200
5743 pass in quick proto esp from 24.190.161.244/32 to 24.190.174.211/32
group 200
0 pass in quick proto ipencap from 24.190.161.244/32 to 24.190.174.211/32
group 200
15 pass in quick proto udp from 24.190.161.244/32 to 24.190.174.211/32 port
= 500 group 200
0 pass in quick from 192.168.1.0/24 to 192.168.2.0/24 keep state group 200
0 pass in quick proto ah from 24.184.150.82/32 to 24.190.174.211/32 group
200
0 pass in quick proto ipencap from 24.184.150.82/32 to 24.190.174.211/32
group 200
0 pass in quick proto udp from 24.184.150.82/32 to 24.190.174.211/32 port =
500 group 200
0 pass in quick from 192.168.5.0/24 to 192.168.2.0/24 keep state group 200
0 pass in quick from 192.168.6.0/24 to 192.168.2.0/24 keep state group 200
0 pass in quick proto esp from 207.198.250.254/32 to 24.190.174.211/32 group
200
0 pass in quick proto ipencap from 207.198.250.254/32 to 24.190.174.211/32
group 200
24 pass in quick proto udp from 207.198.250.254/32 to 24.190.174.211/32 port
= 500 group 200
0 pass in quick from 172.16.0.0/16 to 192.168.2.0/24 keep state group 200
20 pass in quick proto icmp from any to any keep state group 200
0 pass in log quick from 192.168.0.0/16 to any keep state keep frags group
200
0 pass in quick proto tcp from any to 192.168.2.4/32 port 19 >< 22 keep
state group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 22 keep state
group 200
116 pass in quick proto tcp from any to 192.168.2.3/32 port = 25 keep state
group 200
0 pass in quick proto tcp from any to 192.168.2.72/32 port = 80 keep state
group 200
122 pass in quick proto tcp from any to 192.168.2.3/32 port = 110 keep state
group 200
26 pass in quick proto tcp from any to any port = 443 keep state group 200
0 pass in quick proto tcp from any to 192.168.2.72/32 port = 3389 keep state
group 200
12 pass in quick proto tcp from any to 192.168.2.72/32 port = 8081 keep
state group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 10000 keep state
group 200
0 pass in quick proto udp from any to 192.168.2.199/32 port 5059 >< 5062
keep state group 200
0 pass in quick proto udp from any to 192.168.2.199/32 port 10099 >< 10501
keep state group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 143 keep state
group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 20000 keep state
group 200
0 block in quick on an0 from any to any head 300
0 pass in quick from any to any keep state keep frags group 300
0 block in quick from any to any
***** resolv.conf *****
domain home.eastendsc.net
nameserver 192.168.2.72
nameserver 192.168.1.3
***** Processes *****
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 1116 13.0 1.7 1332 832 ?? SN 3:00PM 0:00.14 /bin/sh
status.cgi
root 1118 3.0 3.6 2364 1816 ?? S 3:00PM 0:00.04
/usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c cgi-bin/*|**.php -u
root -i /var/run/mini_httpd.pid
root 2 0.0 0.0 0 0 ?? DL Sat08PM 0:00.00 (cryptoret)
root 3 0.0 0.0 0 0 ?? DL Sat08PM 0:00.00 (taskqueue)
root 4 0.0 0.0 0 0 ?? DL Sat08PM 0:00.24 (pagedaemon)
root 5 0.0 0.0 0 0 ?? DL Sat08PM 0:01.25 (bufdaemon)
root 6 0.0 0.0 0 0 ?? DL Sat08PM 0:07.57 (syncer)
root 7 0.0 0.0 0 0 ?? DL Sat08PM 0:01.40 (vnlru)
root 71 0.0 2.2 1432 1104 ?? Is Sat08PM 0:01.18
/sbin/dhclient -nw fxp0
root 84 0.0 2.4 1448 1200 ?? Ss Sat08PM 0:25.91 /sbin/ipmon -sD
root 89 0.0 1.4 984 692 ?? Ss Sat08PM 1:54.65
/usr/sbin/syslogd -ss
root 94 0.0 3.2 2280 1604 ?? Ss Sat08PM 0:00.36
/usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c cgi-bin/*|**.php -u
root -i /var/run/mini_httpd.pid
root 97 0.0 1.5 1008 740 con- S Sat08PM 0:00.20
/usr/local/bin/ez-ipupdate -c /var/etc/ez-ipupdate.conf
root 100 0.0 3.1 1888 1544 ?? Is Sat08PM 0:02.06
/usr/local/sbin/dhcpd -cf /var/etc/dhcpd.conf rl0 an0
root 103 0.0 3.4 2508 1696 con- I Sat08PM 0:01.06
/usr/local/sbin/snmpd -c /var/etc/snmpd.conf -P /var/run/snmpd.pid
root 105 0.0 1.6 1324 824 con- S Sat08PM 6:12.00 /bin/sh
/usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid 300
clock.linuxshell.net time.chu.nrc.ca
root 125 0.0 1.7 1328 856 ?? I Sat08PM 0:00.02 /bin/sh
/etc/rc.initial console
root 167 0.0 4.8 2912 2428 ?? Ss Sat08PM 1:18.08
/usr/local/sbin/racoon -d -f /var/etc/racoon.conf
root 1115 0.0 0.7 868 340 ?? S 3:00PM 0:00.00 sleep 1
root 1117 0.0 3.6 2364 1816 ?? S 3:00PM 0:00.00
/usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c cgi-bin/*|**.php -u
root -i /var/run/mini_httpd.pid
root 0 0.0 0.0 0 0 ?? DLs Sat08PM 0:00.00 (swapper)
root 1128 0.0 1.3 1072 644 ?? RN 3:00PM 0:00.00 ps xauww
root 1 0.0 1.4 1052 684 ?? ILs Sat08PM 0:00.05 /sbin/init --
***** top -b *****
last pid: 1129; load averages: 0.00, 0.00, 0.00 up 1+18:32:59
15:00:18
15 processes: 1 running, 14 sleeping
Mem: 6040K Active, 4312K Inact, 5168K Wired, 4992K Buf, 34M Free
Swap:
PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND
1116 root 10 10 1332K 832K wait 0:00 13.00% 0.63% sh
1118 root -6 0 2364K 1816K piperd 0:00 3.00% 0.15% mini_httpd
105 root 10 0 1324K 824K wait 6:12 0.00% 0.00% sh
89 root 2 0 984K 692K select 1:55 0.00% 0.00% syslogd
167 root 2 0 2912K 2428K select 1:18 0.00% 0.00% racoon
84 root 10 0 1448K 1200K nanslp 0:26 0.00% 0.00% ipmon
100 root 2 0 1888K 1544K select 0:02 0.00% 0.00% dhcpd
71 root 2 0 1432K 1104K select 0:01 0.00% 0.00% dhclient
103 root 2 0 2508K 1696K select 0:01 0.00% 0.00% snmpd
94 root 2 0 2280K 1604K accept 0:00 0.00% 0.00% mini_httpd
97 root 10 0 1008K 740K nanslp 0:00 0.00% 0.00% ez-ipupdate
125 root 3 0 1328K 856K ttyin 0:00 0.00% 0.00% sh
1115 root 10 0 868K 340K nanslp 0:00 0.00% 0.00% sleep
1117 root 2 0 2364K 1816K sbwait 0:00 0.00% 0.00% mini_httpd
1129 root 48 10 1864K 928K RUN 0:00 0.00% 0.00% top
***** dhcpd.conf *****
option domain-name "home.eastendsc.net";
option domain-name-servers 192.168.2.72,192.168.1.3;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
ddns-update-style none;
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.100 192.168.2.198;
option routers 192.168.2.1;
}
host s_lan_0 {
hardware ethernet 00:0c:30:a8:61:f4;
fixed-address 192.168.2.199;
}
subnet 192.168.255.0 netmask 255.255.255.0 {
range 192.168.255.240 192.168.255.250;
option routers 192.168.255.1;
}
***** /conf/ez-ipupdate.cache *****
1067736600,24.190.174.211
***** df *****
Filesystem 512-blocks Used Avail Capacity Mounted on
/dev/md0c 19774 17068 1126 94% /
procfs 8 8 0 100% /proc
/dev/ad0a 9854 9506 -440 105% /cf
***** /var/etc/racoon.conf *****
path pre_shared_key "/var/etc/psk.txt";
remote 24.187.115.86 {
exchange_mode main;
my_identifier address "24.190.174.211";
peers_identifier address 24.187.115.86;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 2;
lifetime time 86400 secs;
}
lifetime time 86400 secs;
}
sainfo address 192.168.2.0/24 any address 192.168.4.0/24 any {
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
pfs_group 2;
lifetime time 86400 secs;
}
remote 24.185.231.163 {
exchange_mode main;
my_identifier address "24.190.174.211";
peers_identifier address 24.185.231.163;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 2;
lifetime time 86400 secs;
}
lifetime time 86400 secs;
}
sainfo address 192.168.2.0/24 any address 192.168.3.0/24 any {
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
pfs_group 2;
lifetime time 86400 secs;
}
remote 24.190.161.244 {
exchange_mode main;
my_identifier address "24.190.174.211";
peers_identifier address 24.190.161.244;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 2;
lifetime time 86400 secs;
}
lifetime time 86400 secs;
}
sainfo address 192.168.2.0/24 any address 192.168.1.0/24 any {
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
pfs_group 2;
lifetime time 86400 secs;
}
remote 24.184.150.82 {
exchange_mode main;
my_identifier address "24.190.174.211";
peers_identifier address 24.184.150.82;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 2;
lifetime time 86400 secs;
}
lifetime time 86400 secs;
}
sainfo address 192.168.2.0/24 any address 192.168.5.0/24 any {
encryption_algorithm des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
pfs_group 2;
lifetime time 86400 secs;
}
remote 24.190.161.244 {
exchange_mode main;
my_identifier address "24.190.174.211";
peers_identifier address 24.190.161.244;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 2;
lifetime time 86400 secs;
}
lifetime time 86400 secs;
}
sainfo address 192.168.2.0/24 any address 192.168.6.0/24 any {
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
pfs_group 2;
lifetime time 86400 secs;
}
remote 207.198.250.254 {
exchange_mode main;
my_identifier address "24.190.174.211";
peers_identifier address 207.198.250.254;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 5;
lifetime time 86400 secs;
}
lifetime time 86400 secs;
}
sainfo address 192.168.2.0/24 any address 172.16.0.0/16 any {
encryption_algorithm des,3des,blowfish,cast128,rijndael;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
pfs_group 5;
lifetime time 86400 secs;
}
***** SPD *****
192.168.4.0/24[any] 192.168.2.0/24[any] any
in ipsec
esp/tunnel/24.187.115.86-24.190.174.211/require
spid=2 seq=11 pid=1134
refcnt=1
192.168.3.0/24[any] 192.168.2.0/24[any] any
in ipsec
esp/tunnel/24.185.231.163-24.190.174.211/require
spid=4 seq=10 pid=1134
refcnt=1
192.168.1.0/24[any] 192.168.2.0/24[any] any
in ipsec
esp/tunnel/24.190.161.244-24.190.174.211/require
spid=6 seq=9 pid=1134
refcnt=1
192.168.5.0/24[any] 192.168.2.0/24[any] any
in ipsec
ah/tunnel/24.184.150.82-24.190.174.211/require
spid=8 seq=8 pid=1134
refcnt=1
192.168.6.0/24[any] 192.168.2.0/24[any] any
in ipsec
esp/tunnel/24.190.161.244-24.190.174.211/require
spid=10 seq=7 pid=1134
refcnt=1
172.16.0.0/16[any] 192.168.2.0/24[any] any
in ipsec
esp/tunnel/207.198.250.254-24.190.174.211/require
spid=12 seq=6 pid=1134
refcnt=1
192.168.2.0/24[any] 192.168.4.0/24[any] any
out ipsec
esp/tunnel/24.190.174.211-24.187.115.86/require
spid=1 seq=5 pid=1134
refcnt=1
192.168.2.0/24[any] 192.168.3.0/24[any] any
out ipsec
esp/tunnel/24.190.174.211-24.185.231.163/require
spid=3 seq=4 pid=1134
refcnt=1
192.168.2.0/24[any] 192.168.1.0/24[any] any
out ipsec
esp/tunnel/24.190.174.211-24.190.161.244/require
spid=5 seq=3 pid=1134
refcnt=1
192.168.2.0/24[any] 192.168.5.0/24[any] any
out ipsec
ah/tunnel/24.190.174.211-24.184.150.82/require
spid=7 seq=2 pid=1134
refcnt=1
192.168.2.0/24[any] 192.168.6.0/24[any] any
out ipsec
esp/tunnel/24.190.174.211-24.190.161.244/require
spid=9 seq=1 pid=1134
refcnt=1
192.168.2.0/24[any] 172.16.0.0/16[any] any
out ipsec
esp/tunnel/24.190.174.211-207.198.250.254/require
spid=11 seq=0 pid=1134
refcnt=1
***** SAD *****
24.190.174.211 24.187.115.86
esp mode=tunnel spi=3141877105(0xbb453d71) reqid=0(0x00000000)
E: 3des-cbc ca25d3e6 0e896513 49d3c59f 9db6e3de 17b2ee27 d885c4cd
A: hmac-md5 b67e335c 76e4a0e8 dac0266f b3410749
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: Nov 3 10:55:58 2003 current: Nov 3 15:00:19 2003
diff: 14661(s) hard: 86400(s) soft: 69120(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=11 pid=1135 refcnt=1
24.190.174.211 24.187.115.86
esp mode=tunnel spi=1464130428(0x5744db7c) reqid=0(0x00000000)
E: 3des-cbc 3650af8f 2e082f4b aece2ee9 a2023731 5fe2817e e30094e9
A: hmac-md5 0937c44b d7a13449 6aff6e21 e89ae1b5
seq=0x00004f61 replay=4 flags=0x00000000 state=dying
created: Nov 2 15:43:31 2003 current: Nov 3 15:00:19 2003
diff: 83808(s) hard: 86400(s) soft: 69120(s)
last: Nov 3 14:59:39 2003 hard: 0(s) soft: 0(s)
current: 4292784(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 20321 hard: 0 soft: 0
sadb_seq=10 pid=1135 refcnt=2
24.190.174.211 24.185.231.163
esp mode=tunnel spi=2804222748(0xa7250b1c) reqid=0(0x00000000)
E: 3des-cbc 89d96d64 19abff8a b03d120f 27d4e3df ef20ecce b697c391
A: hmac-md5 a8a15e4b a609a0e7 47ade95c c3413ff4
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: Nov 3 10:55:51 2003 current: Nov 3 15:00:19 2003
diff: 14668(s) hard: 86400(s) soft: 69120(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=9 pid=1135 refcnt=1
24.190.174.211 24.185.231.163
esp mode=tunnel spi=1288626683(0x4ccee1fb) reqid=0(0x00000000)
E: 3des-cbc ed2608c1 c41fcec5 a10ca955 62881075 8e4a273b 544301e7
A: hmac-md5 59d7fbda fbb91d95 03d19167 83cdc6ec
seq=0x00000a99 replay=4 flags=0x00000000 state=dying
created: Nov 2 15:43:25 2003 current: Nov 3 15:00:19 2003
diff: 83814(s) hard: 86400(s) soft: 69120(s)
last: Nov 3 14:59:39 2003 hard: 0(s) soft: 0(s)
current: 687896(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 2713 hard: 0 soft: 0
sadb_seq=8 pid=1135 refcnt=2
24.187.115.86 24.190.174.211
esp mode=tunnel spi=234500906(0x0dfa332a) reqid=0(0x00000000)
E: 3des-cbc 4770b4c2 05470fc6 a67524be 433632de bc636435 b7268bb6
A: hmac-md5 3c367ff6 06b4223b db81d4e8 2c083040
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: Nov 3 10:55:58 2003 current: Nov 3 15:00:19 2003
diff: 14661(s) hard: 86400(s) soft: 69120(s)
last: Nov 3 14:59:50 2003 hard: 0(s) soft: 0(s)
current: 747097(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 3589 hard: 0 soft: 0
sadb_seq=7 pid=1135 refcnt=1
24.187.115.86 24.190.174.211
esp mode=tunnel spi=162358996(0x09ad66d4) reqid=0(0x00000000)
E: 3des-cbc fa5fb765 d4b7b307 d5211836 799f8ceb dcecbc15 2f45c638
A: hmac-md5 986ec721 f6fa838b 89524daa 2c0b71be
seq=0x00000000 replay=4 flags=0x00000000 state=dying
created: Nov 2 15:43:31 2003 current: Nov 3 15:00:19 2003
diff: 83808(s) hard: 86400(s) soft: 69120(s)
last: Nov 3 10:55:48 2003 hard: 0(s) soft: 0(s)
current: 2733189(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 13877 hard: 0 soft: 0
sadb_seq=6 pid=1135 refcnt=1
24.185.231.163 24.190.174.211
esp mode=tunnel spi=262797136(0x0fa9f750) reqid=0(0x00000000)
E: 3des-cbc b9c2d36c fe0fa52b 26112576 2481328e 6193f6d5 cd9290cf
A: hmac-md5 92276a08 4b465446 caeb305b c6bfbe99
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: Nov 3 10:55:51 2003 current: Nov 3 15:00:19 2003
diff: 14668(s) hard: 86400(s) soft: 69120(s)
last: Nov 3 15:00:03 2003 hard: 0(s) soft: 0(s)
current: 227010(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 2445 hard: 0 soft: 0
sadb_seq=5 pid=1135 refcnt=1
24.185.231.163 24.190.174.211
esp mode=tunnel spi=28890902(0x01b8d716) reqid=0(0x00000000)
E: 3des-cbc fee71586 9a6c6361 0646e9a5 f0638869 d8ee0000 f591562b
A: hmac-md5 24550cd0 6093f4bc 40242f67 c0c49bee
seq=0x00000000 replay=4 flags=0x00000000 state=dying
created: Nov 2 15:43:25 2003 current: Nov 3 15:00:19 2003
diff: 83814(s) hard: 86400(s) soft: 69120(s)
last: Nov 3 10:55:29 2003 hard: 0(s) soft: 0(s)
current: 658433(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 5624 hard: 0 soft: 0
sadb_seq=4 pid=1135 refcnt=1
24.190.174.211 207.198.250.254
esp mode=tunnel spi=2875911984(0xab6aef30) reqid=0(0x00000000)
E: 3des-cbc 8268f5de cef172d7 c12d333a 9c5de5c8 61519d90 6e108fe6
A: hmac-md5 110d9c38 c3290791 312430e7 98aa0b0e
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: Nov 3 11:09:19 2003 current: Nov 3 15:00:19 2003
diff: 13860(s) hard: 28800(s) soft: 23040(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=3 pid=1135 refcnt=1
207.198.250.254 24.190.174.211
esp mode=tunnel spi=166809109(0x09f14e15) reqid=0(0x00000000)
E: 3des-cbc 5185d814 cab660c1 df00b677 2b4ebbb9 a5629293 2942d911
A: hmac-md5 8b61635d d685ad5a 3f1ef7fa 207390b3
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: Nov 3 11:09:19 2003 current: Nov 3 15:00:19 2003
diff: 13860(s) hard: 28800(s) soft: 23040(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=2 pid=1135 refcnt=1
24.190.174.211 24.190.161.244
esp mode=tunnel spi=2012315772(0x77f1807c) reqid=0(0x00000000)
E: 3des-cbc b3c75794 1c479dd8 fbb13cd8 41e88466 27653e02 0c21216f
A: hmac-md5 e996e77f 165f507f 7ad21ac5 9c43c154
seq=0x0000000c replay=4 flags=0x00000000 state=mature
created: Nov 3 14:58:17 2003 current: Nov 3 15:00:19 2003
diff: 122(s) hard: 3600(s) soft: 2880(s)
last: Nov 3 15:00:08 2003 hard: 0(s) soft: 0(s)
current: 4400(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 12 hard: 0 soft: 0
sadb_seq=1 pid=1135 refcnt=2
24.190.161.244 24.190.174.211
esp mode=tunnel spi=63425646(0x03c7cc6e) reqid=0(0x00000000)
E: 3des-cbc 5363debc 1e8b93ce 852e9613 50bd39b3 368a73ce 9dc3ffbc
A: hmac-md5 7e6ecf8c 6e4c4ffe 1438a3f5 937d5a20
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: Nov 3 14:58:17 2003 current: Nov 3 15:00:19 2003
diff: 122(s) hard: 3600(s) soft: 2880(s)
last: Nov 3 15:00:18 2003 hard: 0(s) soft: 0(s)
current: 7537(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 68 hard: 0 soft: 0
sadb_seq=0 pid=1135 refcnt=1
***** last 200 system log entries *****
Nov 3 14:58:41 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:41 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:42 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:42 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:43 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:43 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:44 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:44 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:45 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:45 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:46 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:46 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:47 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:47 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:48 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:48 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:49 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:49 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:50 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:50 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:51 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:51 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:52 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:52 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:53 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:53 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:54 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:54 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:55 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:55 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:56 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:56 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:57 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:57 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:58 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:58 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:58:59 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:58:59 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:00 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:00 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:01 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:01 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:02 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:02 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:03 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:03 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:04 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:04 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:05 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:05 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:06 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:06 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:07 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:07 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:08 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:08 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:09 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:09 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:10 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:10 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:11 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:11 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:12 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:12 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:13 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:13 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:14 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:14 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:15 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:15 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:16 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:16 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:17 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:17 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:18 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:19 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:19 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:20 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:20 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:21 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:21 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:22 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:22 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:23 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:23 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:24 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:24 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:25 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:25 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:26 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:26 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:27 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:27 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:28 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:28 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:29 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:29 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:30 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:30 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:31 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:31 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:32 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:32 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:33 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:33 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:34 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:34 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:35 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:35 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:36 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:36 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:37 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:37 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:38 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:38 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:39 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:39 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:40 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:40 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:41 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:41 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:42 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:42 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:43 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:43 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:44 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:44 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:45 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:45 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:46 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:46 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:47 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:47 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:48 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:48 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:49 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:49 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:50 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:50 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:51 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:51 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:52 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:52 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:53 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:53 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:54 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:54 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:55 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:55 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:56 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:56 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:57 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:57 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:58 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:58 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 14:59:59 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 14:59:59 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:00 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:00 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:01 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:01 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:02 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:02 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:03 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:03 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:04 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:04 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:05 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:05 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:06 gw1 racoon: INFO: isakmp_inf.c:925:purge_ipsec_spi(): purged
IPsec-SA proto_id=ESP spi=2769982832.
Nov 3 15:00:06 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:06 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:07 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:07 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:08 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:08 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:09 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:09 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:10 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:10 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:11 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:11 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:12 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:12 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:13 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:13 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:14 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:14 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:15 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:15 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:16 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:16 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:17 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:17 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov 3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 156,
got 182 for Rid ff10
Nov 3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov 3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
***** last 50 filter log entries *****
Nov 3 14:59:51 gw1 ipmon[84]: 14:59:51.094390 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov 3 14:59:54 gw1 ipmon[84]: 14:59:54.211620 rl0 @0:5 B
192.168.1.3,1178 -> 192.168.2.4,2161 PR tcp len 20 48 -S OUT
Nov 3 14:59:54 gw1 ipmon[84]: 14:59:54.215528 rl0 @0:5 B
192.168.1.3,1179 -> 192.168.2.72,2161 PR tcp len 20 48 -S OUT
Nov 3 14:59:55 gw1 ipmon[84]: 14:59:54.676148 rl0 @0:5 B
192.168.1.3,1180 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov 3 14:59:55 gw1 ipmon[84]: 14:59:54.704466 rl0 @0:5 B
192.168.3.3,4237 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov 3 14:59:55 gw1 ipmon[84]: 14:59:54.859171 rl0 @100:2 p
192.168.2.100,4884 -> 12.120.29.12,80 PR tcp len 20 40 -R K-S K-F IN
Nov 3 14:59:55 gw1 ipmon[84]: 14:59:54.859254 fxp0 @100:2 p
24.190.174.211,26320 -> 12.120.29.12,80 PR tcp len 20 40 -R K-S K-F OUT
Nov 3 14:59:55 gw1 ipmon[84]: 14:59:55.380318 2x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov 3 14:59:56 gw1 ipmon[84]: 14:59:55.920024 3x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov 3 14:59:56 gw1 ipmon[84]: 14:59:56.576665 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov 3 14:59:57 gw1 ipmon[84]: 14:59:56.729912 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov 3 14:59:57 gw1 ipmon[84]: 14:59:57.167882 rl0 @0:5 B
192.168.1.3,1178 -> 192.168.2.4,2161 PR tcp len 20 48 -S OUT
Nov 3 14:59:57 gw1 ipmon[84]: 14:59:57.171824 rl0 @0:5 B
192.168.1.3,1179 -> 192.168.2.72,2161 PR tcp len 20 48 -S OUT
Nov 3 14:59:57 gw1 ipmon[84]: 14:59:57.671342 rl0 @0:5 B
192.168.1.3,1180 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov 3 14:59:58 gw1 ipmon[84]: 14:59:57.706333 rl0 @0:5 B
192.168.3.3,4237 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov 3 15:00:02 gw1 ipmon[84]: 15:00:02.112581 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov 3 15:00:03 gw1 ipmon[84]: 15:00:03.234219 rl0 @0:5 B
192.168.1.3,1179 -> 192.168.2.72,2161 PR tcp len 20 48 -S OUT
Nov 3 15:00:03 gw1 ipmon[84]: 15:00:03.234565 rl0 @0:5 B
192.168.1.3,1178 -> 192.168.2.4,2161 PR tcp len 20 48 -S OUT
Nov 3 15:00:03 gw1 ipmon[84]: 15:00:03.715300 rl0 @0:5 B
192.168.3.3,4237 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov 3 15:00:03 gw1 ipmon[84]: 15:00:03.735295 rl0 @0:5 B
192.168.1.3,1180 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov 3 15:00:07 gw1 ipmon[84]: 15:00:07.009459 3x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov 3 15:00:07 gw1 ipmon[84]: 15:00:07.584726 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:07.820825 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.020732 rl0 @100:2 p 192.168.2.100 ->
192.168.1.3 PR icmp len 20 60 icmp echo/0 K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.050186 rl0 @100:2 p 192.168.1.3 ->
192.168.2.100 PR icmp len 20 60 icmp echoreply/0 K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.050812 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 52 -S K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.051340 rl0 @100:2 p 192.168.2.100 ->
192.168.1.3 PR icmp len 20 60 icmp echo/0 K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.074263 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 52 -AS K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.074540 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 40 -A K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.074908 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 177 -AP K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.086947 rl0 @100:2 p 192.168.1.3 ->
192.168.2.100 PR icmp len 20 60 icmp echoreply/0 K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.089129 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.127318 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 236 -AP K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.130549 rl0 @100:2 p 192.168.2.100,48
86 -> 192.168.1.3,445 PR tcp len 20 1500 -A K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.131805 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 1256 -AP K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.178438 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 40 -A K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.187896 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 349 -AP K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.189032 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 178 -AP K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.218009 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 100 -AP K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.218633 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 116 -AP K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.256184 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 228 -AP K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.260898 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 154 -AP K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.288842 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 386 -AP K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.289755 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 126 -AP K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.358952 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.384593 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 244 -AP K-S K-F OUT
Nov 3 15:00:08 gw1 ipmon[84]: 15:00:08.528716 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 40 -A K-S K-F IN
Nov 3 15:00:12 gw1 ipmon[84]: 15:00:12.652236 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov 3 15:00:18 gw1 ipmon[84]: 15:00:18.095004 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov 3 15:00:18 gw1 ipmon[84]: 15:00:18.638506 2x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
***** ls /conf *****
config.xml
ez-ipupdate.cache
***** ls /var/run *****
dev.db
dhclient.pid
dhcpd.pid
ez-ipupdate.pid
htpasswd
ipmon.pid
ld-elf.so.hints
log
mini_httpd.pid
racoon.pid
runmsntp.pid
snmpd.pid
syslog.pid
utmp
***** config.xml *****
<?xml version="1.0"?>
<m0n0wall>
<version>1.3</version>
<system>
<hostname>gw1</hostname>
<domain>home.eastendsc.net</domain>
<password>$1$eISRf7G8$O6b4DBCgG2EQgSs2Jau/z1</password>
<timezone>EST5EDT</timezone>
<time-update-interval>300</time-update-interval>
<timeservers>clock.linuxshell.net time.chu.nrc.ca</timeservers>
<webgui>
<protocol>https</protocol>
</webgui>
<dnsserver>192.168.2.72</dnsserver>
<dnsserver>192.168.1.3</dnsserver>
</system>
<interfaces>
<lan>
<if>rl0</if>
<ipaddr>192.168.2.1</ipaddr>
<subnet>24</subnet>
</lan>
<wan>
<if>fxp0</if>
<spoofmac>00:00:c5:8f:64:5a</spoofmac>
<ipaddr>dhcp</ipaddr>
</wan>
<opt1>
<if>an0</if>
<wireless>
<mode>BSS</mode>
<ssid>iaroccinet</ssid>
<stationname>iaroccinet</stationname>
<channel>10</channel>
<wep>
<key>
<value>0x12345678901234567890123456</value>
<txkey/>
</key>
<key>
<value>0x12345678901234567890123456</value>
</key>
<key>
<value>0x12345678901234567890123456</value>
</key>
<key>
<value>0x12345678901234567890123456</value>
</key>
</wep>
</wireless>
<descr>Aironet 350 card</descr>
<ipaddr>192.168.255.1</ipaddr>
<subnet>24</subnet>
<bridge/>
<enable/>
</opt1>
</interfaces>
<pppoe/>
<pptp/>
<dyndns>
<type>zoneedit</type>
<username>ciarocci</username>
<password>April4</password>
<host>eastendsc.net</host>
<mx>mail.eastendsc.net</mx>
<enable/>
</dyndns>
<dhcpd>
<lan>
<range>
<from>192.168.2.100</from>
<to>192.168.2.198</to>
</range>
<enable/>
<staticmap>
<mac>00:0c:30:a8:61:f4</mac>
<ipaddr>192.168.2.199</ipaddr>
<descr>Cisco voice router</descr>
</staticmap>
</lan>
<opt1>
<range>
<from>192.168.255.240</from>
<to>192.168.255.250</to>
</range>
<enable/>
</opt1>
</dhcpd>
<pptpd>
<mode/>
<redir/>
<localip/>
<remoteip/>
</pptpd>
<diag>
<ipv6nat>
<ipaddr/>
</ipv6nat>
</diag>
<nat>
<rule>
<protocol>tcp</protocol>
<external-port>21</external-port>
<target>192.168.2.4</target>
<local-port>21</local-port>
<descr>FTP to Novell Server</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>22</external-port>
<target>192.168.2.3</target>
<local-port>22</local-port>
<descr>SSH to Linux box</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>25</external-port>
<target>192.168.2.3</target>
<local-port>25</local-port>
<descr>SMTP to Linux Server</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>110</external-port>
<target>192.168.2.3</target>
<local-port>110</local-port>
<descr>POP3 to Linux server</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>143</external-port>
<target>192.168.2.3</target>
<local-port>143</local-port>
<descr>IMAP to linux server</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>3389</external-port>
<target>192.168.2.72</target>
<local-port>3389</local-port>
<descr>TS access to 2K server</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>8081</external-port>
<target>192.168.2.72</target>
<local-port>8081</local-port>
<descr>HTTP to 2K server</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>10000</external-port>
<target>192.168.2.3</target>
<local-port>10000</local-port>
<descr>Webmin</descr>
</rule>
<rule>
<protocol>udp</protocol>
<external-port>5060-5061</external-port>
<target>192.168.2.199</target>
<local-port>5060</local-port>
<descr>Vonage Ports</descr>
</rule>
<rule>
<protocol>udp</protocol>
<external-port>10100-10500</external-port>
<target>192.168.2.199</target>
<local-port>10100</local-port>
<descr>Vonage ports</descr>
</rule>
<rule>
<protocol>tcp</protocol>
<external-port>20000</external-port>
<target>192.168.2.3</target>
<local-port>20000</local-port>
<descr>Usermin to Linux server</descr>
</rule>
</nat>
<filter>
<rule>
<interface>wan</interface>
<protocol>icmp</protocol>
<source>
<any/>
</source>
<destination>
<any/>
</destination>
<descr>Allow ICMP </descr>
<type>pass</type>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<source>
<address>192.168.0.0/16</address>
</source>
<destination>
<any/>
</destination>
<log/>
<frags/>
<descr>Allow all from 192.168.0.0/16 networks</descr>
</rule>
<rule>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.4</address>
<port>20-21</port>
</destination>
<descr>NAT FTP to Novell Server</descr>
<type>pass</type>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.3</address>
<port>22</port>
</destination>
<descr>NAT SSH to Linux box</descr>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.3</address>
<port>25</port>
</destination>
<descr>NAT SMTP to Linux Server</descr>
</rule>
<rule>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.72</address>
<port>80</port>
</destination>
<descr>NAT </descr>
<type>pass</type>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.3</address>
<port>110</port>
</destination>
<descr>NAT POP3 to Linux server</descr>
</rule>
<rule>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<any/>
<port>443</port>
</destination>
<descr/>
<type>pass</type>
</rule>
<rule>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.72</address>
<port>3389</port>
</destination>
<descr>NAT TS access to 2K server</descr>
<type>pass</type>
</rule>
<rule>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.72</address>
<port>8081</port>
</destination>
<descr>NAT HTTP to 2K server</descr>
<type>pass</type>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.3</address>
<port>10000</port>
</destination>
<descr>NAT Webmin</descr>
</rule>
<rule>
<interface>wan</interface>
<protocol>udp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.199</address>
<port>5060-5061</port>
</destination>
<descr>NAT Vonage Ports</descr>
<type>pass</type>
</rule>
<rule>
<interface>wan</interface>
<protocol>udp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.199</address>
<port>10100-10500</port>
</destination>
<descr>NAT Vonage ports</descr>
<type>pass</type>
</rule>
<rule>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.3</address>
<port>143</port>
</destination>
<descr>NAT IMAP to linux server</descr>
</rule>
<rule>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<address>192.168.2.3</address>
<port>20000</port>
</destination>
<descr>NAT Usermin to Linux server</descr>
</rule>
<rule>
<interface>opt1</interface>
<source>
<any/>
</source>
<destination>
<any/>
</destination>
<frags/>
<descr>Allow all from Wireless interface</descr>
<type>pass</type>
</rule>
<rule>
<type>pass</type>
<interface>lan</interface>
<source>
<address>192.168.0.0/16</address>
</source>
<destination>
<any/>
</destination>
<log/>
<frags/>
<descr>Allow from all other LANs</descr>
</rule>
<rule>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
<frags/>
<descr>Default LAN -> any</descr>
<type>pass</type>
</rule>
</filter>
<shaper>
<enable/>
<rule>
<interface>lan</interface>
<source>
<address>192.168.2.199</address>
</source>
<destination>
<any/>
</destination>
<bandwidth>100</bandwidth>
<mask>source</mask>
<descr>Allow bandwidth for voice router</descr>
</rule>
<rule>
<interface>lan</interface>
<protocol>tcp</protocol>
<source>
<any/>
<port>21</port>
</source>
<destination>
<any/>
<port>21</port>
</destination>
<bandwidth>720</bandwidth>
<mask>source</mask>
<descr>Limit FTP</descr>
</rule>
</shaper>
<ipsec>
<enable/>
<tunnel>
<local-subnet>
<network>lan</network>
</local-subnet>
<remote-subnet>192.168.4.0/24</remote-subnet>
<remote-gateway>24.187.115.86</remote-gateway>
<p1>
<mode>main</mode>
<myident>
<myaddress/>
</myident>
<encryption-algorithm>3des</encryption-algorithm>
<hash-algorithm>md5</hash-algorithm>
<dhgroup>2</dhgroup>
<lifetime>86400</lifetime>
<pre-shared-key>6801</pre-shared-key>
</p1>
<p2>
<protocol>esp</protocol>
<encryption-algorithm-option>3des</encryption-algorithm-option>
<hash-algorithm-option>hmac_md5</hash-algorithm-option>
<pfsgroup>2</pfsgroup>
<lifetime>86400</lifetime>
</p2>
<descr>IPSec to KennaNet</descr>
</tunnel>
<tunnel>
<local-subnet>
<network>lan</network>
</local-subnet>
<remote-subnet>192.168.3.0/24</remote-subnet>
<remote-gateway>24.185.231.163</remote-gateway>
<p1>
<mode>main</mode>
<myident>
<myaddress/>
</myident>
<encryption-algorithm>3des</encryption-algorithm>
<hash-algorithm>md5</hash-algorithm>
<dhgroup>2</dhgroup>
<lifetime>86400</lifetime>
<pre-shared-key>6801</pre-shared-key>
</p1>
<p2>
<protocol>esp</protocol>
<encryption-algorithm-option>3des</encryption-algorithm-option>
<hash-algorithm-option>hmac_md5</hash-algorithm-option>
<pfsgroup>2</pfsgroup>
<lifetime>86400</lifetime>
</p2>
<descr>IPSec to MarescoNet</descr>
</tunnel>
<tunnel>
<local-subnet>
<network>lan</network>
</local-subnet>
<remote-subnet>192.168.1.0/24</remote-subnet>
<remote-gateway>24.190.161.244</remote-gateway>
<p1>
<mode>main</mode>
<myident>
<myaddress/>
</myident>
<encryption-algorithm>3des</encryption-algorithm>
<hash-algorithm>md5</hash-algorithm>
<dhgroup>2</dhgroup>
<lifetime>86400</lifetime>
<pre-shared-key>6801</pre-shared-key>
</p1>
<p2>
<protocol>esp</protocol>
<encryption-algorithm-option>3des</encryption-algorithm-option>
<hash-algorithm-option>hmac_md5</hash-algorithm-option>
<pfsgroup>2</pfsgroup>
<lifetime>86400</lifetime>
</p2>
<descr>IPSec to HomeNet</descr>
</tunnel>
<tunnel>
<local-subnet>
<network>lan</network>
</local-subnet>
<remote-subnet>192.168.5.0/24</remote-subnet>
<remote-gateway>24.184.150.82</remote-gateway>
<p1>
<mode>main</mode>
<myident>
<myaddress/>
</myident>
<encryption-algorithm>des</encryption-algorithm>
<hash-algorithm>md5</hash-algorithm>
<dhgroup>2</dhgroup>
<lifetime>86400</lifetime>
<pre-shared-key>6801</pre-shared-key>
</p1>
<p2>
<protocol>ah</protocol>
<encryption-algorithm-option>des</encryption-algorithm-option>
<hash-algorithm-option>hmac_md5</hash-algorithm-option>
<pfsgroup>2</pfsgroup>
<lifetime>86400</lifetime>
</p2>
<descr>VPN to CrifasiNet</descr>
</tunnel>
<tunnel>
<local-subnet>
<network>lan</network>
</local-subnet>
<remote-subnet>192.168.6.0/24</remote-subnet>
<remote-gateway>24.190.161.244</remote-gateway>
<p1>
<mode>main</mode>
<myident>
<myaddress/>
</myident>
<encryption-algorithm>3des</encryption-algorithm>
<hash-algorithm>md5</hash-algorithm>
<dhgroup>2</dhgroup>
<lifetime>86400</lifetime>
<pre-shared-key>6801</pre-shared-key>
</p1>
<p2>
<protocol>esp</protocol>
<encryption-algorithm-option>3des</encryption-algorithm-option>
<hash-algorithm-option>hmac_md5</hash-algorithm-option>
<pfsgroup>2</pfsgroup>
<lifetime>86400</lifetime>
</p2>
<descr>IPSec to HomeNet</descr>
</tunnel>
<tunnel>
<local-subnet>
<network>lan</network>
</local-subnet>
<remote-subnet>172.16.0.0/16</remote-subnet>
<remote-gateway>207.198.250.254</remote-gateway>
<p1>
<mode>main</mode>
<myident>
<myaddress/>
</myident>
<encryption-algorithm>3des</encryption-algorithm>
<hash-algorithm>md5</hash-algorithm>
<dhgroup>5</dhgroup>
<lifetime>86400</lifetime>
<pre-shared-key>6801680168016801</pre-shared-key>
</p1>
<p2>
<protocol>esp</protocol>
<encryption-algorithm-option>des</encryption-algorithm-option>
<encryption-algorithm-option>3des</encryption-algorithm-option>
<encryption-algorithm-option>blowfish</encryption-algorithm-option>
<encryption-algorithm-option>cast128</encryption-algorithm-option>
<encryption-algorithm-option>rijndael</encryption-algorithm-option>
<hash-algorithm-option>hmac_md5</hash-algorithm-option>
<pfsgroup>5</pfsgroup>
<lifetime>86400</lifetime>
</p2>
<descr>Russ's firewall</descr>
</tunnel>
</ipsec>
<staticroutes/>
<syslog>
<reverse/>
<nentries>100</nentries>
<remoteserver/>
</syslog>
<dnsmasq>
<regdhcp/>
</dnsmasq>
<snmpd>
<rocommunity>iaroccinet</rocommunity>
<syslocation>Patchogue, NY</syslocation>
<syscontact>Christopher Iarocci</syscontact>
<enable/>
</snmpd>
</m0n0wall>
***** kldstat *****
kldstat: not found
***** ngctl list *****
There are 4 total nodes:
Name: ngctl1145 Type: socket ID: 00000007 Num hooks: 0
Name: fxp0 Type: ether ID: 00000003 Num hooks: 0
Name: rl0 Type: ether ID: 00000002 Num hooks: 0
Name: an0 Type: ether ID: 00000001 Num hooks:
0----- Original Message -----
From: "Manuel Kasper" <mk at neon1 dot net>
To: "Greg Nicholson" <greg at d0gz dot net>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, November 03, 2003 12:40 PM
Subject: Re: [m0n0wall] New release and IPSec problem
> On 03.11.2003, at 17:50, Greg Nicholson wrote:
>
> > I noticed the same behavior on my installation last night, but didn't
> > have
> > time to troubleshoot before reverting to pb18 where everything worked.
> > I'm
> > pretty sure that it is in the firewall code, as I was seeing the
> > packets
> > being bounced by rule 0:4.
>
> Well, I can't see why any of the changes made to the filter generator
> from pb18 to pb19 would cause something like this. Guess we'll need
> more input, like status.cgi output when the problem occurs...
>
> > On a related note, we have LAN,WAN,PPTP options on the firewall rules.
> > Where do the IPsec tunnels fit in?
>
> Nowhere. In a way, IPsec completely sucks when it comes to filtering
> because there are no virtual interfaces per tunnel as there are with
> PPTP or OpenVPN. ipfilter just sees those packets as coming in via WAN
> (and to make matters worse, they pass through the filter three (!)
> times - once as ESP, then as ipencap and finally as the decrypted
> packet). Maybe some kludge with gif interfaces would help, but I'm not
> sure about that.
>
> I'd prefer to get rid of that nasty, ugly, kludgy IPsec + IKE (did I
> mention that racoon sucks? ;) shit anyway - causes more headaches than
> it is worth. Too bad it's the de-facto industry standard. OpenVPN is
> much more beautiful. But the good things in life always have a catch:
> it runs in userland and as such it's very slow on low-end platforms
> like embedded PCs. Gosh!
>
> - Manuel
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
|
