[isf-wifidog] Client captured but no access to login page.
Scott Tully
scott.tully at gmail.com
Ven 25 Fév 14:15:05 EST 2005
here it is... i also attached the output in dog.txt. Thank you!!!
/sbin/ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:30:BD:1F:08:8B
inet addr:192.168.1.77 Bcast:255.255.255.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32135 errors:0 dropped:0 overruns:0 frame:0
TX packets:23407 errors:0 dropped:0 overruns:0 carrier:0
collisions:1783 txqueuelen:100
RX bytes:16735411 (15.9 MiB) TX bytes:2524480 (2.4 MiB)
Interrupt:9 Base address:0xa000
eth1 Link encap:Ethernet HWaddr 00:30:BD:05:DE:4D
inet addr:10.10.10.1 Bcast:255.255.255.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5834 errors:0 dropped:0 overruns:0 frame:0
TX packets:1210 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1655165 (1.5 MiB) TX bytes:140166 (136.8 KiB)
Interrupt:10 Base address:0xc400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:69 errors:0 dropped:0 overruns:0 frame:0
TX packets:69 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6974 (6.8 KiB) TX bytes:6974 (6.8 KiB)
iptables -vt nat -L
Chain PREROUTING (policy ACCEPT 5040 packets, 1448K bytes)
pkts bytes target prot opt in out source destination
251 56173 WiFiDog_WIFI2Internet all -- eth1 any anywhere
anywhere
3181 927K WiFiDog_Class all -- eth1 any anywhere anywhere
5142 1453K NoCat_Capture all -- any any anywhere anywhere
0 0 DROP tcp -- any any !localhost
anywhere tcp dpt:webcache
0 0 DROP tcp -- any any !localhost
anywhere tcp dpt:3128
Chain POSTROUTING (policy ACCEPT 90 packets, 7167 bytes)
pkts bytes target prot opt in out source destination
93 7311 NoCat_NAT all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 90 packets, 7167 bytes)
pkts bytes target prot opt in out source destination
Chain NoCat_Capture (1 references)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24
anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24
anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24
anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24
anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24
anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 DROP all -- any any anywhere
207.46.249.56 MARK match 0x4
0 0 DROP all -- any any anywhere
207.46.134.92 MARK match 0x4
0 0 REDIRECT tcp -- any any anywhere
anywhere MARK match 0x4 tcp dpt:www redir ports 5280
0 0 DROP all -- any any anywhere
207.46.249.56 MARK match 0x4
0 0 DROP all -- any any anywhere
wu-ori.microsoft.com MARK match 0x4
102 4896 REDIRECT tcp -- any any anywhere
anywhere MARK match 0x4 tcp dpt:https redir ports 5280
Chain NoCat_NAT (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- any eth0 10.10.10.0/24
anywhere MARK match 0x1
0 0 MASQUERADE all -- any eth0 10.10.10.0/24
anywhere MARK match 0x2
0 0 MASQUERADE all -- any eth0 10.10.10.0/24
anywhere MARK match 0x3
3 144 MASQUERADE all -- any eth0 10.10.10.0/24
anywhere MARK match 0x4
0 0 MASQUERADE all -- any eth0 10.10.10.0/24
anywhere MARK match 0x5
0 0 MASQUERADE tcp -- any any 10.10.10.0/24
192.168.1.254 tcp dpt:domain
0 0 MASQUERADE udp -- any any 10.10.10.0/24
192.168.1.254 udp dpt:domain
Chain WiFiDog_AuthServers (1 references)
pkts bytes target prot opt in out source destination
1 48 ACCEPT all -- any any anywhere
wifidog.publicip.net
Chain WiFiDog_Class (1 references)
pkts bytes target prot opt in out source destination
Chain WiFiDog_Known (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- any any anywhere anywhere
Chain WiFiDog_Locked (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere
Chain WiFiDog_Unknown (1 references)
pkts bytes target prot opt in out source destination
20 960 REDIRECT tcp -- any any anywhere
anywhere tcp dpt:www redir ports 2060
Chain WiFiDog_Validate (0 references)
pkts bytes target prot opt in out source destination
0 0 WiFiDog_AuthServers all -- any any anywhere
anywhere
0 0 ACCEPT all -- any any anywhere
PUBLICip.publicip.com
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:bootps
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:bootps
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:domain
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:www
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:pop3
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:pop3s
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:imap2
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:imaps
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:imap3
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:imaps
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:https
0 0 DROP all -- any any anywhere anywhere
Chain WiFiDog_WIFI2Internet (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- any any anywhere
anywhere MARK match 0x2
0 0 RETURN all -- any any anywhere
anywhere MARK match 0x1
251 56173 WiFiDog_Unknown all -- any any anywhere
anywhere
iptables -vt mangle -L
Chain PREROUTING (policy ACCEPT 30229 packets, 17M bytes)
pkts bytes target prot opt in out source destination
334 68542 WiFiDog_Outgoing all -- eth1 any anywhere
anywhere
30229 17M NoCat all -- any any anywhere anywhere
Chain INPUT (policy ACCEPT 25302 packets, 16M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 356 packets, 30710 bytes)
pkts bytes target prot opt in out source destination
9 432 WiFiDog_Incoming all -- eth0 any anywhere
anywhere
Chain OUTPUT (policy ACCEPT 24487 packets, 2262K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 24494 packets, 2263K bytes)
pkts bytes target prot opt in out source destination
173 19384 WiFiDog_Incoming all -- any eth1 anywhere
anywhere
Chain NoCat (1 references)
pkts bytes target prot opt in out source destination
5748 1566K MARK all -- eth1 any anywhere
anywhere MARK set 0x4
Chain WiFiDog_Incoming (2 references)
pkts bytes target prot opt in out source destination
Chain WiFiDog_Outgoing (1 references)
pkts bytes target prot opt in out source destination
iptables -vt filter -L
Chain INPUT (policy ACCEPT 25302 packets, 16M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
9 864 WiFiDog_WIFI2Internet all -- eth1 any anywhere
anywhere
17 816 NoCat all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 24487 packets, 2262K bytes)
pkts bytes target prot opt in out source destination
Chain NoCat (1 references)
pkts bytes target prot opt in out source destination
17 816 NoCat_Ports all -- any any anywhere anywhere
17 816 NoCat_Inbound all -- any any anywhere anywhere
0 0 ACCEPT all -- eth1 any 10.10.10.0/24
anywhere MARK match 0x1
0 0 ACCEPT all -- eth1 any 10.10.10.0/24
anywhere MARK match 0x2
0 0 ACCEPT all -- eth1 any 10.10.10.0/24
anywhere MARK match 0x3
1 48 ACCEPT all -- eth1 any 10.10.10.0/24
anywhere MARK match 0x4
0 0 ACCEPT all -- eth1 any 10.10.10.0/24
anywhere MARK match 0x5
0 0 ACCEPT all -- any eth1 192.168.1.254
10.10.10.0/24
0 0 ACCEPT tcp -- eth1 any 10.10.10.0/24
192.168.1.254 tcp dpt:domain
0 0 ACCEPT udp -- eth1 any 10.10.10.0/24
192.168.1.254 udp dpt:domain
16 768 DROP all -- any any anywhere anywhere
Chain NoCat_Inbound (1 references)
pkts bytes target prot opt in out source destination
Chain NoCat_Ports (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- eth1 any anywhere
anywhere tcp dpt:www MARK match 0x3
0 0 ACCEPT udp -- eth1 any anywhere
anywhere udp dpt:www MARK match 0x3
0 0 ACCEPT tcp -- eth1 any anywhere
anywhere tcp dpt:https MARK match 0x3
0 0 ACCEPT udp -- eth1 any anywhere
anywhere udp dpt:https MARK match 0x3
0 0 ACCEPT tcp -- eth1 any anywhere
anywhere tcp dpt:pop3 MARK match 0x3
0 0 ACCEPT udp -- eth1 any anywhere
anywhere udp dpt:pop3 MARK match 0x3
0 0 ACCEPT tcp -- eth1 any anywhere
anywhere tcp dpt:5280
0 0 ACCEPT udp -- eth1 any anywhere
anywhere udp dpt:5280
0 0 DROP tcp -- eth1 any anywhere
anywhere MARK match 0x3
0 0 DROP udp -- eth1 any anywhere
anywhere MARK match 0x3
0 0 DROP tcp -- eth1 any anywhere
anywhere tcp dpt:telnet MARK match 0x5
0 0 DROP udp -- eth1 any anywhere
anywhere udp dpt:23 MARK match 0x5
0 0 DROP tcp -- eth1 any anywhere
anywhere tcp dpt:smtp MARK match 0x5
0 0 DROP udp -- eth1 any anywhere
anywhere udp dpt:25 MARK match 0x5
0 0 DROP tcp -- eth1 any anywhere
anywhere tcp dpt:sunrpc MARK match 0x5
0 0 DROP udp -- eth1 any anywhere
anywhere udp dpt:sunrpc MARK match 0x5
Chain WiFiDog_AuthServers (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- any any anywhere
wifidog.publicip.net
Chain WiFiDog_Global (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- any any anywhere
69.90.89.192/27
0 0 ACCEPT udp -- any any anywhere
69.90.85.0/27
0 0 ACCEPT tcp -- any any anywhere
69.90.89.205 tcp dpt:www
Chain WiFiDog_Known (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- any any anywhere anywhere
Chain WiFiDog_Locked (1 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- any any anywhere
anywhere reject-with icmp-port-unreachable
Chain WiFiDog_Unknown (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:domain
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:domain
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:bootps
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:bootps
9 864 REJECT all -- any any anywhere
anywhere reject-with icmp-port-unreachable
Chain WiFiDog_Validate (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:bootps
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:bootps
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:domain
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:domain
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:www
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:pop3
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:pop3s
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:imap2
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:imaps
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:imap3
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:https
0 0 REJECT all -- any any anywhere
anywhere reject-with icmp-port-unreachable
Chain WiFiDog_WIFI2Internet (1 references)
pkts bytes target prot opt in out source destination
9 864 WiFiDog_AuthServers all -- any any anywhere
anywhere
0 0 WiFiDog_Locked all -- any any anywhere
anywhere MARK match 0x254
9 864 WiFiDog_Global all -- any any anywhere
anywhere
0 0 WiFiDog_Validate all -- any any anywhere
anywhere MARK match 0x1
0 0 WiFiDog_Known all -- any any anywhere
anywhere MARK match 0x2
9 864 WiFiDog_Unknown all -- any any anywhere
anywhere
On Fri, 25 Feb 2005 13:59:06 -0500, Philippe April
<isf_lists at philippeapril.com> wrote:
> Something's weird.
>
> Here's what's supposed to happen:
>
> 1.Browser tries to reach internet on port 80, wifidog's iptables rules
> say "unauthenticated? port 80 redirection to 2060 locally".
>
> 2.Browser goes to port 2060, wifidog answers and says "you go to
> https:// authserver's_hostname...".
>
> 3.Browser tries to contact https:// authserver's_hostname to get the
> login page.
>
> If this is the part that fails, that means that the firewall is blocking you from
> going there.
>
> Can you start wifidog, and then give me the output of these commands
> (more verbose)?
>
> /sbin/ifconfig -a
> iptables -vt nat -L
> iptables -vt mangle -L
> iptables -vt filter -L
>
> (if you don't mind of course).
>
> Thank you!
>
> On Fri, Feb 25, 2005 at 01:28:35PM -0500, Scott Tully wrote:
> > I just noticed the connection is to port 80 even though i have
> > "SSLAvailable yes" in my wifidog.conf.... is this a problem?
> >
> > Scott
> >
> > > I thought that too and setup dns for the authserver with dnsmasq on
> > > the gateway.
> > >
> > > More debug........
> > >
> > > [7][Fri Feb 25 18:21:04 2005](centralserver.c:187) Level 1: Resolving
> > > auth server [wifidog.publicip.net]
> > > [7][Fri Feb 25 18:21:04 2005](util.c:108) Locking wd_gethostbyname()
> > > [7][Fri Feb 25 18:21:04 2005](util.c:108) wd_gethostbyname() locked
> > > [7][Fri Feb 25 18:21:04 2005](util.c:123) Unlocking wd_gethostbyname()
> > > [7][Fri Feb 25 18:21:04 2005](util.c:123) wd_gethostbyname() unlocked
> > > [7][Fri Feb 25 18:21:04 2005](centralserver.c:241) Level 1: Resolving
> > > auth server [wifidog.publicip.net] succeeded = [192.168.1.76]
> > > [7][Fri Feb 25 18:21:04 2005](centralserver.c:266) Level 1: Connecting
> > > to auth server wifidog.publicip.net:80
> > > [7][Fri Feb 25 18:21:04 2005](centralserver.c:292) Level 1:
> > > Successfully connected to auth server wifidog.publicip.net:80
> > > -end-
> > >
> > > I have tested using just the ilesansfil.org authservers too, but with
> > > the same results.
> > > I keep playing with this, it must be something stupid on my part.
> > >
> >
>
> --
> Philippe April
> GnuPG: http://key.philippeapril.com/
> Skype ID: mousetrap
>
-------------- next part --------------
/sbin/ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:30:BD:1F:08:8B
inet addr:192.168.1.77 Bcast:255.255.255.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32135 errors:0 dropped:0 overruns:0 frame:0
TX packets:23407 errors:0 dropped:0 overruns:0 carrier:0
collisions:1783 txqueuelen:100
RX bytes:16735411 (15.9 MiB) TX bytes:2524480 (2.4 MiB)
Interrupt:9 Base address:0xa000
eth1 Link encap:Ethernet HWaddr 00:30:BD:05:DE:4D
inet addr:10.10.10.1 Bcast:255.255.255.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5834 errors:0 dropped:0 overruns:0 frame:0
TX packets:1210 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1655165 (1.5 MiB) TX bytes:140166 (136.8 KiB)
Interrupt:10 Base address:0xc400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:69 errors:0 dropped:0 overruns:0 frame:0
TX packets:69 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6974 (6.8 KiB) TX bytes:6974 (6.8 KiB)
iptables -vt nat -L
Chain PREROUTING (policy ACCEPT 5040 packets, 1448K bytes)
pkts bytes target prot opt in out source destination
251 56173 WiFiDog_WIFI2Internet all -- eth1 any anywhere anywhere
3181 927K WiFiDog_Class all -- eth1 any anywhere anywhere
5142 1453K NoCat_Capture all -- any any anywhere anywhere
0 0 DROP tcp -- any any !localhost anywhere tcp dpt:webcache
0 0 DROP tcp -- any any !localhost anywhere tcp dpt:3128
Chain POSTROUTING (policy ACCEPT 90 packets, 7167 bytes)
pkts bytes target prot opt in out source destination
93 7311 NoCat_NAT all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 90 packets, 7167 bytes)
pkts bytes target prot opt in out source destination
Chain NoCat_Capture (1 references)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24 anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24 anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24 anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24 anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 REDIRECT tcp -- eth1 any 10.10.10.0/24 anywhere tcp dpt:www MARK match 0x3 redir ports 8080
0 0 DROP all -- any any anywhere 207.46.249.56 MARK match 0x4
0 0 DROP all -- any any anywhere 207.46.134.92 MARK match 0x4
0 0 REDIRECT tcp -- any any anywhere anywhere MARK match 0x4 tcp dpt:www redir ports 5280
0 0 DROP all -- any any anywhere 207.46.249.56 MARK match 0x4
0 0 DROP all -- any any anywhere wu-ori.microsoft.com MARK match 0x4
102 4896 REDIRECT tcp -- any any anywhere anywhere MARK match 0x4 tcp dpt:https redir ports 5280
Chain NoCat_NAT (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- any eth0 10.10.10.0/24 anywhere MARK match 0x1
0 0 MASQUERADE all -- any eth0 10.10.10.0/24 anywhere MARK match 0x2
0 0 MASQUERADE all -- any eth0 10.10.10.0/24 anywhere MARK match 0x3
3 144 MASQUERADE all -- any eth0 10.10.10.0/24 anywhere MARK match 0x4
0 0 MASQUERADE all -- any eth0 10.10.10.0/24 anywhere MARK match 0x5
0 0 MASQUERADE tcp -- any any 10.10.10.0/24 192.168.1.254 tcp dpt:domain
0 0 MASQUERADE udp -- any any 10.10.10.0/24 192.168.1.254 udp dpt:domain
Chain WiFiDog_AuthServers (1 references)
pkts bytes target prot opt in out source destination
1 48 ACCEPT all -- any any anywhere wifidog.publicip.net
Chain WiFiDog_Class (1 references)
pkts bytes target prot opt in out source destination
Chain WiFiDog_Known (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- any any anywhere anywhere
Chain WiFiDog_Locked (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere
Chain WiFiDog_Unknown (1 references)
pkts bytes target prot opt in out source destination
20 960 REDIRECT tcp -- any any anywhere anywhere tcp dpt:www redir ports 2060
Chain WiFiDog_Validate (0 references)
pkts bytes target prot opt in out source destination
0 0 WiFiDog_AuthServers all -- any any anywhere anywhere
0 0 ACCEPT all -- any any anywhere PUBLICip.publicip.com
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:bootps
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:bootps
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:www
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:pop3
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:pop3s
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imap2
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imaps
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imap3
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imaps
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https
0 0 DROP all -- any any anywhere anywhere
Chain WiFiDog_WIFI2Internet (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- any any anywhere anywhere MARK match 0x2
0 0 RETURN all -- any any anywhere anywhere MARK match 0x1
251 56173 WiFiDog_Unknown all -- any any anywhere anywhere
iptables -vt mangle -L
Chain PREROUTING (policy ACCEPT 30229 packets, 17M bytes)
pkts bytes target prot opt in out source destination
334 68542 WiFiDog_Outgoing all -- eth1 any anywhere anywhere
30229 17M NoCat all -- any any anywhere anywhere
Chain INPUT (policy ACCEPT 25302 packets, 16M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 356 packets, 30710 bytes)
pkts bytes target prot opt in out source destination
9 432 WiFiDog_Incoming all -- eth0 any anywhere anywhere
Chain OUTPUT (policy ACCEPT 24487 packets, 2262K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 24494 packets, 2263K bytes)
pkts bytes target prot opt in out source destination
173 19384 WiFiDog_Incoming all -- any eth1 anywhere anywhere
Chain NoCat (1 references)
pkts bytes target prot opt in out source destination
5748 1566K MARK all -- eth1 any anywhere anywhere MARK set 0x4
Chain WiFiDog_Incoming (2 references)
pkts bytes target prot opt in out source destination
Chain WiFiDog_Outgoing (1 references)
pkts bytes target prot opt in out source destination
iptables -vt filter -L
Chain INPUT (policy ACCEPT 25302 packets, 16M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
9 864 WiFiDog_WIFI2Internet all -- eth1 any anywhere anywhere
17 816 NoCat all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 24487 packets, 2262K bytes)
pkts bytes target prot opt in out source destination
Chain NoCat (1 references)
pkts bytes target prot opt in out source destination
17 816 NoCat_Ports all -- any any anywhere anywhere
17 816 NoCat_Inbound all -- any any anywhere anywhere
0 0 ACCEPT all -- eth1 any 10.10.10.0/24 anywhere MARK match 0x1
0 0 ACCEPT all -- eth1 any 10.10.10.0/24 anywhere MARK match 0x2
0 0 ACCEPT all -- eth1 any 10.10.10.0/24 anywhere MARK match 0x3
1 48 ACCEPT all -- eth1 any 10.10.10.0/24 anywhere MARK match 0x4
0 0 ACCEPT all -- eth1 any 10.10.10.0/24 anywhere MARK match 0x5
0 0 ACCEPT all -- any eth1 192.168.1.254 10.10.10.0/24
0 0 ACCEPT tcp -- eth1 any 10.10.10.0/24 192.168.1.254 tcp dpt:domain
0 0 ACCEPT udp -- eth1 any 10.10.10.0/24 192.168.1.254 udp dpt:domain
16 768 DROP all -- any any anywhere anywhere
Chain NoCat_Inbound (1 references)
pkts bytes target prot opt in out source destination
Chain NoCat_Ports (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:www MARK match 0x3
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:www MARK match 0x3
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https MARK match 0x3
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:https MARK match 0x3
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:pop3 MARK match 0x3
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:pop3 MARK match 0x3
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:5280
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:5280
0 0 DROP tcp -- eth1 any anywhere anywhere MARK match 0x3
0 0 DROP udp -- eth1 any anywhere anywhere MARK match 0x3
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:telnet MARK match 0x5
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:23 MARK match 0x5
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:smtp MARK match 0x5
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:25 MARK match 0x5
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:sunrpc MARK match 0x5
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:sunrpc MARK match 0x5
Chain WiFiDog_AuthServers (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- any any anywhere wifidog.publicip.net
Chain WiFiDog_Global (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- any any anywhere 69.90.89.192/27
0 0 ACCEPT udp -- any any anywhere 69.90.85.0/27
0 0 ACCEPT tcp -- any any anywhere 69.90.89.205 tcp dpt:www
Chain WiFiDog_Known (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- any any anywhere anywhere
Chain WiFiDog_Locked (1 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable
Chain WiFiDog_Unknown (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:domain
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:bootps
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:bootps
9 864 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable
Chain WiFiDog_Validate (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:bootps
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:bootps
0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:domain
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:www
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:pop3
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:pop3s
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imap2
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imaps
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:imap3
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https
0 0 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable
Chain WiFiDog_WIFI2Internet (1 references)
pkts bytes target prot opt in out source destination
9 864 WiFiDog_AuthServers all -- any any anywhere anywhere
0 0 WiFiDog_Locked all -- any any anywhere anywhere MARK match 0x254
9 864 WiFiDog_Global all -- any any anywhere anywhere
0 0 WiFiDog_Validate all -- any any anywhere anywhere MARK match 0x1
0 0 WiFiDog_Known all -- any any anywhere anywhere MARK match 0x2
9 864 WiFiDog_Unknown all -- any any anywhere anywhere
Plus d'informations sur la liste de diffusion WiFiDog