[NCLUG] iptables, ftp, windows8

Matt Rosing rosing at peakfive.com
Wed Jan 9 12:49:33 MST 2013


...
> In:  IN=eth2 OUT=eth0 SRC=server DST=windows8 LEN=44 PREC=0x20 TTL=28
> ID=0 PROTO=TCP SPT=3359 DPT=49364 WINDOW=256 RES=0x00 RST
...
> iptables INPUT DENIED IN=eth2 OUT= MAC=... SRC=server DST=gateway LEN=40
> PREC=0x20 TTL=125 ID=17524 DF PROTO=TCP SPT=3359 DPT=49364 WINDOW=65535
> RES=0x00 ACK FIN

The server sends my windows8 machine a RST and then sends an ACK FIN to 
the same port. Is that right? I thought an RST aborted the protocol. 
Wouldn't that delete the entry in the nat table? So even if the ACK FIN 
made sense to send, it'll never make it to where it needs to go.




More information about the NCLUG mailing list