Re: [Nufw-users] no reaction

nufw-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nufw-users] no reaction

From:	Henrik Lohse
Subject:	Re: [Nufw-users] no reaction
Date:	Tue, 23 Dec 2003 13:31:39 +0100 (CET)

hola,

On Mon, 22 Dec 2003, Eric Leblond wrote:

> Le lun 22/12/2003 Ã  19:16, Henrik Lohse a Ã©crit :
> > hi again,
> >
> >  > to try it out, i put a nuAccount user (gid 1000) into my ldap and put
> > i had a rule
> > iptables -I FORWARD 5 -j QUEUE
> > (thus without the state NEW thing, but it doesn't work with it, either)
> >
> > > Is nufw running on the gateway ?
> > yes it is running and in full debug mode, it frequently prints a line
> > [25460] rx : 0, tx : 0, track_size : 0, start_list : (nil)
> >
> > no change while trying to connect to the website.
>
> ok, check two things :
>  1. Is the ip_queue module loaded ? the QUEUE target does not complain
> when it's missing.

that was the problem, i had a kernel with no support for loadable
modules but all netfilter options built in. but i didn't have
support for experimental stuff ...

>  2. iptables -L FORWARD -nv to check if you have packet reaching line 5
> (we never know ;-)

    7   348 QUEUE      all  --  *      *       0.0.0.0/0
0.0.0.0/0           state NEW

one request to the website, packet counter notes it...
it reaches the QUEUE target ...

>
> >
> > nuauth ist running on the gateway,too. it produces some messages like
> >
> > entering user_check
> > user
> > connection: src=192.168.0.2 dst=ip_website proto=6
> > sport=33764 dport=80
>
> well so nutcpc send his packets. Hope that we will have soon have more
> messages.
>
> BR,
> --
> Eric Leblond
> Nufw, Now User Filtering Works (http://www.nufw.org)
>
it is getting better :-)

right now i get messages

[2399] Sending request for 3244901600
[2397] Dropped 3244901600
[2397] rx : 51, tx : 0, track_size : 3, start_list : 0x804ee50

but my packets don't get through ...
my rules are:
nuaclgen -L -g 0
src: 0.0.0.0-255.255.255.255 0:65536 dst 0.0.0.0-255.255.255.255 0:65536
ACCEPT

nuaclgen -L -g 1000
src: 0.0.0.0-255.255.255.255 0:65536 dst 0.0.0.0-255.255.255.255 0:65536
ACCEPT

the user-id with wich i am connection using nutcpc is 10000 with Group
1000.

any ideas about that would be very welcome,

thanks a lot and merry chrismas
 henne

[Prev in Thread]

Current Thread

[Next in Thread]

[Nufw-users] no reaction, Henrik Lohse, 2003/12/19
- Re: [Nufw-users] no reaction, Eric Leblond, 2003/12/19
  - Re: [Nufw-users] no reaction, Henrik Lohse, 2003/12/22
    - Re: [Nufw-users] no reaction, Eric Leblond, 2003/12/22
    - Re: [Nufw-users] no reaction, Henrik Lohse <=
    - Re: [Nufw-users] no reaction, Eric Leblond, 2003/12/23
    - Re: [Nufw-users] no reaction, Henrik Lohse, 2003/12/23
    - Re: [Nufw-users] no reaction, Eric Leblond, 2003/12/23
    - Re: [Nufw-users] no reaction, Vincent Deffontaines, 2003/12/23

Prev by Date: Re: [Nufw-users] no reaction
Next by Date: Re: [Nufw-users] no reaction
Previous by thread: Re: [Nufw-users] no reaction
Next by thread: Re: [Nufw-users] no reaction
Index(es):
- Date
- Thread