Building the Network You Need with OpenBSD's PF: EuroBSDCon, St. Julian's, September 26th 2013 | ||
---|---|---|
Prev | Next |
Use tcpdump to check for traffic
$ sudo tcpdump -nvvvpi xl0 tcp and not port ssh and not port smtp tcpdump: listening on xl0, link-type EN10MB 16:23:33.351341 194.54.107.19.58679 > 80.79.54.23.80: S [tcp sum ok] 2920990951:2920990951(0) win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 166143589 0,sackOK,eol> (DF) (ttl 63, id 14602, len 64) 16:23:33.434469 80.79.54.23.80 > 194.54.107.19.58679: S [tcp sum ok] 2276676381:2276676381(0) ack 2920990952 win 16384 <mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 3138530904 166143589> (DF) (ttl 48, id 39423, len 64) 16:23:33.434813 194.54.107.19.58679 > 80.79.54.23.80: . [tcp sum ok] 1:1(0) ack 1 win 33304 <nop,nop,timestamp 166143673 3138530904> (DF) (ttl 63, id 14603, len 52) 16:23:33.436111 194.54.107.19.58679 > 80.79.54.23.80: P 1:242(241) ack 1 win 33304 <nop,nop,timestamp 166143674 3138530904> (DF) (ttl 63, id 14604, len 293) 16:23:33.698605 80.79.54.23.80 > 194.54.107.19.58679: . 1:1449(1448) ack 242 win 17376 <nop,nop,timestamp 3138530905 166143674> (DF) (ttl 48, id 51709, len 1500) 16:23:33.700022 80.79.54.23.80 > 194.54.107.19.58679: P 1449:2533(1084) ack 242 win 17376 <nop,nop,timestamp 3138530905 166143674> (DF) (ttl 48, id 45465, len 1136)
Find out exactly where your logic breaks