Forum Linux.debian/ubuntu Probleme de sites inaccessibles (perte de données)

Posté par  (site web personnel) .
Étiquettes :
0
12
juin
2006
Je peux plus ...
Bon je vous explique, j'ai installée une passerelle sous Debian Sarge avec noyau 2.4.27-2-386 et iptables 1.3.3

Depuis une 15ène de jours certains sites sont inaccessibles [(50 % des sites : google.fr (oui) aliceadsl.fr (non)]depuis les postes situés derrière le NAT... enfin pas pour tous, un marche très bien ??

Bref depuis du LAN je peux pinguer les sites mais lors du chargement de la page ca bloque et puis plus rien, alors que depuis ma passerelle tout est accessibles..

J'ai modifié le MTU mon ppp0 de 1412 mais rien n'y fait, de plus tous les sites ont accessibles les 3 premières minutes, puis de nouveau rideau ...

bref voici les log de iptables :

#----------------------------------#
# Table Filtrage #
#----------------------------------#

Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
312 40918 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
10 1114 ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0
124 17464 ACCEPT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
28 2713 ACCEPT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:20
2 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:53
3 177 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65535 dpt:53
6 312 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:10000
6 168 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED,UNTRACKED udp dpt:8147
0 0 ACCEPT all -- tun1 * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1 40 ACCEPT all -- * tun1 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED,UNTRACKED
1 44 ACCEPT all -- tun1 * 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED,UNTRACKED
11 1384 ACCEPT all -- eth1 ppp0 0.0.0.0/0 0.0.0.0/0
13 758 ACCEPT tcp -- ppp0 eth1 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 state RELATED,ESTABLISHED
1 317 ACCEPT udp -- ppp0 eth1 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- ppp0 eth1 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * ppp0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- ppp0 eth1 0.0.0.0/0 0.0.0.0/0 tcp dpt:3389

Chain OUTPUT (policy ACCEPT 434 packets, 54989 bytes)
pkts bytes target prot opt in out source destination
12 1080 ACCEPT udp -- * ppp0 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED,UNTRACKED udp spt:8147
0 0 ACCEPT all -- * tun1 0.0.0.0/0 0.0.0.0/0

#----------------------------------#
# Table Nat #
#----------------------------------#

Chain PREROUTING (policy ACCEPT 15804 packets, 1651K bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3389 to:192.168.0.22:3389

Chain POSTROUTING (policy ACCEPT 24688 packets, 1226K bytes)
pkts bytes target prot opt in out source destination
11 484 MASQUERADE all -- * ppp0 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE all -- * tun1 192.168.0.0/24 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 40284 packets, 1882K bytes)
pkts bytes target prot opt in out source destination


et les log ethereal :

pour la connexion a aliceadsl.fr par exemple ...

No. Time Source Destination Protocol Info
999 5.983885 193.251.178.34 213.36.119.29 TCP filenet-rmi > http [FIN, ACK] Seq=0 Ack=0 Win=9270 Len=0

Frame 999 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
Transmission Control Protocol, Src Port: filenet-rmi (32771), Dst Port: http (80), Seq: 0, Ack: 0, Len: 0
Source port: filenet-rmi (32771)
Destination port: http (80)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 0 (relative ack number)
Header length: 20 bytes
Flags: 0x0011 (FIN, ACK)
Window size: 9270
Checksum: 0xad06 [correct]

No. Time Source Destination Protocol Info
1017 6.039683 213.36.119.29 193.251.178.34 TCP http > filenet-rmi [ACK] Seq=0 Ack=1 Win=16384 Len=0

Frame 1017 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-rmi (32771), Seq: 0, Ack: 1, Len: 0
Source port: http (80)
Destination port: filenet-rmi (32771)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 16384
Checksum: 0x913c [correct]
SEQ/ACK analysis

No. Time Source Destination Protocol Info
1192 6.931224 193.251.178.34 213.36.119.29 TCP filenet-pa > http [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=17350895 TSER=0 WS=0

Frame 1192 (82 bytes on wire, 82 bytes captured)
Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 0, Ack: 0, Len: 0
Source port: filenet-pa (32772)
Destination port: http (80)
Sequence number: 0 (relative sequence number)
Header length: 40 bytes
Flags: 0x0002 (SYN)
Window size: 5840
Checksum: 0xc55a [correct]
Options: (20 bytes)

No. Time Source Destination Protocol Info
1200 6.986269 213.36.119.29 193.251.178.34 TCP http > filenet-pa [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460

Frame 1200 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 0, Ack: 1, Len: 0
Source port: http (80)
Destination port: filenet-pa (32772)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 24 bytes
Flags: 0x0012 (SYN, ACK)
Window size: 5840
Checksum: 0xbe7a [correct]
Options: (4 bytes)
SEQ/ACK analysis

No. Time Source Destination Protocol Info
1201 6.986416 193.251.178.34 213.36.119.29 TCP filenet-pa > http [ACK] Seq=1 Ack=1 Win=5840 Len=0

Frame 1201 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 1, Ack: 1, Len: 0
Source port: filenet-pa (32772)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 5840
Checksum: 0xd637 [correct]
SEQ/ACK analysis

No. Time Source Destination Protocol Info
1205 6.991230 193.251.178.34 213.36.119.29 HTTP GET / HTTP/1.0

Frame 1205 (284 bytes on wire, 284 bytes captured)
Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 1, Ack: 1, Len: 222
Source port: filenet-pa (32772)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Next sequence number: 223 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 5840
Checksum: 0x9fc5 [correct]
Hypertext Transfer Protocol
GET / HTTP/1.0\r\n
Host: wwW.aliceadsl.fr\r\n
Accept: text/html, text/plain, text/sgml, */*;q=0.01\r\n
Accept-Encoding: gzip, compress\r\n
Accept-Language: en\r\n
User-Agent: Lynx/2.8.5rel.5 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.7e\r\n
\r\n

No. Time Source Destination Protocol Info
1240 7.128123 213.36.119.29 193.251.178.34 TCP http > filenet-pa [ACK] Seq=1 Ack=223 Win=16162 Len=0

Frame 1240 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 1, Ack: 223, Len: 0
Source port: http (80)
Destination port: filenet-pa (32772)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 223 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 16162
Checksum: 0xad07 [correct]
SEQ/ACK analysis

No. Time Source Destination Protocol Info
1243 7.138069 213.36.119.29 193.251.178.34 HTTP HTTP/1.0 200 OK

Frame 1243 (501 bytes on wire, 501 bytes captured)
Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 1, Ack: 223, Len: 183
Source port: http (80)
Destination port: filenet-pa (32772)
Sequence number: 1 (relative sequence number)
Next sequence number: 184 (relative sequence number)
Acknowledgement number: 223 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 16384
Checksum: 0x77ac [incorrect, should be 0x8644]
Hypertext Transfer Protocol
HTTP/1.0 200 OK\r\n
Date: Mon, 12 Jun 2006 15:26:30 GMT\r\n
Content-Length: 23936\r\n
Content-Type: text/html\r\n
Cache-Control: private\r\n
Server: Microsoft-IIS/5.0\r\n
pics-label: (pics-1.1 "http://

No. Time Source Destination Protocol Info
1244 7.138328 193.251.178.34 213.36.119.29 TCP [TCP ACKed lost segment] filenet-pa > http [ACK] Seq=223 Ack=440 Win=6432 Len=0

Frame 1244 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 223, Ack: 440, Len: 0
Source port: filenet-pa (32772)
Destination port: http (80)
Sequence number: 223 (relative sequence number)
Acknowledgement number: 440 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 6432
Checksum: 0xd152 [correct]
SEQ/ACK analysis

No. Time Source Destination Protocol Info
1246 7.140033 213.36.119.29 193.251.178.34 HTTP Continuation or non-HTTP traffic

Frame 1246 (1092 bytes on wire, 1092 bytes captured)
Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 440, Ack: 223, Len: 6
Source port: http (80)
Destination port: filenet-pa (32772)
Sequence number: 440 (relative sequence number)
Next sequence number: 446 (relative sequence number)
Acknowledgement number: 223 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 16384
Checksum: 0xec25 [incorrect, should be 0x1cea]
Hypertext Transfer Protocol
\r\n
Data (4 bytes)

0000 3c 21 44 4f <!DO

No. Time Source Destination Protocol Info
1247 7.140139 213.36.119.29 193.251.178.34 HTTP Continuation or non-HTTP traffic

Frame 1247 (98 bytes on wire, 98 bytes captured)
Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 2918, Ack: 223, Len: 24
Source port: http (80)
Destination port: filenet-pa (32772)
Sequence number: 2918 (relative sequence number)
Next sequence number: 2942 (relative sequence number)
Acknowledgement number: 223 (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
Window size: 65211
Checksum: 0xec01 [correct]
Options: (12 bytes)
SEQ/ACK analysis
Hypertext Transfer Protocol
Data (24 bytes)

0000 3d 22 74 65 78 74 22 20 76 61 6c 75 65 3d 22 22 ="text" value=""
0010 20 6e 61 6d 65 3d 22 71 name="q

No. Time Source Destination Protocol Info
1248 7.140485 193.251.178.34 213.36.119.29 TCP filenet-pa > http [ACK] Seq=223 Ack=1470 Win=9270 Len=0

Frame 1248 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 223, Ack: 1470, Len: 0
Source port: filenet-pa (32772)
Destination port: http (80)
Sequence number: 223 (relative sequence number)
Acknowledgement number: 1470 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 9270
Checksum: 0xc236 [correct]
SEQ/ACK analysis

No. Time Source Destination Protocol Info
1249 7.140504 193.251.178.34 213.36.119.29 TCP [TCP Dup ACK 1248#1] filenet-pa > http [ACK] Seq=223 Ack=1470 Win=9270 Len=0

Frame 1249 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 223, Ack: 1470, Len: 0
Source port: filenet-pa (32772)
Destination port: http (80)
Sequence number: 223 (relative sequence number)
Acknowledgement number: 1470 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 9270
Checksum: 0xc236 [correct]
SEQ/ACK analysis

No. Time Source Destination Protocol Info
1275 7.232935 213.36.119.29 193.251.178.34 HTTP Continuation or non-HTTP traffic

Frame 1275 (86 bytes on wire, 86 bytes captured)
Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 5838, Ack: 223, Len: 12
Source port: http (80)
Destination port: filenet-pa (32772)
Sequence number: 5838 (relative sequence number)
Next sequence number: 5850 (relative sequence number)
Acknowledgement number: 223 (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
Window size: 65211
Checksum: 0x02ee [correct]
Options: (12 bytes)
SEQ/ACK analysis
Hypertext Transfer Protocol
Data (12 bytes)

0000 09 20 20 3c 6c 69 3e 3c 61 20 68 72 .
  • <a hr

    No. Time Source Destination Protocol Info
    1276 7.233091 193.251.178.34 213.36.119.29 TCP [TCP Dup ACK 1248#2] filenet-pa > http [ACK] Seq=223 Ack=1470 Win=9270 Len=0

    Frame 1276 (62 bytes on wire, 62 bytes captured)
    Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
    Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 223, Ack: 1470, Len: 0
    Source port: filenet-pa (32772)
    Destination port: http (80)
    Sequence number: 223 (relative sequence number)
    Acknowledgement number: 1470 (relative ack number)
    Header length: 20 bytes
    Flags: 0x0010 (ACK)
    Window size: 9270
    Checksum: 0xc236 [correct]
    SEQ/ACK analysis

    No. Time Source Destination Protocol Info
    1809 9.752251 213.36.119.29 193.251.178.34 HTTP Continuation or non-HTTP traffic

    Frame 1809 (86 bytes on wire, 86 bytes captured)
    Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
    Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 2918, Ack: 223, Len: 12
    Source port: http (80)
    Destination port: filenet-pa (32772)
    Sequence number: 2918 (relative sequence number)
    Next sequence number: 2930 (relative sequence number)
    Acknowledgement number: 223 (relative ack number)
    Header length: 32 bytes
    Flags: 0x0010 (ACK)
    Window size: 65211
    Checksum: 0x7cf7 [correct]
    Options: (12 bytes)
    SEQ/ACK analysis
    Hypertext Transfer Protocol
    Data (12 bytes)

    0000 3d 22 74 65 78 74 22 20 76 61 6c 75 ="text" valu

    No. Time Source Destination Protocol Info
    1810 9.752403 193.251.178.34 213.36.119.29 TCP [TCP Dup ACK 1248#3] filenet-pa > http [ACK] Seq=223 Ack=1470 Win=9270 Len=0

    Frame 1810 (62 bytes on wire, 62 bytes captured)
    Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
    Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 223, Ack: 1470, Len: 0
    Source port: filenet-pa (32772)
    Destination port: http (80)
    Sequence number: 223 (relative sequence number)
    Acknowledgement number: 1470 (relative ack number)
    Header length: 20 bytes
    Flags: 0x0010 (ACK)
    Window size: 9270
    Checksum: 0xc236 [correct]
    SEQ/ACK analysis

    No. Time Source Destination Protocol Info
    2879 14.834708 193.251.178.34 213.36.119.29 TCP filenet-pa > http [FIN, ACK] Seq=223 Ack=1470 Win=9270 Len=0

    Frame 2879 (62 bytes on wire, 62 bytes captured)
    Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
    Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 223, Ack: 1470, Len: 0
    Source port: filenet-pa (32772)
    Destination port: http (80)
    Sequence number: 223 (relative sequence number)
    Acknowledgement number: 1470 (relative ack number)
    Header length: 20 bytes
    Flags: 0x0011 (FIN, ACK)
    Window size: 9270
    Checksum: 0xc235 [correct]

    No. Time Source Destination Protocol Info
    2888 14.890439 213.36.119.29 193.251.178.34 TCP http > filenet-pa [ACK] Seq=1470 Ack=224 Win=16384 Len=0

    Frame 2888 (62 bytes on wire, 62 bytes captured)
    Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
    Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 1470, Ack: 224, Len: 0
    Source port: http (80)
    Destination port: filenet-pa (32772)
    Sequence number: 1470 (relative sequence number)
    Acknowledgement number: 224 (relative ack number)
    Header length: 20 bytes
    Flags: 0x0010 (ACK)
    Window size: 16384
    Checksum: 0xa66b [correct]
    SEQ/ACK analysis

    No. Time Source Destination Protocol Info
    2911 15.010002 213.36.119.29 193.251.178.34 HTTP Continuation or non-HTTP traffic

    Frame 2911 (86 bytes on wire, 86 bytes captured)
    Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
    Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 2918, Ack: 224, Len: 12
    Source port: http (80)
    Destination port: filenet-pa (32772)
    Sequence number: 2918 (relative sequence number)
    Next sequence number: 2930 (relative sequence number)
    Acknowledgement number: 224 (relative ack number)
    Header length: 32 bytes
    Flags: 0x0010 (ACK)
    Window size: 65211
    Checksum: 0x7cf6 [correct]
    Options: (12 bytes)
    SEQ/ACK analysis
    Hypertext Transfer Protocol
    Data (12 bytes)

    0000 3d 22 74 65 78 74 22 20 76 61 6c 75 ="text" valu

    No. Time Source Destination Protocol Info
    2912 15.010150 193.251.178.34 213.36.119.29 TCP filenet-pa > http [RST] Seq=224 Ack=2213700392 Win=0 Len=0

    Frame 2912 (62 bytes on wire, 62 bytes captured)
    Ethernet II, Src: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b), Dst: Unispher_41:53:dd (00:90:1a:41:53:dd)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 193.251.178.34 (193.251.178.34), Dst: 213.36.119.29 (213.36.119.29)
    Transmission Control Protocol, Src Port: filenet-pa (32772), Dst Port: http (80), Seq: 224, Ack: 2213700392, Len: 0
    Source port: filenet-pa (32772)
    Destination port: http (80)
    Sequence number: 224 (relative sequence number)
    Header length: 20 bytes
    Flags: 0x0004 (RST)
    Window size: 0
    Checksum: 0x051c [correct]

    No. Time Source Destination Protocol Info
    2926 15.063628 213.36.119.29 193.251.178.34 TCP http > filenet-pa [RST, ACK] Seq=1470 Ack=224 Win=16384 Len=0

    Frame 2926 (62 bytes on wire, 62 bytes captured)
    Ethernet II, Src: Unispher_41:53:dd (00:90:1a:41:53:dd), Dst: ViaTechn_ca:c3:8b (00:40:63:ca:c3:8b)
    PPP-over-Ethernet Session
    Point-to-Point Protocol
    Internet Protocol, Src: 213.36.119.29 (213.36.119.29), Dst: 193.251.178.34 (193.251.178.34)
    Transmission Control Protocol, Src Port: http (80), Dst Port: filenet-pa (32772), Seq: 1470, Ack: 224, Len: 0
    Source port: http (80)
    Destination port: filenet-pa (32772)
    Sequence number: 1470 (relative sequence number)
    Acknowledgement number: 224 (relative ack number)
    Header length: 20 bytes
    Flags: 0x0014 (RST, ACK)
    Window size: 16384
    Checksum: 0xa667 [correct]
    SEQ/ACK analysis


    bref je ne comprends rien et cela plante quelque soit le modem...
    Par contre si j'installe une nouvelle passerelle avec le meme script de firewall et le meme materiel ca marche ...
    Bref ca vient de ma machine mais de quoi ???

    merci
    • # hu oh

      Posté par  . Évalué à 1.

      J'ai exactement le meme probleme au taf.
      Je suis en train de me demander si c'est pas les providers et/ou les hebergeurs qui "bricolent" pour que le masquerading ne fonctionne plus. Le probleme a demarre hier soir vers 17h

      Par contre, ta derniere remarque m'etonne, surtout que d'apres mes tests, ca part, la machine cible repond a la requete mais sur le FW, je ne recois jamais le retour.

      Je surveille ce post et si je trouve une solution, je ferais un autre post.

      LoneWolf
      Les mysteres du NAT

    Suivre le flux des commentaires

    Note : les commentaires appartiennent à celles et ceux qui les ont postés. Nous n’en sommes pas responsables.