On Thu, 2001-12-13 at 08:15, Ken Billings wrote:
> LOL, I answered your question in the same way yesterday, before I realized
> what you were really asking. Too bad both of my messages came from the
> wrong account.
>
> If you have the /proc filesystem enabled, the file /proc/net/ip_conntrack is
> what you're looking for. Keep in mind that this file shows all tracked
> connections, not just the NATed ones. The address list is quite different
> from the Cisco one you have. The first src/dst address pair are the
> original request (no NAT addresses), and the second is where the expected
> future connections will go (after NAT). Here's a snip from a connection
> someone made to my internal webserver. This is all one line:
>
> tcp 6 262996 ESTABLISHED src=208.238.142.23 dst=65.35.xx.xx sport=1987
> dport=80 /
> src=192.168.xx.xx dst=208.238.142.23 sport=80 dport=1987 [ASSURED] use=1
>
> Note that the file has no concept of "internal" or "external". The original
> connection comes first, and the original reply second; i.e. for TCP, the
> <SYN> is first, and the <SYN,ACK> is listed second. From that point on, any
> communication on that established connection is tracked and NATed based on
> the single listing above. Am I making any sense? It's too early in the
> morning for me. :)
Ah, oh, I understand now. (I didn't see any difference between his
first and second phrasings of the question... too early for me too. :)
There are a few nifty files scattered around in /proc that show all
kinds of neat things about the iptables stuff. Poke around, there are
more.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
#!/usr/bin/perl -w
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$t=255;@t=map
{$_%16or$t^=$c^=($m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;
$t^=(72,@z=(64,72,$a^=12*($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)
[$_%8]}(16..271);if((@a=unx"C*",$_)[20]&48){$h=5;$_=unxb24,join
"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$d=
unxV,xb25,$_;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=$t&($d
>>12^$d>>4^$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*
8^$q<<6))<<9,$_=$t[$_]^(($h>>=8)+=$f+(~$g&$t))for@a[128..$#a]}
print+x"C*",@a}';s/x/pack+/g;eval
usage: qrpff 153 2 8 105 225 < /mnt/dvd/VOB_FILENAME \
| extract_mpeg2 | mpeg2dec -
http://www.cs.cmu.edu/~dst/DeCSS/Gallery/
http://www.eff.org/ http://www.anti-dmca.org/
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:13:02 EDT