Re: [Comm] nat не настроен в iptables а всеравно работает

ALT Linux Community general discussions
 help / color / mirror / Atom feed

From: Igo-aeroflot <igo@aeroflot-don.ru>
To: community@altlinux.ru
Subject: Re: [Comm] nat не настроен в iptables а всеравно работает
Date: Thu, 17 Apr 2003 07:57:37 +0400
Message-ID: <3E9E2631.7020101@aeroflot-don.ru> (raw)
In-Reply-To: <3E9D40EE.9070108@aeroflot-don.rndavia.ru>

1 Я останавливаю iptables
    service iptables stop
    service iptables status
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
2 потом конектюсь к ftp://ftp.altlinux.ru b смотрю /proc/net/ipcontract

tcp      6 431995 ESTABLISHED src=127.0.0.1 dst=127.0.0.1 sport=32768 dport=3493 src=127.0.0.1 dst=127.0.0.1 sport=3493 dport=32768 [ASSURED] use=1 mark=0 
tcp      6 430995 ESTABLISHED src=192.168.89.3 dst=192.168.89.1 sport=3023 dport=993 src=192.168.89.1 dst=192.168.89.3 sport=993 dport=3023 [ASSURED] use=1 mark=0 
tcp      6 431951 ESTABLISHED src=192.168.89.3 dst=81.222.130.6 sport=3027 dport=21 src=81.222.130.6 dst=80.80.122.40 sport=21 dport=3027 [ASSURED] use=2 mark=0 
tcp      6 34 SYN_SENT src=192.168.89.3 dst=62.118.250.7 sport=3026 dport=21 [UNREPLIED] src=62.118.250.7 dst=80.80.122.40 sport=21 dport=3026 use=1 mark=0 
udp      17 25 src=80.80.122.40 dst=192.48.79.30 sport=32779 dport=53 src=192.48.79.30 dst=80.80.122.40 sport=53 dport=32779 [ASSURED] use=1 mark=0 
udp      17 20 src=80.80.122.40 dst=194.226.96.30 sport=32779 dport=53 src=194.226.96.30 dst=80.80.122.40 sport=53 dport=32779 [ASSURED] use=1 mark=0 
udp      17 131 src=80.80.122.40 dst=195.112.96.132 sport=32779 dport=53 src=195.112.96.132 dst=80.80.122.40 sport=53 dport=32779 [ASSURED] use=1 mark=0 
udp      17 24 src=80.80.122.40 dst=81.211.1.234 sport=32779 dport=53 src=81.211.1.234 dst=80.80.122.40 sport=53 dport=32779 [ASSURED] use=1 mark=0 
udp      17 20 src=80.80.122.40 dst=195.112.97.17 sport=32779 dport=53 src=195.112.97.17 dst=80.80.122.40 sport=53 dport=32779 [ASSURED] use=1 mark=0 
udp      17 0 src=192.168.89.3 dst=192.168.89.1 sport=137 dport=137 src=192.168.89.1 dst=192.168.89.3 sport=137 dport=137 [ASSURED] use=1 mark=0 
udp      17 28 src=80.80.122.40 dst=62.118.250.235 sport=32779 dport=53 src=62.118.250.235 dst=80.80.122.40 sport=53 dport=32779 [ASSURED] use=1 mark=0 
tcp      6 71 TIME_WAIT src=81.222.130.6 dst=80.80.122.40 sport=20 dport=3028 src=192.168.89.3 dst=81.222.130.6 sport=3028 dport=20 [ASSURED] use=1 mark=0 
udp      17 131 src=192.168.89.3 dst=192.168.89.1 sport=3012 dport=53 src=192.168.89.1 dst=192.168.89.3 sport=53 dport=3012 [ASSURED] use=1 mark=0 
tcp      6 431437 ESTABLISHED src=192.168.89.3 dst=192.168.89.1 sport=3019 dport=993 src=192.168.89.1 dst=192.168.89.3 sport=993 dport=3019 [ASSURED] use=1 mark=0 
tcp      6 430270 ESTABLISHED src=192.168.89.3 dst=192.168.89.1 sport=3020 dport=993 src=192.168.89.1 dst=192.168.89.3 sport=993 dport=3020 [ASSURED] use=1 mark=0 
tcp      6 431999 ESTABLISHED src=192.168.89.3 dst=192.168.89.1 sport=3021 dport=22 src=192.168.89.1 dst=192.168.89.3 sport=22 dport=3021 [ASSURED] use=1 mark=0 

192.168.89.3 - это комп из локальной сети
192.168.89.1 - это адрес сетевухи которая смотрит в локальную сеть 
80.80.122.40 - интернет IP

     prev parent reply	other threads:[~2003-04-17  3:57 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-04-16 11:39 Igo-aeroflot
2003-04-16 11:45 ` Andrey A. Jelnin
2003-04-16 14:11     ` Roman Savelyev
2003-04-16 14:46       ` Igo-aeroflot
2003-04-16 15:27         ` vic ismakaev
2003-04-16 15:33           ` Sergey Vlasov
2003-04-17  3:57 ` Igo-aeroflot [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3E9E2631.7020101@aeroflot-don.ru \
    --to=igo@aeroflot-don.ru \
    --cc=community@altlinux.ru \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

ALT Linux Community general discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
		mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
	public-inbox-index community

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.community


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git