[ previous ] [ next ] [ threads ]
 
 From:  "a.gatta" <a dot gatta at tiscali dot it>
 To:  "a.gatta" <a dot gatta at tiscali dot it>
 Cc:  Peter Allgeyer <allgeyer at web dot de>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Openvpn, problem with Inbound Nat on Opt interface
 Date:  Fri, 24 Mar 2006 23:51:26 +0100
a.gatta wrote:

> Peter Allgeyer wrote:
>
>> Am Freitag, den 24.03.2006, 23:04 +0100 schrieb a.gatta:
>>
>>  
>>
>>> In attach you will find the monoinfo from "status.php" and the 
>>> configuration (xml) with the applied rule (any any pass).
>>>   
>>
>> Seems to be ok. Maybe you can supply me with the corresponding logfile
>> (turn logging on) before I'll try to reproduce this behaviour on my test
>> system.
>>
>> BR,
>>  PIT
>>
>>
>> --------------------------------------------------------------------------- 
>>
>> copyleft(c) by |   _-_    * dpkg ponders: 'C++' should have been called
>> Peter Allgeyer | 0(o_o)0   'D'   -- #Debian
>> ---------------oOO--(_)--OOo----------------------------------------------- 
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>  
>>
> Hi Pit,
> in attach the log file (monolog.txt).
>
> The logging for this rule was already turned off but I checked twice 
> to be sure.
>
> In the file you'll see that the default block rule is matched for 
> connections coming from networks behind openvpn server.
>
> That is, seems that for a strange reason the connection does not match 
> any rule in the policy and then is dropped by the catchall rule.
>
> Other option is that mono for weird reason drop any connection coming 
> in opt 1.
>
> Thank for you support.
>
> Cheers
>
>------------------------------------------------------------------------
>
>Mar 24 23:30:48 m0n0wall ipmon[85]: 23:30:47.869216 sis0 @0:13 b 27.242.24.42,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:30:50 m0n0wall ipmon[85]: 23:30:49.680937 sis0 @0:13 b 1.109.223.33,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:30:52 m0n0wall ipmon[85]: 23:30:51.696045 sis0 @0:13 b 39.238.69.185,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:30:53 m0n0wall ipmon[85]: 23:30:52.885975 sis0 @0:13 b 39.244.181.107,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:00 m0n0wall ipmon[85]: 23:31:00.095989 sis0 @0:13 b 36.244.154.121,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:01 m0n0wall ipmon[85]: 23:31:01.040260 sis0 @0:13 b 29.242.84.117,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:03 m0n0wall ipmon[85]: 23:31:03.070197 sis0 @0:13 b 1.27.68.100,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:05 m0n0wall ipmon[85]: 23:31:04.977109 sis0 @0:13 b 23.250.253.57,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:05 m0n0wall ipmon[85]: 23:31:05.087173 sis0 @0:13 b 23.254.176.186,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:08 m0n0wall ipmon[85]: 23:31:07.335797 sis0 @0:13 b 37.255.84.133,61567 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:14 m0n0wall ipmon[85]: 23:31:13.761197 sis0 @0:13 b 1.75.196.68,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:18 m0n0wall ipmon[85]: 23:31:17.773164 sis0 @0:13 b 1.10.164.41,63383 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:28 m0n0wall ipmon[85]: 23:31:28.144474 sis0 @0:13 b 23.251.17.251,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:30 m0n0wall ipmon[85]: 23:31:29.222312 sis0 @0:13 b 23.250.240.106,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:31 m0n0wall ipmon[85]: 23:31:30.404073 sis0 @0:13 b 39.253.125.51,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:34 m0n0wall ipmon[85]: 23:31:34.076260 sis0 @0:13 b 23.238.136.77,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:38 m0n0wall ipmon[85]: 23:31:37.972298 sis0 @0:13 b 23.255.89.94,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:41 m0n0wall ipmon[85]: 23:31:40.322696 sis0 @0:13 b 5.241.97.242,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:41 m0n0wall ipmon[85]: 23:31:40.422760 sis0 @0:13 b 23.248.170.125,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:42 m0n0wall ipmon[85]: 23:31:41.958187 sis0 @0:13 b 5.255.148.161,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:42 m0n0wall ipmon[85]: 23:31:41.993065 sis0 @0:13 b 41.243.196.74,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:47 m0n0wall ipmon[85]: 23:31:46.437344 sis0 @0:13 b 41.244.154.187,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:51 m0n0wall ipmon[85]: 23:31:50.559322 sis0 @0:13 b 23.243.96.219,60069 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:31:51 m0n0wall ipmon[85]: 23:31:51.118630 sis0 @0:13 b 23.231.109.66,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:01 m0n0wall ipmon[85]: 23:32:00.558084 sis0 @0:13 b 2.255.201.233,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:01 m0n0wall ipmon[85]: 23:32:01.111856 sis0 @0:13 b 1.118.246.164,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:11 m0n0wall ipmon[85]: 23:32:10.510603 sis0 @0:13 b 31.0.214.58,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:20 m0n0wall ipmon[85]: 23:32:19.457865 sis0 @0:13 b 1.18.93.58,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:22 m0n0wall ipmon[85]: 23:32:21.365370 sis0 @0:13 b 23.240.175.41,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:23 m0n0wall ipmon[85]: 23:32:22.760560 sis0 @0:13 b 14.243.62.74,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:26 m0n0wall ipmon[85]: 23:32:25.409970 sis0 @0:13 b 39.233.2.89,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:27 m0n0wall ipmon[85]: 23:32:26.493672 sis0 @0:13 b 23.255.160.251,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:28 m0n0wall ipmon[85]: 23:32:28.049752 sis0 @0:13 b 29.244.116.109,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:37 m0n0wall ipmon[85]: 23:32:36.934931 sis0 @0:13 b 39.5.205.139,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:44 m0n0wall ipmon[85]: 23:32:43.645178 sis0 @0:13 b 23.231.109.66,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:46 m0n0wall ipmon[85]: 23:32:46.114351 sis0 @0:13 b 23.7.31.50,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:52 m0n0wall ipmon[85]: 23:32:51.508408 sis0 @0:13 b 14.243.159.59,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:32:52 m0n0wall ipmon[85]: 23:32:51.866459 sis0 @0:13 b 39.237.136.38 -> 23.250.58.114 PR
icmp len 20 91 icmp unreach/port for 23.250.58.114,1916 - 39.237.136.38,4672 PR udp len 20 63 IN
>Mar 24 23:32:58 m0n0wall ipmon[85]: 23:32:57.766548 sis0 @0:13 b 1.255.227.17,1823 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:01 m0n0wall ipmon[85]: 23:33:00.286038 sis0 @0:13 b 1.80.6.92,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:03 m0n0wall ipmon[85]: 23:33:03.208090 sis0 @0:13 b 1.13.135.66,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:08 m0n0wall ipmon[85]: 23:33:07.320981 sis0 @0:13 b 1.19.119.58,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:09 m0n0wall ipmon[85]: 23:33:09.182633 sis0 @0:13 b 41.243.186.181,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:11 m0n0wall ipmon[85]: 23:33:10.349760 sis0 @0:13 b 23.7.31.50,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:26 m0n0wall ipmon[85]: 23:33:25.776580 sis0 @0:13 b 23.234.16.110,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:32 m0n0wall ipmon[85]: 23:33:31.504992 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN
>Mar 24 23:33:35 m0n0wall ipmon[85]: 23:33:34.321952 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN
>Mar 24 23:33:41 m0n0wall ipmon[85]: 23:33:40.324772 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN
>Mar 24 23:33:44 m0n0wall ipmon[85]: 23:33:43.814701 sis0 @0:13 b 5.255.255.50,4672 ->
23.250.58.114,1916 PR udp len 20 63 IN
>Mar 24 23:33:53 m0n0wall ipmon[85]: 23:33:52.330190 tun1 @0:14 b 10.20.0.1,58933 ->
192.168.30.3,3389 PR tcp len 20 60 -S IN
>
>  
>
>------------------------------------------------------------------------
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
Pit,
sorry, I wuold say "the logging for the rule was already turned on" !

Oh My ! :-)

Cheers