<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: cipe-1.5.4, kernel 2.4.19, kernel messages
From: "Steve Ripps" <stever,AT,sttc,DOT,net,DOT,au>
Date: Mon, 12 Aug 2002 12:12:43 +0200

My test setup:

GW: kernel 2.2.20
ppp2: 203.52.103.254
cipcb0: 10.2.0.254

tux: kernel 2.4.19 
ppp0: 203.52.103.193
cicb0: 10.2.1.254

Does cipe need to be updated slightly to work OK with kernel 2.4.19?
Thanks in advance for any advice you can give me :)

Steve.

13:54:20 root@tux:/var/log# tail messages.log
Aug 11 13:54:04 tux kernel: cipcb0: cipe_recvmsg
Aug 11 13:54:04 tux kernel: cipcb0: setkey
Aug 11 13:54:04 tux kernel: cipcb0: cipe_sendmsg
Aug 11 13:54:04 tux kernel: cipcb0: cipe_recvmsg
Aug 11 13:54:04 tux kernel: ip_finish_output: bad unowned skb = cf018d40: 
POST_ROUTING
Aug 11 13:54:04 tux kernel: skb: pf=2 (unowned) dev=ppp0 len=124
Aug 11 13:54:04 tux kernel: PROTO=17 203.52.103.193:32780 203.52.103.254:1148 
L=124 S=0x00 I=15355 
F=0x0000 T=127
Aug 11 13:54:06 tux kernel: ip_finish_output: bad unowned skb = cf018ec0: 
POST_ROUTING
Aug 11 13:54:06 tux kernel: skb: pf=2 (unowned) dev=ppp0 len=124
Aug 11 13:54:06 tux kernel: PROTO=17 203.52.103.193:32780 203.52.103.254:1148 
L=124 S=0x00 I=15356 
F=0x0000 T=127
13:54:33 root@tux:/var/log#
13:54:33 root@tux:/var/log# uname -a
Linux tux 2.4.19 #1 Tue Aug 6 15:36:07 EST 2002 i586 unknown

13:55:39 root@tux:/var/log# lsmod
Module                  Size  Used by
cipcb                  27744   1  (autoclean)
ppp_deflate            40832   2  (autoclean)
bsd_comp                4000   0  (autoclean)
ppp_async               6480   1  (autoclean)
ppp_generic            18176   3  (autoclean) [ppp_deflate bsd_comp ppp_async]
slhc                    4608   1  (autoclean) [ppp_generic]
ipt_MASQUERADE          1712   1  (autoclean)
ip_nat_irc              2896   0  (unused)
ip_conntrack_irc        2784   0  [ip_nat_irc]
ip_nat_ftp              3696   0  (unused)
ip_conntrack_ftp        3696   0  [ip_nat_ftp]
ipt_REDIRECT             736   2  (autoclean)
ipt_TCPMSS              2368   1  (autoclean)
ipt_REJECT              2752   5  (autoclean)
ipt_state                576   2  (autoclean)
ipt_LOG                 3184   2  (autoclean)
ipt_limit                928   2  (autoclean)
iptable_mangle          2112   0  (autoclean) (unused)
iptable_nat            18832   3  (autoclean) [ipt_MASQUERADE ip_nat_irc 
ip_nat_ftp ipt_REDIRECT]
ip_conntrack           20304   4  (autoclean) [ipt_MASQUERADE ip_nat_irc 
ip_conntrack_irc 
ip_nat_ftp ip_conntrack_ftp ipt_REDIRECT ipt_state iptable_nat]
iptable_filter          1728   1  (autoclean)
ip_tables              13248  12  [ipt_MASQUERADE ipt_REDIRECT ipt_TCPMSS 
ipt_REJECT ipt_state 
ipt_LOG ipt_limit iptable_mangle iptable_nat iptable_filter]
ne2k-pci                5088   1  (autoclean)
8390                    6016   0  (autoclean) [ne2k-pci]
tulip                  39472   1  (autoclean)
13:56:09 root@tux:/var/log#

13:56:09 root@tux:/var/log# ifconfig
cipcb0    Link encap:IPIP Tunnel  HWaddr
          inet addr:10.2.1.254  P-t-P:10.2.0.254  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP  MTU:1442  Metric:1
          RX packets:19 errors:1 dropped:0 overruns:0 frame:1
          TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100

eth0      Link encap:Ethernet  HWaddr 00:50:BF:13:BB:99
          inet addr:10.0.0.254  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:43704 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49542 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:10 Base address:0xdc00

eth1      Link encap:Ethernet  HWaddr 00:60:67:49:61:6D
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:12 Base address:0xe000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1158 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1158 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

ppp0      Link encap:Point-to-Point Protocol
          inet addr:203.52.103.193  P-t-P:203.52.103.254  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1490  Metric:1
          RX packets:32332 errors:1 dropped:0 overruns:0 frame:0
          TX packets:27637 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3

13:56:36 root@tux:/var/log#

Table: filter
-------------
Chain INPUT (policy ACCEPT 20790 packets, 3589K bytes)
 pkts bytes target     prot opt in     out     source               
destination         
20812 3590K account    all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         
20811 3590K in_filter  all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
53864 4799K account    all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         
    0     0 ACCEPT     all  --  cip+   *       0.0.0.0/0            0.0.0.0/0 
         
    3   234 ACCEPT     all  --  *      cip+    0.0.0.0/0            0.0.0.0/0 
         
53861 4799K out_filt   all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         
53861 4799K in_filter  all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         
  214 10516 TCPMSS     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0 
         tcp 
flags:0x06/0x02 TCPMSS clamp to PMTU 
    0     0 REJECT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:110 
reject-with icmp-port-unreachable 
    0     0 REJECT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:143 
reject-with icmp-port-unreachable 
    0     0 REJECT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:220 
reject-with icmp-port-unreachable 
24773 2184K ACCEPT     all  --  eth0   *       0.0.0.0/0            0.0.0.0/0 
         
29080 2614K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         state 
RELATED,ESTABLISHED 
    0     0 log_drop   all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         

Chain OUTPUT (policy ACCEPT 21771 packets, 3369K bytes)
 pkts bytes target     prot opt in     out     source               
destination         
21770 3369K account    all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         
21769 3369K out_filt   all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         

Chain account (3 references)
 pkts bytes target     prot opt in     out     source               
destination         
    8   521            all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0 
         
   12   773            all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         

Chain in_filter (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 log_drop   all  --  ppp0   *       192.168.0.0/16       0.0.0.0/0 
         
    0     0 log_drop   all  --  ppp0   *       10.0.0.0/8           0.0.0.0/0 
         
   10   560 log_drop   all  --  ppp0   *       172.16.0.0/12        0.0.0.0/0 
         
   27  1660 RETURN     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:80 
    0     0 RETURN     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         udp dpt:80 
    0     0 RETURN     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:25 
    0     0 RETURN     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         udp dpt:25 
    0     0 RETURN     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:53 
    0     0 RETURN     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         udp dpt:53 
    0     0 RETURN     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:110 
    0     0 RETURN     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         udp dpt:110 
   14   584 RETURN     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         tcp 
dpts:20:21 
    0     0 RETURN     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         udp 
dpts:20:21 
    0     0 RETURN     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:23 
    0     0 RETURN     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         udp dpt:23 
    0     0 RETURN     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:22 
    0     0 RETURN     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         udp dpt:22 
    0     0 RETURN     all  --  ppp0   *       139.130.17.85        0.0.0.0/0 
         
10120 2095K RETURN     all  --  ppp0   *       203.52.78.144/29     0.0.0.0/0 
         
 5269  449K RETURN     all  --  ppp0   *       203.52.103.192/26    0.0.0.0/0 
         
    0     0 RETURN     all  --  ppp0   *       139.130.17.91        0.0.0.0/0 
         
   50  4638 RETURN     icmp --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         
16815 2249K RETURN     all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         state 
RELATED,ESTABLISHED 
   24  1249 LOG        tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         limit: avg 
3/hour burst 5 LOG flags 0 level 4 prefix `in_filter: ' 
   24  1249 REJECT     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         reject-with 
tcp-reset 
    0     0 log_drop   all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0 
         

Chain log_drop (5 references)
 pkts bytes target     prot opt in     out     source               
destination         
    7   392 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         limit: avg 
3/hour burst 5 LOG flags 0 level 4 prefix `log_drop: ' 
   10   560 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0 
         

Chain out_filt (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 REJECT     all  --  *      *       0.0.0.0/0            
199.95.206.210     reject-with 
icmp-port-unreachable 

Table: nat
----------
Chain PREROUTING (policy ACCEPT 283 packets, 29128 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
    1    48 REDIRECT   tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:25 
redir ports 25 
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            127.0.0.1 
         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
172.31.1.1         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            
172.31.2.1         
  243 13136 ACCEPT     all  --  *      *       0.0.0.0/0            
10.0.0.254         
    1    48 REDIRECT   tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0 
         tcp dpt:80 
redir ports 2 

Chain POSTROUTING (policy ACCEPT 287 packets, 17323 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
   23  1926 ACCEPT     all  --  *      cip+    0.0.0.0/0            0.0.0.0/0 
         
  316 28413 MASQUERADE  all  --  *      *       10.0.0.0/24          
0.0.0.0/0          

Chain OUTPUT (policy ACCEPT 475 packets, 33946 bytes)
 pkts bytes target     prot opt in     out     source               
destination         

Table: mangle
-------------
Chain PREROUTING (policy ACCEPT 74683 packets, 8394K bytes)
 pkts bytes target     prot opt in     out     source               
destination         

Chain INPUT (policy ACCEPT 20816 packets, 3591K bytes)
 pkts bytes target     prot opt in     out     source               
destination         

Chain FORWARD (policy ACCEPT 53864 packets, 4799K bytes)
 pkts bytes target     prot opt in     out     source               
destination         

Chain OUTPUT (policy ACCEPT 21771 packets, 3369K bytes)
 pkts bytes target     prot opt in     out     source               
destination         

Chain POSTROUTING (policy ACCEPT 78552 packets, 8624K bytes)
 pkts bytes target     prot opt in     out     source               
destination         

-- 
14:04:42 root@gw:~# tail -n 30 /var/log/messages.log
Aug 11 13:19:36 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:20:24 gw kernel: cipcb0: cipe_sendmsg
Aug 11 13:20:24 gw kernel: cipcb0: setkey
Aug 11 13:20:24 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:20:24 gw kernel: cipcb0: setkey
Aug 11 13:20:24 gw kernel: cipcb0: cipe_sendmsg
Aug 11 13:20:24 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:20:24 gw kernel: cipcb0: setkey
Aug 11 13:20:24 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:35:30 gw -- MARK --
Aug 11 13:54:04 gw kernel: cipcb0: cipe_sendmsg
Aug 11 13:54:04 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:54:04 gw kernel: cipcb0: cipe_sendmsg
Aug 11 13:54:04 gw kernel: cipcb0: setkey
Aug 11 13:54:04 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:54:04 gw kernel: cipcb0: setkey
Aug 11 13:54:04 gw kernel: cipcb0: cipe_sendmsg
Aug 11 13:54:04 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:54:05 gw kernel: cipcb0: cipe_sendmsg
Aug 11 13:54:05 gw kernel: cipcb0: setkey
Aug 11 13:54:05 gw kernel: cipcb0: cipe_recvmsg
Aug 11 13:54:05 gw kernel: cipcb0: setkey
Aug 11 13:54:05 gw kernel: cipcb0: cipe_recvmsg
Aug 11 14:04:27 gw sshd[864]: connect from 203.52.103.193





<< | Thread Index | >> ]    [ << | Date Index | >> ]