Журнал лабораторных работ

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 14:49:31 2009
*filter
:INPUT ACCEPT [3818:1152062]
:FORWARD ACCEPT [2292:800904]
:OUTPUT ACCEPT [3601:267046]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -j DROP
COMMIT
# Completed on Tue Jun  2 14:49:31 2009

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      27942/inetd
tcp        0      0 0.0.0.0:9999            0.0.0.0:*               LISTEN      27942/inetd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2500/sshd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      2767/exim4
tcp6       0      0 :::22                   :::*                    LISTEN      2500/sshd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     6942     2479/syslog-ng      /dev/log
...
unix  2      [ ACC ]     STREAM     LISTENING     9818     3229/gam_server     @/tmp/fam-user-
unix  2      [ ACC ]     STREAM     LISTENING     9633     3204/dbus-daemon    @/tmp/dbus-EC6zISBDvc
unix  2      [ ACC ]     STREAM     LISTENING     8003     2969/X              /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     8939     3075/gnome-keyring- /tmp/keyring-rvHTC9/socket
unix  2      [ ACC ]     STREAM     LISTENING     9618     3200/ssh-agent      /tmp/ssh-FHfjyZ3088/agent.3088
unix  2      [ ACC ]     STREAM     LISTENING     9664     3088/x-session-mana /tmp/.ICE-unix/3088
unix  2      [ ACC ]     STREAM     LISTENING     41723    9233/gconfd-2       /tmp/orbit-user/linc-2411-0-a2ed27f5d697
unix  2      [ ACC ]     STREAM     LISTENING     41744    9229/firefox-bin    /tmp/orbit-user/linc-240d-0-bd3c1d668904
unix  2      [ ACC ]     STREAM     LISTENING     309516   26488/notification- /tmp/orbit-user/linc-6778-0-6fcbd4f611dd1
unix  2      [ ACC ]     STREAM     LISTENING     7312     2798/hald           @/var/run/hald/dbus-qn33AKyYVr

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      27942/inetd
tcp        0      0 0.0.0.0:9999            0.0.0.0:*               LISTEN      27942/inetd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2500/sshd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      2767/exim4
tcp6       0      0 :::22                   :::*                    LISTEN      2500/sshd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     6942     2479/syslog-ng      /dev/log
...
unix  2      [ ACC ]     STREAM     LISTENING     9818     3229/gam_server     @/tmp/fam-user-
unix  2      [ ACC ]     STREAM     LISTENING     9633     3204/dbus-daemon    @/tmp/dbus-EC6zISBDvc
unix  2      [ ACC ]     STREAM     LISTENING     8003     2969/X              /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     8939     3075/gnome-keyring- /tmp/keyring-rvHTC9/socket
unix  2      [ ACC ]     STREAM     LISTENING     9618     3200/ssh-agent      /tmp/ssh-FHfjyZ3088/agent.3088
unix  2      [ ACC ]     STREAM     LISTENING     9664     3088/x-session-mana /tmp/.ICE-unix/3088
unix  2      [ ACC ]     STREAM     LISTENING     41723    9233/gconfd-2       /tmp/orbit-user/linc-2411-0-a2ed27f5d697
unix  2      [ ACC ]     STREAM     LISTENING     41744    9229/firefox-bin    /tmp/orbit-user/linc-240d-0-bd3c1d668904
unix  2      [ ACC ]     STREAM     LISTENING     309516   26488/notification- /tmp/orbit-user/linc-6778-0-6fcbd4f611dd1
unix  2      [ ACC ]     STREAM     LISTENING     7312     2798/hald           @/var/run/hald/dbus-qn33AKyYVr

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:03:44 2009
*filter
:INPUT ACCEPT [6250:1980624]
:FORWARD ACCEPT [4507:2025851]
:OUTPUT ACCEPT [6009:424397]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
COMMIT
# Completed on Tue Jun  2 15:03:44 2009

PING tango.eb.co.ua (62.80.163.45) 56(84) bytes of data.
64 bytes from alpha.eb.co.ua (62.80.163.45): icmp_seq=1 ttl=56 time=11.1 ms
64 bytes from alpha.eb.co.ua (62.80.163.45): icmp_seq=2 ttl=56 time=13.3 ms
^C
--- tango.eb.co.ua ping statistics ---
3 packets transmitted, 2 received, 33% packet loss, time 2003ms
rtt min/avg/max/mdev = 11.111/12.235/13.360/1.129 ms

@RELATED

26.4
27.9

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:16:04 2009
*filter
:INPUT ACCEPT [7817:3428998]
:FORWARD ACCEPT [5251:2465615]
:OUTPUT ACCEPT [7641:580689]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
COMMIT
# Completed on Tue Jun  2 15:16:04 2009

iptables v1.4.3.2: Invalid rule number `INPUT'
Try `iptables -h' or 'iptables --help' for more information.

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:25:13 2009
*filter
:INPUT ACCEPT [9402:4089457]
:FORWARD ACCEPT [7350:2816305]
:OUTPUT ACCEPT [8983:676045]
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -j DROP
COMMIT
# Completed on Tue Jun  2 15:25:13 2009

bash: iptablessave: команда не найдена

--- /tmp/l3-saved-7021.11315.3410	2009-06-02 15:27:51.000000000 +0300
+++ /etc/network/iptables	2009-06-02 15:29:05.000000000 +0300
@@ -3,8 +3,8 @@
 :INPUT ACCEPT [9411:4090841]
 :FORWARD ACCEPT [7940:3203227]
 :OUTPUT ACCEPT [9016:678795]
--A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP 
--A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 
--A INPUT -p tcp -j DROP 
+#-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT 
+#-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 
+#-A INPUT -p tcp -j DROP 
 COMMIT
 # Completed on Tue Jun  2 15:27:40 2009

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:29:20 2009
*filter
:INPUT ACCEPT [9414:4091310]
:FORWARD ACCEPT [8064:3213723]
:OUTPUT ACCEPT [9028:679509]
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -j DROP
COMMIT
# Completed on Tue Jun  2 15:29:20 2009

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:29:40 2009
*filter
:INPUT ACCEPT [9414:4091310]
:FORWARD ACCEPT [8200:3232619]
:OUTPUT ACCEPT [9028:679509]
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -j DROP
COMMIT
# Completed on Tue Jun  2 15:29:40 2009

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:29:44 2009
*filter
:INPUT ACCEPT [9414:4091310]
:FORWARD ACCEPT [8202:3232995]
:OUTPUT ACCEPT [9029:679569]
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -j DROP
COMMIT
# Completed on Tue Jun  2 15:29:44 2009

#iptables-restore < /etc/network/i

if-down.d/      if-post-down.d/ if-pre-up.d/    if-up.d/        interfaces      iptables

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      27942/inetd
tcp        0      0 0.0.0.0:9999            0.0.0.0:*               LISTEN      27942/inetd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2500/sshd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      2767/exim4
tcp6       0      0 :::22                   :::*                    LISTEN      2500/sshd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     6942     2479/syslog-ng      /dev/log
...
unix  2      [ ACC ]     STREAM     LISTENING     9818     3229/gam_server     @/tmp/fam-user-
unix  2      [ ACC ]     STREAM     LISTENING     9633     3204/dbus-daemon    @/tmp/dbus-EC6zISBDvc
unix  2      [ ACC ]     STREAM     LISTENING     8003     2969/X              /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     8939     3075/gnome-keyring- /tmp/keyring-rvHTC9/socket
unix  2      [ ACC ]     STREAM     LISTENING     9618     3200/ssh-agent      /tmp/ssh-FHfjyZ3088/agent.3088
unix  2      [ ACC ]     STREAM     LISTENING     9664     3088/x-session-mana /tmp/.ICE-unix/3088
unix  2      [ ACC ]     STREAM     LISTENING     41723    9233/gconfd-2       /tmp/orbit-user/linc-2411-0-a2ed27f5d697
unix  2      [ ACC ]     STREAM     LISTENING     41744    9229/firefox-bin    /tmp/orbit-user/linc-240d-0-bd3c1d668904
unix  2      [ ACC ]     STREAM     LISTENING     309516   26488/notification- /tmp/orbit-user/linc-6778-0-6fcbd4f611dd1
unix  2      [ ACC ]     STREAM     LISTENING     7312     2798/hald           @/var/run/hald/dbus-qn33AKyYVr

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:34:49 2009
*filter
:INPUT ACCEPT [44:4012]
:FORWARD ACCEPT [174:16248]
:OUTPUT ACCEPT [88:7654]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
COMMIT
# Completed on Tue Jun  2 15:34:49 2009

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:45:28 2009
*filter
:INPUT ACCEPT [254:77096]
:FORWARD ACCEPT [222:23344]
:OUTPUT ACCEPT [302:43395]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
COMMIT
# Completed on Tue Jun  2 15:45:28 2009

#ipt

iptables          iptables-apply    iptables-restore  iptables-save     iptables-xml      iptunnel

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:49:33 2009
*filter
:INPUT ACCEPT [804:799926]
:FORWARD ACCEPT [999:362793]
:OUTPUT ACCEPT [685:79225]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A INPUT -p tcp -m conntrack --ctstate ESTABLISHED -j ACCEPT
COMMIT
# Completed on Tue Jun  2 15:49:33 2009

--- /tmp/l3-saved-7021.26113.23345	2009-06-02 15:50:55.000000000 +0300
+++ /etc/network/iptables	2009-06-02 15:51:37.000000000 +0300
@@ -4,7 +4,9 @@
 :FORWARD ACCEPT [1003:363135]
 :OUTPUT ACCEPT [694:80953]
 -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 
--A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP 
 -A INPUT -p tcp -m conntrack --ctstate ESTABLISHED -j ACCEPT 
+-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP 
+
 COMMIT
+
 # Completed on Tue Jun  2 15:50:45 2009

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 15:52:10 2009
*filter
:INPUT ACCEPT [1:182]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9:1389]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
COMMIT
# Completed on Tue Jun  2 15:52:10 2009

#cat /proc/net/ip_

ip_conntrack         ip_mr_cache          ip_tables_matches    ip_tables_targets
ip_conntrack_expect  ip_mr_vif            ip_tables_names

tcp      6 431945 ESTABLISHED src=10.0.35.100 dst=192.168.103.2 sport=22 dport=55618 packets=14 bytes=1400 src=192.168.103.2 dst=10.0.35.100 sport=55618 dport=22 packets=2 bytes=200 [ASSURED] mark=0 secmark=0 use=1
tcp      6 10 TIME_WAIT src=192.168.15.6 dst=193.19.96.8 sport=60940 dport=80 packets=14 bytes=1368 src=193.19.96.8 dst=192.168.15.6 sport=80 dport=60940 packets=13 bytes=7717 [ASSURED] mark=0 secmark=0 use=1
tcp      6 77 TIME_WAIT src=192.168.15.6 dst=193.239.68.78 sport=49222 dport=80 packets=5 bytes=781 src=193.239.68.78 dst=192.168.15.6 sport=80 dport=49222 packets=4 bytes=362 [ASSURED] mark=0 secmark=0 use=1
tcp      6 14 TIME_WAIT src=192.168.15.6 dst=193.239.68.78 sport=49198 dport=80 packets=5 bytes=738 src=193.239.68.78 dst=192.168.15.6 sport=80 dport=49198 packets=4 bytes=843 [ASSURED] mark=0 secmark=0 use=1
tcp      6 13 TIME_WAIT src=192.168.15.6 dst=193.239.68.78 sport=49187 dport=80 packets=5 bytes=748 src=193.239.68.78 dst=192.168.15.6 sport=80 dport=49187 packets=4 bytes=362 [ASSURED] mark=0 secmark=0 use=1
udp      17 14 src=192.168.103.2 dst=10.0.35.1 sport=44241 dport=53 packets=1 bytes=60 src=10.0.35.1 dst=192.168.103.2 sport=53 dport=44241 packets=1 bytes=110 mark=0 secmark=0 use=1
tcp      6 70 TIME_WAIT src=192.168.15.6 dst=87.118.88.125 sport=56162 dport=80 packets=13 bytes=2231 src=87.118.88.125 dst=192.168.15.6 sport=80 dport=56162 packets=10 bytes=6864 [ASSURED] mark=0 secmark=0 use=1
tcp      6 85 TIME_WAIT src=192.168.15.6 dst=74.125.87.100 sport=33423 dport=80 packets=12 bytes=4704 src=74.125.87.100 dst=192.168.15.6 sport=80 dport=33423 packets=8 bytes=1736 [ASSURED] mark=0 secmark=0 use=1
tcp      6 70 TIME_WAIT src=192.168.15.6 dst=87.118.88.125 sport=56158 dport=80 packets=50 bytes=5809 src=87.118.88.125 dst=192.168.15.6 sport=80 dport=56158 packets=51 bytes=66820 [ASSURED] mark=0 secmark=0 use=1
tcp      6 15 TIME_WAIT src=192.168.15.6 dst=88.212.196.66 sport=53867 dport=80 packets=5 bytes=958 src=88.212.196.66 dst=192.168.15.6 sport=80 dport=53867 packets=4 bytes=541 [ASSURED] mark=0 secmark=0 use=1
...
tcp      6 85 TIME_WAIT src=192.168.15.6 dst=193.19.96.8 sport=60921 dport=80 packets=75 bytes=7896 src=193.19.96.8 dst=192.168.15.6 sport=80 dport=60921 packets=70 bytes=74348 [ASSURED] mark=0 secmark=0 use=1
udp      17 115 src=192.168.15.6 dst=10.0.35.1 sport=49823 dport=53 packets=2 bytes=150 src=10.0.35.1 dst=192.168.15.6 sport=53 dport=49823 packets=2 bytes=546 [ASSURED] mark=0 secmark=0 use=1
tcp      6 70 TIME_WAIT src=192.168.15.6 dst=193.239.68.41 sport=57016 dport=80 packets=6 bytes=783 src=193.239.68.41 dst=192.168.15.6 sport=80 dport=57016 packets=5 bytes=1278 [ASSURED] mark=0 secmark=0 use=1
tcp      6 14 TIME_WAIT src=192.168.15.6 dst=91.198.36.16 sport=47650 dport=80 packets=5 bytes=899 src=91.198.36.16 dst=192.168.15.6 sport=80 dport=47650 packets=5 bytes=1104 [ASSURED] mark=0 secmark=0 use=1
tcp      6 77 TIME_WAIT src=192.168.15.6 dst=88.212.196.77 sport=55361 dport=80 packets=5 bytes=754 src=88.212.196.77 dst=192.168.15.6 sport=80 dport=55361 packets=4 bytes=917 [ASSURED] mark=0 secmark=0 use=1
tcp      6 14 TIME_WAIT src=192.168.15.6 dst=193.19.96.5 sport=34213 dport=80 packets=7 bytes=837 src=193.19.96.5 dst=192.168.15.6 sport=80 dport=34213 packets=7 bytes=5700 [ASSURED] mark=0 secmark=0 use=1
udp      17 113 src=192.168.15.6 dst=10.0.35.1 sport=57666 dport=53 packets=2 bytes=110 src=10.0.35.1 dst=192.168.15.6 sport=53 dport=57666 packets=2 bytes=253 [ASSURED] mark=0 secmark=0 use=1
tcp      6 40 TIME_WAIT src=192.168.15.6 dst=213.156.73.22 sport=44090 dport=80 packets=7 bytes=912 src=213.156.73.22 dst=192.168.15.6 sport=80 dport=44090 packets=6 bytes=1312 [ASSURED] mark=0 secmark=0 use=1
udp      17 114 src=192.168.15.6 dst=10.0.35.1 sport=59465 dport=53 packets=2 bytes=146 src=10.0.35.1 dst=192.168.15.6 sport=53 dport=59465 packets=2 bytes=552 [ASSURED] mark=0 secmark=0 use=1
tcp      6 78 TIME_WAIT src=192.168.15.6 dst=88.212.196.77 sport=55353 dport=80 packets=7 bytes=1038 src=88.212.196.77 dst=192.168.15.6 sport=80 dport=55353 packets=4 bytes=479 [ASSURED] mark=0 secmark=0 use=1

root@10.0.35.100's password:
Linux linux0 2.6.18-6-xen-686 #1 SMP Sun Feb 10 22:43:13 UTC 2008 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Jun  2 16:06:38 2009 from linux13.unix.nt
l3-agent is already running: pid=1765; pidfile=/root/.lilalo/l3-agent.pid

#cat /proc/net/ip_

ip_conntrack         ip_mr_cache          ip_tables_matches    ip_tables_targets
ip_conntrack_expect  ip_mr_vif            ip_tables_names

tcp      6 431893 ESTABLISHED src=192.168.15.7 dst=192.168.15.6 sport=42669 dport=22 packets=97 bytes=7252 src=192.168.15.6 dst=192.168.15.7 sport=22 dport=42669 packets=52 bytes=6960 [ASSURED] mark=0 secmark=0 use=1
tcp      6 431987 ESTABLISHED src=192.168.15.6 dst=10.0.35.100 sport=54367 dport=22 packets=358 bytes=21043 src=10.0.35.100 dst=192.168.15.6 sport=22 dport=54367 packets=347 bytes=60495 [ASSURED] mark=0 secmark=0 use=1
udp      17 11 src=192.168.15.6 dst=10.0.35.1 sport=37203 dport=53 packets=1 bytes=52 src=10.0.35.1 dst=192.168.15.6 sport=53 dport=37203 packets=1 bytes=182 mark=0 secmark=0 use=1
tcp      6 101 TIME_WAIT src=192.168.15.6 dst=194.150.93.78 sport=38617 dport=18030 packets=5 bytes=973 src=194.150.93.78 dst=192.168.15.6 sport=18030 dport=38617 packets=4 bytes=228 [ASSURED] mark=0 secmark=0 use=1
tcp      6 431975 ESTABLISHED src=192.168.15.6 dst=212.109.52.54 sport=55343 dport=5222 packets=63 bytes=9128 src=212.109.52.54 dst=192.168.15.6 sport=5222 dport=55343 packets=42 bytes=15740 [ASSURED] mark=0 secmark=0 use=1

25.9
28.1

iptable -t nat A POSTROUTING -s 192.168.103.0/24 -o eth0 -j MASQUERADE

root@192.168.15.1's password:
Linux linux1 2.6.29-2-686 #1 SMP Sun May 17 17:56:29 UTC 2009 i686
The programs included with the Debian GNU/Linux system are free software;
the ex