IPP2P模块修改版，最新0.99.16

ShadowStar

原帖由 shined_zhang 于 2008-2-29 12:55 发表
BUG报告：
我使用ipp2p0.99.14版本 误判，导致无法连接外网mysql数据库。  请楼主帮忙看看 谢谢

抓包发上来。

我现在没有环境进行测试。

shined_zhang

可以告诉我一下tcpdump 加什么参数抓包给你呢？谢谢

shined_zhang

14:11:41.121510 IP (tos 0x0, ttl 128, id 22464, offset 0, flags [DF], proto 6, length: 40) 192.168.5.46.1355 > 121.101.16.125.mysql: . [tcp sum ok] 1:1(0) ack 1 win 65535
14:11:46.147215 IP (tos 0x0, ttl  50, id 9850, offset 0, flags [DF], proto 6, length: 40) 121.101.16.125.mysql > 192.168.5.46.1355: F [tcp sum ok] 61:61(0) ack 1 win 5840
14:11:46.147360 IP (tos 0x0, ttl 128, id 22483, offset 0, flags [DF], proto 6, length: 52) 192.168.5.46.1355 > 121.101.16.125.mysql: . [tcp sum ok] 1:1(0) ack 1 win 65535 <nop,nop,sack sack 1 {61:62} >
当我打开ipp2p模块时mysql连接不上用tcpdump抓包现在上面信息 192.168.5.46是我的电脑，121.101.16.125是mysql服务器。请老大帮忙看看

[ 本帖最后由 shined_zhang 于 2008-2-29 14:16 编辑 ]

ShadowStar

原帖由 shined_zhang 于 2008-2-29 13:16 发表


tcpdump -s 0 -vv -w mysql
[local]1[/local]

只要抓一下连接mysql时的数据，被防火墙阻断时的。

shined_zhang

原帖由 ShadowStar 于 2008-2-29 13:56 发表


只要抓一下连接mysql时的数据，被防火墙阻断时的。

14:11:41.121510 IP (tos 0x0, ttl 128, id 22464, offset 0, flags [DF], proto 6, length: 40) 192.168.5.46.1355 > 121.101.16.125.mysql: . [tcp sum ok] 1:1(0) ack 1 win 65535
14:11:46.147215 IP (tos 0x0, ttl  50, id 9850, offset 0, flags [DF], proto 6, length: 40) 121.101.16.125.mysql > 192.168.5.46.1355: F [tcp sum ok] 61:61(0) ack 1 win 5840
14:11:46.147360 IP (tos 0x0, ttl 128, id 22483, offset 0, flags [DF], proto 6, length: 52) 192.168.5.46.1355 > 121.101.16.125.mysql: . [tcp sum ok] 1:1(0) ack 1 win 65535 <nop,nop,sack sack 1 {61:62} >
当我打开ipp2p模块时mysql连接不上用tcpdump抓包现在上面信息 192.168.5.46是我的电脑，121.101.16.125是mysql服务器。请老大帮忙看看

shined_zhang

14:25:57.678983 IP (tos 0x0, ttl 128, id 30035, offset 0, flags [DF], proto 6, length: 4 192.168.5.46.2020 > 121.101.16.125.mysql: S [tcp sum ok] 2650438428:2650438428(0) win 65535 <mss 1460,nop,nop,sackOK>
14:25:57.684315 IP (tos 0x0, ttl  50, id 0, offset 0, flags [DF], proto 6, length: 4 121.101.16.125.mysql > 192.168.5.46.2020: S [tcp sum ok] 1972072475:1972072475(0) ack 2650438429 win 5840 <mss 1460,nop,nop,sackOK>
14:25:57.684422 IP (tos 0x0, ttl 128, id 30036, offset 0, flags [DF], proto 6, length: 40) 192.168.5.46.2020 > 121.101.16.125.mysql: . [tcp sum ok] 1:1(0) ack 1 win 65535
14:26:02.712468 IP (tos 0x0, ttl  50, id 7076, offset 0, flags [DF], proto 6, length: 40) 121.101.16.125.mysql > 192.168.5.46.2020: F [tcp sum ok] 61:61(0) ack 1 win 5840
14:26:02.712608 IP (tos 0x0, ttl 128, id 30061, offset 0, flags [DF], proto 6, length: 52) 192.168.5.46.2020 > 121.101.16.125.mysql: . [tcp sum ok] 1:1(0) ack 1 win 65535 <nop,nop,sack sack 1 {61:62} >
14:26:13.212007 IP (tos 0x0, ttl 128, id 30128, offset 0, flags [none], proto 17, length: 7 192.168.5.46.netbios-ns > 121.101.16.125.netbios-ns: [udp sum ok]
14:26:13.258439 IP (tos 0x0, ttl 241, id 45883, offset 0, flags [none], proto 1, length: 106) 121.101.16.125 > 192.168.5.46: icmp 86: host 121.101.16.125 unreachable - admin prohibited for IP (tos 0x0, ttl 117, id 30128, offset 0, flags [none], proto 17, length: 7 192.168.5.46.netbios-ns > 121.101.16.125.netbios-ns: [bad udp cksum 49dc!]
14:26:14.711367 IP (tos 0x0, ttl 128, id 30136, offset 0, flags [none], proto 17, length: 7 192.168.5.46.netbios-ns > 121.101.16.125.netbios-ns: [udp sum ok]
14:26:14.714380 IP (tos 0x0, ttl 241, id 45884, offset 0, flags [none], proto 1, length: 106) 121.101.16.125 > 192.168.5.46: icmp 86: host 121.101.16.125 unreachable - admin prohibited for IP (tos 0x0, ttl 117, id 30136, offset 0, flags [none], proto 17, length: 7 192.168.5.46.netbios-ns > 121.101.16.125.netbios-ns: [bad udp cksum 49dc!]
14:26:16.211464 IP (tos 0x0, ttl 128, id 30147, offset 0, flags [none], proto 17, length: 7 192.168.5.46.netbios-ns > 121.101.16.125.netbios-ns: [udp sum ok]
14:26:16.275604 IP (tos 0x0, ttl 241, id 45885, offset 0, flags [none], proto 1, length: 106) 121.101.16.125 > 192.168.5.46: icmp 86: host 121.101.16.125 unreachable - admin prohibited for IP (tos 0x0, ttl 117, id 30147, offset 0, flags [none], proto 17, length: 7 192.168.5.46.netbios-ns > 121.101.16.125.netbios-ns: [bad udp cksum 49dc!]
又抓了一边 请看看 分析一下

ShadowStar

原帖由 shined_zhang 于 2008-2-29 14:32 发表
14:25:57.678983 IP (tos 0x0, ttl 128, id 30035, offset 0, flags [DF], proto 6, length: 4 192.168.5.46.2020 > 121.101.16.125.mysql: S [tcp sum ok] 2650438428:2650438428(0) win 65535
14:25:57.6 ...

这种信息没用，我需要的是详细的7层数据信息。
用tcpdump -w 把数据保存下来。

VPNIKE

http://ftp.netfilter.org/pub/iptables/iptables-1.3.8.tar.bz2

skylove

sos 我这里在编译这个的时候，提示

libipt_ipp2p.c:417: 警告：从不兼容的指针类型初始化
libipt_ipp2p.c:418: 警告：从不兼容的指针类型初始化
libipt_ipp2p.c:420: 警告：从不兼容的指针类型初始化
libipt_ipp2p.c:421: 警告：从不兼容的指针类型初始化

请问如何搞定它？

mdxiao

楼主可以发个抓的BT使用UDP协议的数据包看看吗，用wireshark一直没抓到udp的包，谢谢！！！！