19,610
社区成员
发帖
与我相关
我的任务
分享关于使用iptables实现udp端口的nat的问题
各位好,我的问题如下:
我想实现的是,在外网通过网关/防火墙可以访问在内网的某台机器上提供的tftp(不是ftp)服务(udp69端口)。
但是由于某种原因,我需要在网关/防火墙上进行端口转换。详情如下:
内网机器的IP:192.168.111.101 端口是udp69
网关机器IP:202.xxx.xxx.153 我想映射的端口是10069
用iptables实现这个的话,那么我改如何写这条iptables的命令呢?
(以下的命令我试验过,没有效果)
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 -p udp --dport 69 -j DNAT --to 192.168.111.101:69
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.111.101 -p udp --sport 69 -j SNAT --to 202.xxx.xxx.153:69
*注1:如果不做端口变换的话,我试验过以下命令是起作用的:
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 -p udp -j DNAT --to 192.168.111.101
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.111.101 -p udp -j SNAT --to 202.xxx.xxx.153
*注2:如果问题换做是tcp端口的转换是可以实现的,我也试验过,
如,将内网机器的tcp80服务映射到外网ip的tcp10080端口,命令如下:
iptables -t nat -A PREROUTING -d 202.xxx.xxx.153 -p tcp --dport 10080 -j DNAT --to 192.168.111.101:80
请各位高手一定多多指教,不胜感激!谢谢。
我想实现的是,在外网通过网关/防火墙可以访问在内网的某台机器上提供的tftp(不是ftp)服务(udp69端口)。
但是由于某种原因,我需要在网关/防火墙上进行端口转换。详情如下:
内网机器的IP:192.168.111.101 端口是udp69
网关机器IP:202.xxx.xxx.153 我想映射的端口是10069
用iptables实现这个的话,那么我改如何写这条iptables的命令呢?
(以下的命令我试验过,没有效果)
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 -p udp --dport 69 -j DNAT --to 192.168.111.101:69
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.111.101 -p udp --sport 69 -j SNAT --to 202.xxx.xxx.153:69
*注1:如果不做端口变换的话,我试验过以下命令是起作用的:
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 -p udp -j DNAT --to 192.168.111.101
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.111.101 -p udp -j SNAT --to 202.xxx.xxx.153
*注2:如果问题换做是tcp端口的转换是可以实现的,我也试验过,
如,将内网机器的tcp80服务映射到外网ip的tcp10080端口,命令如下:
iptables -t nat -A PREROUTING -d 202.xxx.xxx.153 -p tcp --dport 10080 -j DNAT --to 192.168.111.101:80
请各位高手一定多多指教,不胜感激!谢谢。
...全文
请发表友善的回复…
发表回复
KenYuan2016 2009-07-17
- 打赏
- 举报
udp的
*注1:如果不做端口变换的话,我试验过以下命令是起作用的:
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 --dport 10069 -p udp -j DNAT --to 192.168.111.101:69
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.111.101 -p udp -j SNAT --to 202.xxx.xxx.153
tcp的话
*注1:如果不做端口变换的话,我试验过以下命令是起作用的:
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 --dport 10069 -p tcp -j DNAT --to 192.168.111.101:69
iptables -t nat -A POSTROUTING -o eth0 -d 192.168.111.101 -p tcp --dport 69 -j SNAT --to 202.xxx.xxx.153
*注1:如果不做端口变换的话,我试验过以下命令是起作用的:
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 --dport 10069 -p udp -j DNAT --to 192.168.111.101:69
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.111.101 -p udp -j SNAT --to 202.xxx.xxx.153
tcp的话
*注1:如果不做端口变换的话,我试验过以下命令是起作用的:
iptables -t nat -A PREROUTING -i eth0 -d 202.xxx.xxx.153 --dport 10069 -p tcp -j DNAT --to 192.168.111.101:69
iptables -t nat -A POSTROUTING -o eth0 -d 192.168.111.101 -p tcp --dport 69 -j SNAT --to 202.xxx.xxx.153
tukey 2008-10-09
- 打赏
- 举报
to guosha,
我的iptables除了我自己加的nat,其他都是空的
我的iptables除了我自己加的nat,其他都是空的
快乐田伯光 2008-10-09
- 打赏
- 举报
最好把整个iptables的内容都帖出来,有些规则间因顺序不同可能会导致冲突
快乐田伯光 2008-10-09
- 打赏
- 举报
数据包进去了出不来,应该是track有问题,加上这一句试试
iptables -A FORWORD -m state --state NEW,ESTABLISHED,RELATED,INVALID -j ACCEPT
iptables -A FORWORD -m state --state NEW,ESTABLISHED,RELATED,INVALID -j ACCEPT
tukey 2008-10-09
- 打赏
- 举报
to 各位高手,
现在问题依然没有解决,以前有人做过内外网udp端口的转发吗?
还望各位多多指教。
现在问题依然没有解决,以前有人做过内外网udp端口的转发吗?
还望各位多多指教。
tukey 2008-10-09
- 打赏
- 举报
to blackbillow
感谢你的说明。
不过,看来我们做的不是同一回事
感谢你的说明。
不过,看来我们做的不是同一回事
playmud 2008-10-09
- 打赏
- 举报
首先从C ping B ,然后从B ping C全部都ok,说明线路没有问题,路由也正确。
然后:iptables-save
把A跟B的结果贴出来,如果仅仅是端口转换,一条规则就可以了。
然后:iptables-save
把A跟B的结果贴出来,如果仅仅是端口转换,一条规则就可以了。
blackbillow 2008-10-08
- 打赏
- 举报
我的模拟是这样的:
一台虚拟机有2张网卡:
eth0--192.168.187.128/24
eth1--10.10.0.1/24
在eth1上开一个udp的echo server:
$ sudo ./udpserv01&
[1] 16928
$ sudo netstat -ulpn | grep 69
udp 0 0 10.10.0.1:69 0.0.0.0:* 16928/udpserv01
//只接受对des 为10.10.0.1的访问
$ ./udpcli01 10.10.0.1 69
a
a
//client 直接连接eth1,ok
$ ./udpcli01 192.168.187.128 69
ab
//client 连接eth0,fail
使用iptables作nat:
$ sudo iptables -t nat -A OUTPUT -d 192.168.187.128 -p udp --dport 10069 -j DNAT --to-destination 10.10.0.1:69
$ sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DNAT udp -- anywhere apollo.local udp dpt:10069 to:10.10.0.1:69
再次试验:
$ ./udpcli01 192.168.187.128 10069
dd
dd
//OK
tcmdump 结果:
$ sudo tcpdump -n -i any -p udp port 69 or port 10069
00:28:00.723015 IP 192.168.187.128.49767 > 10.10.0.1.69: 3 tftp-#28013
00:28:00.723666 IP 192.168.187.128.10069 > 192.168.187.128.49767: UDP, length 3
一台虚拟机有2张网卡:
eth0--192.168.187.128/24
eth1--10.10.0.1/24
在eth1上开一个udp的echo server:
$ sudo ./udpserv01&
[1] 16928
$ sudo netstat -ulpn | grep 69
udp 0 0 10.10.0.1:69 0.0.0.0:* 16928/udpserv01
//只接受对des 为10.10.0.1的访问
$ ./udpcli01 10.10.0.1 69
a
a
//client 直接连接eth1,ok
$ ./udpcli01 192.168.187.128 69
ab
//client 连接eth0,fail
使用iptables作nat:
$ sudo iptables -t nat -A OUTPUT -d 192.168.187.128 -p udp --dport 10069 -j DNAT --to-destination 10.10.0.1:69
$ sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DNAT udp -- anywhere apollo.local udp dpt:10069 to:10.10.0.1:69
再次试验:
$ ./udpcli01 192.168.187.128 10069
dd
dd
//OK
tcmdump 结果:
$ sudo tcpdump -n -i any -p udp port 69 or port 10069
00:28:00.723015 IP 192.168.187.128.49767 > 10.10.0.1.69: 3 tftp-#28013
00:28:00.723666 IP 192.168.187.128.10069 > 192.168.187.128.49767: UDP, length 3
快乐田伯光 2008-10-08
- 打赏
- 举报
iptables 的所有内容是什么?会不会是你里面有些规则冲突了呢?
tukey 2008-10-08
- 打赏
- 举报
to blackbillow:
我可以从A上连接B,下载文件也正常,所以我想B上的tftp服务没有问题。
另外,可否告诉我你的模拟是如何做的呢?
谢谢。
我可以从A上连接B,下载文件也正常,所以我想B上的tftp服务没有问题。
另外,可否告诉我你的模拟是如何做的呢?
谢谢。
blackbillow 2008-10-08
- 打赏
- 举报
我注意到你C的包已经发到了B的tftp端口,但是你的B的tftp端口没有任何包发出去
请先在你的B上确认tftp功能OK
请先在你的B上确认tftp功能OK
tukey 2008-10-08
- 打赏
- 举报
17:56:34.929312 IP (tos 0x0, ttl 64, id 5213, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:35.928595 IP (tos 0x0, ttl 64, id 5214, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:37.928764 IP (tos 0x0, ttl 64, id 5215, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:41.929090 IP (tos 0x0, ttl 64, id 5216, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:42.925410 IP (tos 0x0, ttl 64, id 65003, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:49.927732 IP (tos 0x0, ttl 64, id 5217, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:57.928632 IP (tos 0x0, ttl 127, id 41784, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:56:57.933338 IP (tos 0x0, ttl 64, id 10964, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:56:58.932394 IP (tos 0x0, ttl 64, id 10965, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:00.932520 IP (tos 0x0, ttl 64, id 10966, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:04.932852 IP (tos 0x0, ttl 64, id 10967, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:05.929039 IP (tos 0x0, ttl 64, id 5218, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:57:12.931511 IP (tos 0x0, ttl 64, id 10968, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:20.932427 IP (tos 0x0, ttl 127, id 41859, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:57:20.935755 IP (tos 0x0, ttl 64, id 16715, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:21.936173 IP (tos 0x0, ttl 64, id 16716, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:23.936314 IP (tos 0x0, ttl 64, id 16717, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:27.936607 IP (tos 0x0, ttl 64, id 16718, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:28.932792 IP (tos 0x0, ttl 64, id 10969, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:35.937247 IP (tos 0x0, ttl 64, id 16719, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:43.938405 IP (tos 0x0, ttl 127, id 41908, offset 0, flags [none], proto: UDP (17), length: 51) 192.168.23.1.1940 > 192.168.111.202.tftp: 23 ERROR EUNDEF timeout on receive"
17:57:51.936589 IP (tos 0x0, ttl 64, id 16720, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
我不是太精通这个,若你有线索,还希望你赐教,多谢了。
17:56:35.928595 IP (tos 0x0, ttl 64, id 5214, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:37.928764 IP (tos 0x0, ttl 64, id 5215, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:41.929090 IP (tos 0x0, ttl 64, id 5216, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:42.925410 IP (tos 0x0, ttl 64, id 65003, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:49.927732 IP (tos 0x0, ttl 64, id 5217, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:57.928632 IP (tos 0x0, ttl 127, id 41784, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:56:57.933338 IP (tos 0x0, ttl 64, id 10964, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:56:58.932394 IP (tos 0x0, ttl 64, id 10965, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:00.932520 IP (tos 0x0, ttl 64, id 10966, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:04.932852 IP (tos 0x0, ttl 64, id 10967, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:05.929039 IP (tos 0x0, ttl 64, id 5218, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:57:12.931511 IP (tos 0x0, ttl 64, id 10968, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:20.932427 IP (tos 0x0, ttl 127, id 41859, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:57:20.935755 IP (tos 0x0, ttl 64, id 16715, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:21.936173 IP (tos 0x0, ttl 64, id 16716, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:23.936314 IP (tos 0x0, ttl 64, id 16717, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:27.936607 IP (tos 0x0, ttl 64, id 16718, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:28.932792 IP (tos 0x0, ttl 64, id 10969, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:35.937247 IP (tos 0x0, ttl 64, id 16719, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:43.938405 IP (tos 0x0, ttl 127, id 41908, offset 0, flags [none], proto: UDP (17), length: 51) 192.168.23.1.1940 > 192.168.111.202.tftp: 23 ERROR EUNDEF timeout on receive"
17:57:51.936589 IP (tos 0x0, ttl 64, id 16720, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
我不是太精通这个,若你有线索,还希望你赐教,多谢了。
tukey 2008-10-08
- 打赏
- 举报
17:57:05.929079 IP (tos 0x0, ttl 64, id 5218, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:57:12.931550 IP (tos 0x0, ttl 64, id 10968, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:20.932372 IP (tos 0x0, ttl 128, id 41859, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:57:20.935798 IP (tos 0x0, ttl 64, id 16715, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:21.936218 IP (tos 0x0, ttl 64, id 16716, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:23.936358 IP (tos 0x0, ttl 64, id 16717, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:27.936654 IP (tos 0x0, ttl 64, id 16718, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:28.932839 IP (tos 0x0, ttl 64, id 10969, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:35.937293 IP (tos 0x0, ttl 64, id 16719, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:43.938336 IP (tos 0x0, ttl 128, id 41908, offset 0, flags [none], proto: UDP (17), length: 51) 192.168.23.1.1940 > slack12...tftp: 23 ERROR EUNDEF timeout on receive"
17:57:51.936642 IP (tos 0x0, ttl 64, id 16720, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:56.936884 arp who-has 192.168.23.1 tell slack12..
17:57:56.937056 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
机器B(内网机器)的:
17:55:24.911246 IP (tos 0x0, ttl 127, id 41505, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:24.910079 IP (tos 0x0, ttl 64, id 53244, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:25.907418 IP (tos 0x0, ttl 64, id 53245, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:26.907663 IP (tos 0x0, ttl 127, id 41519, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:26.911070 IP (tos 0x0, ttl 64, id 53744, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:27.907591 IP (tos 0x0, ttl 64, id 53246, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:27.911489 IP (tos 0x0, ttl 64, id 53745, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.911797 IP (tos 0x0, ttl 127, id 41537, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:29.912135 IP (tos 0x0, ttl 64, id 53746, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.915669 IP (tos 0x0, ttl 64, id 54495, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:30.915662 IP (tos 0x0, ttl 64, id 54496, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:31.907907 IP (tos 0x0, ttl 64, id 53247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:32.915795 IP (tos 0x0, ttl 64, id 54497, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:33.911946 IP (tos 0x0, ttl 64, id 53747, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:36.916113 IP (tos 0x0, ttl 64, id 54498, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:39.908534 IP (tos 0x0, ttl 64, id 53248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:41.912612 IP (tos 0x0, ttl 64, id 53748, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:44.916736 IP (tos 0x0, ttl 64, id 54499, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:48.917339 IP (tos 0x0, ttl 127, id 41595, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:48.921374 IP (tos 0x0, ttl 64, id 59247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:49.921031 IP (tos 0x0, ttl 64, id 59248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:51.921410 IP (tos 0x0, ttl 64, id 59249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:55.908527 IP (tos 0x0, ttl 64, id 53249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:55.919657 IP (tos 0x0, ttl 64, id 59250, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:57.912075 IP (tos 0x0, ttl 64, id 53749, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:56:00.916108 IP (tos 0x0, ttl 64, id 54500, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:56:03.920316 IP (tos 0x0, ttl 64, id 59251, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:11.921098 IP (tos 0x0, ttl 127, id 41645, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:56:11.924331 IP (tos 0x0, ttl 64, id 64998, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:12.924960 IP (tos 0x0, ttl 64, id 64999, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:14.925117 IP (tos 0x0, ttl 64, id 65000, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:18.924165 IP (tos 0x0, ttl 64, id 65001, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:19.919608 IP (tos 0x0, ttl 64, id 59252, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:26.924100 IP (tos 0x0, ttl 64, id 65002, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:34.924892 IP (tos 0x0, ttl 127, id 41715, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:57:12.931550 IP (tos 0x0, ttl 64, id 10968, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:20.932372 IP (tos 0x0, ttl 128, id 41859, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:57:20.935798 IP (tos 0x0, ttl 64, id 16715, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:21.936218 IP (tos 0x0, ttl 64, id 16716, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:23.936358 IP (tos 0x0, ttl 64, id 16717, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:27.936654 IP (tos 0x0, ttl 64, id 16718, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:28.932839 IP (tos 0x0, ttl 64, id 10969, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:35.937293 IP (tos 0x0, ttl 64, id 16719, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:43.938336 IP (tos 0x0, ttl 128, id 41908, offset 0, flags [none], proto: UDP (17), length: 51) 192.168.23.1.1940 > slack12...tftp: 23 ERROR EUNDEF timeout on receive"
17:57:51.936642 IP (tos 0x0, ttl 64, id 16720, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.53845 > 192.168.23.1.1940: UDP, length 516
17:57:56.936884 arp who-has 192.168.23.1 tell slack12..
17:57:56.937056 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
机器B(内网机器)的:
17:55:24.911246 IP (tos 0x0, ttl 127, id 41505, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:24.910079 IP (tos 0x0, ttl 64, id 53244, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:25.907418 IP (tos 0x0, ttl 64, id 53245, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:26.907663 IP (tos 0x0, ttl 127, id 41519, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:26.911070 IP (tos 0x0, ttl 64, id 53744, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:27.907591 IP (tos 0x0, ttl 64, id 53246, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:27.911489 IP (tos 0x0, ttl 64, id 53745, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.911797 IP (tos 0x0, ttl 127, id 41537, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:29.912135 IP (tos 0x0, ttl 64, id 53746, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.915669 IP (tos 0x0, ttl 64, id 54495, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:30.915662 IP (tos 0x0, ttl 64, id 54496, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:31.907907 IP (tos 0x0, ttl 64, id 53247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:32.915795 IP (tos 0x0, ttl 64, id 54497, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:33.911946 IP (tos 0x0, ttl 64, id 53747, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:36.916113 IP (tos 0x0, ttl 64, id 54498, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:39.908534 IP (tos 0x0, ttl 64, id 53248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:41.912612 IP (tos 0x0, ttl 64, id 53748, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:44.916736 IP (tos 0x0, ttl 64, id 54499, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:48.917339 IP (tos 0x0, ttl 127, id 41595, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:55:48.921374 IP (tos 0x0, ttl 64, id 59247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:49.921031 IP (tos 0x0, ttl 64, id 59248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:51.921410 IP (tos 0x0, ttl 64, id 59249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:55.908527 IP (tos 0x0, ttl 64, id 53249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:55.919657 IP (tos 0x0, ttl 64, id 59250, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:57.912075 IP (tos 0x0, ttl 64, id 53749, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:56:00.916108 IP (tos 0x0, ttl 64, id 54500, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:56:03.920316 IP (tos 0x0, ttl 64, id 59251, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:11.921098 IP (tos 0x0, ttl 127, id 41645, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
17:56:11.924331 IP (tos 0x0, ttl 64, id 64998, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:12.924960 IP (tos 0x0, ttl 64, id 64999, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:14.925117 IP (tos 0x0, ttl 64, id 65000, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:18.924165 IP (tos 0x0, ttl 64, id 65001, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:19.919608 IP (tos 0x0, ttl 64, id 59252, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:26.924100 IP (tos 0x0, ttl 64, id 65002, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:34.924892 IP (tos 0x0, ttl 127, id 41715, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > 192.168.111.202.tftp: 24 RRQ "error/README" netascii
tukey 2008-10-08
- 打赏
- 举报
to blackbillow:
补充一下:
tcpdump -v结果如下:
机器A(网关)的:
17:55:24.904150 IP (tos 0x0, ttl 128, id 41505, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:24.910136 IP (tos 0x0, ttl 64, id 53244, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:25.907466 IP (tos 0x0, ttl 64, id 53245, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:26.907607 IP (tos 0x0, ttl 128, id 41519, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:26.911116 IP (tos 0x0, ttl 64, id 53744, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:27.907647 IP (tos 0x0, ttl 64, id 53246, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:27.911521 IP (tos 0x0, ttl 64, id 53745, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.907675 arp who-has 192.168.23.1 tell slack12..
17:55:29.907837 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
17:55:29.911742 IP (tos 0x0, ttl 128, id 41537, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:29.912158 IP (tos 0x0, ttl 64, id 53746, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.915722 IP (tos 0x0, ttl 64, id 54495, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:30.915707 IP (tos 0x0, ttl 64, id 54496, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:31.907997 IP (tos 0x0, ttl 64, id 53247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:32.915837 IP (tos 0x0, ttl 64, id 54497, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:33.911994 IP (tos 0x0, ttl 64, id 53747, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:36.916155 IP (tos 0x0, ttl 64, id 54498, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:39.908581 IP (tos 0x0, ttl 64, id 53248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:41.912656 IP (tos 0x0, ttl 64, id 53748, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:44.916784 IP (tos 0x0, ttl 64, id 54499, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:48.917272 IP (tos 0x0, ttl 128, id 41595, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:48.921427 IP (tos 0x0, ttl 64, id 59247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:49.921081 IP (tos 0x0, ttl 64, id 59248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:51.921449 IP (tos 0x0, ttl 64, id 59249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:55.908569 IP (tos 0x0, ttl 64, id 53249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:55.919683 IP (tos 0x0, ttl 64, id 59250, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:57.912115 IP (tos 0x0, ttl 64, id 53749, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:56:00.916147 IP (tos 0x0, ttl 64, id 54500, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:56:03.920358 IP (tos 0x0, ttl 64, id 59251, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:11.921039 IP (tos 0x0, ttl 128, id 41645, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:56:11.924383 IP (tos 0x0, ttl 64, id 64998, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:12.925004 IP (tos 0x0, ttl 64, id 64999, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:14.925162 IP (tos 0x0, ttl 64, id 65000, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:16.925067 arp who-has 192.168.23.1 tell slack12..
17:56:16.925237 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
17:56:18.924207 IP (tos 0x0, ttl 64, id 65001, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:19.919649 IP (tos 0x0, ttl 64, id 59252, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:26.924142 IP (tos 0x0, ttl 64, id 65002, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:34.924836 IP (tos 0x0, ttl 128, id 41715, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:56:34.929359 IP (tos 0x0, ttl 64, id 5213, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:35.928648 IP (tos 0x0, ttl 64, id 5214, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:37.928819 IP (tos 0x0, ttl 64, id 5215, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:41.929132 IP (tos 0x0, ttl 64, id 5216, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:42.925448 IP (tos 0x0, ttl 64, id 65003, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:49.927782 IP (tos 0x0, ttl 64, id 5217, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:57.928575 IP (tos 0x0, ttl 128, id 41784, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:56:57.933388 IP (tos 0x0, ttl 64, id 10964, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:56:58.932439 IP (tos 0x0, ttl 64, id 10965, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:00.932562 IP (tos 0x0, ttl 64, id 10966, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:02.932634 arp who-has 192.168.23.1 tell slack12..
17:57:02.932806 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
17:57:04.932899 IP (tos 0x0, ttl 64, id 10967, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
补充一下:
tcpdump -v结果如下:
机器A(网关)的:
17:55:24.904150 IP (tos 0x0, ttl 128, id 41505, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:24.910136 IP (tos 0x0, ttl 64, id 53244, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:25.907466 IP (tos 0x0, ttl 64, id 53245, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:26.907607 IP (tos 0x0, ttl 128, id 41519, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:26.911116 IP (tos 0x0, ttl 64, id 53744, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:27.907647 IP (tos 0x0, ttl 64, id 53246, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:27.911521 IP (tos 0x0, ttl 64, id 53745, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.907675 arp who-has 192.168.23.1 tell slack12..
17:55:29.907837 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
17:55:29.911742 IP (tos 0x0, ttl 128, id 41537, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:29.912158 IP (tos 0x0, ttl 64, id 53746, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:29.915722 IP (tos 0x0, ttl 64, id 54495, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:30.915707 IP (tos 0x0, ttl 64, id 54496, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:31.907997 IP (tos 0x0, ttl 64, id 53247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:32.915837 IP (tos 0x0, ttl 64, id 54497, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:33.911994 IP (tos 0x0, ttl 64, id 53747, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:36.916155 IP (tos 0x0, ttl 64, id 54498, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:39.908581 IP (tos 0x0, ttl 64, id 53248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:41.912656 IP (tos 0x0, ttl 64, id 53748, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:55:44.916784 IP (tos 0x0, ttl 64, id 54499, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:55:48.917272 IP (tos 0x0, ttl 128, id 41595, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:55:48.921427 IP (tos 0x0, ttl 64, id 59247, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:49.921081 IP (tos 0x0, ttl 64, id 59248, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:51.921449 IP (tos 0x0, ttl 64, id 59249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:55.908569 IP (tos 0x0, ttl 64, id 53249, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.58221 > 192.168.23.1.1940: UDP, length 516
17:55:55.919683 IP (tos 0x0, ttl 64, id 59250, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:55:57.912115 IP (tos 0x0, ttl 64, id 53749, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.39255 > 192.168.23.1.1940: UDP, length 516
17:56:00.916147 IP (tos 0x0, ttl 64, id 54500, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.59356 > 192.168.23.1.1940: UDP, length 516
17:56:03.920358 IP (tos 0x0, ttl 64, id 59251, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:11.921039 IP (tos 0x0, ttl 128, id 41645, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:56:11.924383 IP (tos 0x0, ttl 64, id 64998, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:12.925004 IP (tos 0x0, ttl 64, id 64999, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:14.925162 IP (tos 0x0, ttl 64, id 65000, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:16.925067 arp who-has 192.168.23.1 tell slack12..
17:56:16.925237 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
17:56:18.924207 IP (tos 0x0, ttl 64, id 65001, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:19.919649 IP (tos 0x0, ttl 64, id 59252, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54611 > 192.168.23.1.1940: UDP, length 516
17:56:26.924142 IP (tos 0x0, ttl 64, id 65002, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:34.924836 IP (tos 0x0, ttl 128, id 41715, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:56:34.929359 IP (tos 0x0, ttl 64, id 5213, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:35.928648 IP (tos 0x0, ttl 64, id 5214, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:37.928819 IP (tos 0x0, ttl 64, id 5215, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:41.929132 IP (tos 0x0, ttl 64, id 5216, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:42.925448 IP (tos 0x0, ttl 64, id 65003, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54666 > 192.168.23.1.1940: UDP, length 516
17:56:49.927782 IP (tos 0x0, ttl 64, id 5217, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.37068 > 192.168.23.1.1940: UDP, length 516
17:56:57.928575 IP (tos 0x0, ttl 128, id 41784, offset 0, flags [none], proto: UDP (17), length: 52) 192.168.23.1.1940 > slack12...tftp: 24 RRQ "error/README" netascii
17:56:57.933388 IP (tos 0x0, ttl 64, id 10964, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:56:58.932439 IP (tos 0x0, ttl 64, id 10965, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:00.932562 IP (tos 0x0, ttl 64, id 10966, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
17:57:02.932634 arp who-has 192.168.23.1 tell slack12..
17:57:02.932806 arp reply 192.168.23.1 is-at 00:50:56:c0:00:01 (oui Unknown)
17:57:04.932899 IP (tos 0x0, ttl 64, id 10967, offset 0, flags [DF], proto: UDP (17), length: 544) 192.168.111.202.54143 > 192.168.23.1.1940: UDP, length 516
tukey 2008-10-08
- 打赏
- 举报
to blackbillow:
我现在情况是:
我把我的虚拟机用作网关,叫做机器A
它的一块网卡eth0,ip是192.168.23.129
另一块网卡venet0,ip是192.168.111.1
venet0连接另一个虚拟机,我叫他机器B(其实是vps),用作内网机器,ip为192.168.111.202
现在,我想在我的物理机器上(我叫他机器C),连接机器B上的tftp服务器,那么我在机器A上做的端口映射如下:
iptables -t nat -I PREROUTING -d 192.168.23.129 -p udp --dport 69 -j DNAT --to-destination 192.168.111.202:69
即,我想把机器B的udp69映射到机器A(网关)上的udp69,然后在C上连接之。
但是结果却连接超时了。
我现在情况是:
我把我的虚拟机用作网关,叫做机器A
它的一块网卡eth0,ip是192.168.23.129
另一块网卡venet0,ip是192.168.111.1
venet0连接另一个虚拟机,我叫他机器B(其实是vps),用作内网机器,ip为192.168.111.202
现在,我想在我的物理机器上(我叫他机器C),连接机器B上的tftp服务器,那么我在机器A上做的端口映射如下:
iptables -t nat -I PREROUTING -d 192.168.23.129 -p udp --dport 69 -j DNAT --to-destination 192.168.111.202:69
即,我想把机器B的udp69映射到机器A(网关)上的udp69,然后在C上连接之。
但是结果却连接超时了。
红男爵 2008-10-08
- 打赏
- 举报
mark
blackbillow 2008-10-07
- 打赏
- 举报
我在我的虚拟机上模拟了一下,确实只需要一条规则,因为Linux会作connect track
lz你确定是在一台外部机器访问tftp服务器,还是在你的网关上访问?后者的话你需要将规则加到OUTPUT链
能贴一下你在网关和tftp服务器上tcpdump的结果?
lz你确定是在一台外部机器访问tftp服务器,还是在你的网关上访问?后者的话你需要将规则加到OUTPUT链
能贴一下你在网关和tftp服务器上tcpdump的结果?
tukey 2008-10-07
- 打赏
- 举报
to playmud 和guosha
二位的方法我都试了,还是不行呀。
playmud说的会默认怎家snat,我不是很明白。
二位的方法我都试了,还是不行呀。
playmud说的会默认怎家snat,我不是很明白。
快乐田伯光 2008-10-07
- 打赏
- 举报
后一句相对应是--to-source吧
playmud 2008-10-07
- 打赏
- 举报
一条就行了
iptables -t nat -I PREROUTING -d 202.xxx.xxx.153 -p udp --dport 10069 -j DNAT --to-destination 192.168.111.101:69
它默认增加snat
iptables -t nat -I PREROUTING -d 202.xxx.xxx.153 -p udp --dport 10069 -j DNAT --to-destination 192.168.111.101:69
它默认增加snat
加载更多回复(6)
