[ previous ] [ next ] [ threads ]
 
 From:  "Evan Talley" <grime at forbiddenninja dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] How to run ipfstat
 Date:  Tue, 22 Jun 2004 15:20:16 -0500
Heh, yeah I forgot all about status.php. Duh. Well, I'm kind of new to this
I suppose. Anyways, going off of that I think it is this rule that is
causing me some troubles:

@15 block in log quick proto tcp from any to any

Here is some of the log:

Jun 22 14:10:03 m0n0wall ipmon[57]: 14:10:02.505270 ng0 @0:15 b
65.61.220.204,80 -> 69.29.133.211,7478 PR tcp len 20 40 -AF IN
Jun 22 14:10:06 m0n0wall ipmon[57]: 14:10:06.087642 ng0 @0:15 b
66.28.242.50,80 -> 192.168.0.2,3621 PR tcp len 20 1420 -A IN
Jun 22 14:10:15 m0n0wall ipmon[57]: 14:10:14.495634 ng0 @0:15 b
65.61.220.204,80 -> 69.29.133.211,7478 PR tcp len 20 40 -AF IN
Jun 22 14:10:38 m0n0wall ipmon[57]: 14:10:38.512460 ng0 @0:15 b
65.61.220.204,80 -> 69.29.133.211,7478 PR tcp len 20 40 -AF IN
Jun 22 14:11:27 m0n0wall ipmon[57]: 14:11:26.511299 ng0 @0:15 b
65.61.220.204,80 -> 69.29.133.211,7478 PR tcp len 20 40 -AF IN
Jun 22 14:11:55 m0n0wall ipmon[57]: 14:11:54.954259 ng0 @0:15 b
208.255.43.151,80 -> 192.168.0.10,2748 PR tcp len 20 43 -AR IN
Jun 22 14:11:55 m0n0wall ipmon[57]: 14:11:54.954559 ng0 @0:15 b
208.255.43.151,80 -> 192.168.0.10,2749 PR tcp len 20 43 -AR IN
Jun 22 14:12:47 m0n0wall ipmon[57]: 14:12:47.798236 ng0 @0:15 b
209.66.118.161,80 -> 192.168.0.17,1765 PR tcp len 20 421 -AP IN

This is a problem not only because it's flooding my logs, but my downloads
time out half the time as well. Very annoying. I tried making a rule to
allow port 80 to pass through, but it didn't have any affect. Any ideas?

-Evan
grime at forbiddenninja dot com

----Original Message-----
From: Joey Morin [mailto:jmorin at icomm dot ca] 
Sent: Tuesday, June 22, 2004 2:08 PM
To: Evan Talley
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] How to run ipfstat


This one time, at band camp, Evan Talley said:

> I'm having some problems getting things through my firewall, and I would
> like to look at the specific rule that is causing the problem using
> ipfstat. How can I get to a shell prompt to do that though? I run
> m0n0wall off of a cd and floppy. Do I have to load it onto the hard
> drive to be able to get to the shell prompt? Thanks.

you can't get a shell prompt on any build.  the closest thing is exec.php.

you can find what you're looking for with status.php

jj