[ previous ] [ next ] [ threads ]
 
 From:  "a.gatta" <a dot gatta at tiscali dot it>
 To:  Peter Allgeyer <allgeyer at web dot de>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Openvpn, problem with Inbound Nat on Opt interface
 Date:  Fri, 24 Mar 2006 23:43:23 +0100
Peter Allgeyer wrote:

>Am Freitag, den 24.03.2006, 23:04 +0100 schrieb a.gatta:
>
>  
>
>>In attach you will find the monoinfo from "status.php" and the 
>>configuration (xml) with the applied rule (any any pass).
>>    
>>
>Seems to be ok. Maybe you can supply me with the corresponding logfile
>(turn logging on) before I'll try to reproduce this behaviour on my test
>system.
>
>BR,
>  PIT
>
>
>---------------------------------------------------------------------------
> copyleft(c) by |   _-_    * dpkg ponders: 'C++' should have been called
> Peter Allgeyer | 0(o_o)0   'D'   -- #Debian
>---------------oOO--(_)--OOo-----------------------------------------------
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>  
>
Hi Pit,
in attach the log file (monolog.txt).

The logging for this rule was already turned off but I checked twice to 
be sure.

In the file you'll see that the default block rule is matched for 
connections coming from networks behind openvpn server.

That is, seems that for a strange reason the connection does not match 
any rule in the policy and then is dropped by the catchall rule.

Other option is that mono for weird reason drop any connection coming in 
opt 1.

Thank for you support.

Cheers
Mar 24 23:30:48 m0n0wall ipmon[85]: 23:30:47.869216 sis0 @0:13 b 27.242.24.42,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:30:50 m0n0wall ipmon[85]: 23:30:49.680937 sis0 @0:13 b 1.109.223.33,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:30:52 m0n0wall ipmon[85]: 23:30:51.696045 sis0 @0:13 b 39.238.69.185,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:30:53 m0n0wall ipmon[85]: 23:30:52.885975 sis0 @0:13 b 39.244.181.107,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:00 m0n0wall ipmon[85]: 23:31:00.095989 sis0 @0:13 b 36.244.154.121,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:01 m0n0wall ipmon[85]: 23:31:01.040260 sis0 @0:13 b 29.242.84.117,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:03 m0n0wall ipmon[85]: 23:31:03.070197 sis0 @0:13 b 1.27.68.100,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:05 m0n0wall ipmon[85]: 23:31:04.977109 sis0 @0:13 b 23.250.253.57,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:05 m0n0wall ipmon[85]: 23:31:05.087173 sis0 @0:13 b 23.254.176.186,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:08 m0n0wall ipmon[85]: 23:31:07.335797 sis0 @0:13 b 37.255.84.133,61567 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:14 m0n0wall ipmon[85]: 23:31:13.761197 sis0 @0:13 b 1.75.196.68,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:18 m0n0wall ipmon[85]: 23:31:17.773164 sis0 @0:13 b 1.10.164.41,63383 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:28 m0n0wall ipmon[85]: 23:31:28.144474 sis0 @0:13 b 23.251.17.251,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:30 m0n0wall ipmon[85]: 23:31:29.222312 sis0 @0:13 b 23.250.240.106,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:31 m0n0wall ipmon[85]: 23:31:30.404073 sis0 @0:13 b 39.253.125.51,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:34 m0n0wall ipmon[85]: 23:31:34.076260 sis0 @0:13 b 23.238.136.77,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:38 m0n0wall ipmon[85]: 23:31:37.972298 sis0 @0:13 b 23.255.89.94,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:41 m0n0wall ipmon[85]: 23:31:40.322696 sis0 @0:13 b 5.241.97.242,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:41 m0n0wall ipmon[85]: 23:31:40.422760 sis0 @0:13 b 23.248.170.125,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:42 m0n0wall ipmon[85]: 23:31:41.958187 sis0 @0:13 b 5.255.148.161,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:42 m0n0wall ipmon[85]: 23:31:41.993065 sis0 @0:13 b 41.243.196.74,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:47 m0n0wall ipmon[85]: 23:31:46.437344 sis0 @0:13 b 41.244.154.187,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:51 m0n0wall ipmon[85]: 23:31:50.559322 sis0 @0:13 b 23.243.96.219,60069 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:31:51 m0n0wall ipmon[85]: 23:31:51.118630 sis0 @0:13 b 23.231.109.66,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:01 m0n0wall ipmon[85]: 23:32:00.558084 sis0 @0:13 b 2.255.201.233,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:01 m0n0wall ipmon[85]: 23:32:01.111856 sis0 @0:13 b 1.118.246.164,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:11 m0n0wall ipmon[85]: 23:32:10.510603 sis0 @0:13 b 31.0.214.58,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:20 m0n0wall ipmon[85]: 23:32:19.457865 sis0 @0:13 b 1.18.93.58,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:22 m0n0wall ipmon[85]: 23:32:21.365370 sis0 @0:13 b 23.240.175.41,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:23 m0n0wall ipmon[85]: 23:32:22.760560 sis0 @0:13 b 14.243.62.74,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:26 m0n0wall ipmon[85]: 23:32:25.409970 sis0 @0:13 b 39.233.2.89,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:27 m0n0wall ipmon[85]: 23:32:26.493672 sis0 @0:13 b 23.255.160.251,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:28 m0n0wall ipmon[85]: 23:32:28.049752 sis0 @0:13 b 29.244.116.109,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:37 m0n0wall ipmon[85]: 23:32:36.934931 sis0 @0:13 b 39.5.205.139,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:44 m0n0wall ipmon[85]: 23:32:43.645178 sis0 @0:13 b 23.231.109.66,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:46 m0n0wall ipmon[85]: 23:32:46.114351 sis0 @0:13 b 23.7.31.50,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:52 m0n0wall ipmon[85]: 23:32:51.508408 sis0 @0:13 b 14.243.159.59,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:32:52 m0n0wall ipmon[85]: 23:32:51.866459 sis0 @0:13 b 39.237.136.38 -> 23.250.58.114 PR
icmp len 20 91 icmp unreach/port for 23.250.58.114,1916 - 39.237.136.38,4672 PR udp len 20 63 IN
Mar 24 23:32:58 m0n0wall ipmon[85]: 23:32:57.766548 sis0 @0:13 b 1.255.227.17,1823 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:01 m0n0wall ipmon[85]: 23:33:00.286038 sis0 @0:13 b 1.80.6.92,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:03 m0n0wall ipmon[85]: 23:33:03.208090 sis0 @0:13 b 1.13.135.66,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:08 m0n0wall ipmon[85]: 23:33:07.320981 sis0 @0:13 b 1.19.119.58,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:09 m0n0wall ipmon[85]: 23:33:09.182633 sis0 @0:13 b 41.243.186.181,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:11 m0n0wall ipmon[85]: 23:33:10.349760 sis0 @0:13 b 23.7.31.50,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:26 m0n0wall ipmon[85]: 23:33:25.776580 sis0 @0:13 b 23.234.16.110,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:32 m0n0wall ipmon[85]: 23:33:31.504992 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN
Mar 24 23:33:35 m0n0wall ipmon[85]: 23:33:34.321952 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN
Mar 24 23:33:41 m0n0wall ipmon[85]: 23:33:40.324772 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN
Mar 24 23:33:44 m0n0wall ipmon[85]: 23:33:43.814701 sis0 @0:13 b 5.255.255.50,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
Mar 24 23:33:53 m0n0wall ipmon[85]: 23:33:52.330190 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN