Indice del forum www.zeroshell.net
Distribuzione Linux ZeroShell
 
 FAQFAQ   CercaCerca  GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo  Log inLog in   Messaggi privatiMessaggi privati 

Captive Portal problemi con Firewall

 
Nuovo argomento   Rispondi    Indice del forum -> ZeroShell
Precedente :: Successivo  
Autore Messaggio
robezana



Registrato: 30/11/07 17:01
Messaggi: 17

MessaggioInviato: Ven Feb 29, 2008 10:30 am    Oggetto: Captive Portal problemi con Firewall Rispondi citando

Ciao,
ho un problema con il Captive Protal dopo aver configurato il Firewall.
In poche parole il Captive Portal non blocca tutto il traffico ma solo sulla porta 80 ( non blocca ma non riesce a fare il redirect sulla pagina di autentificazione ).
Allego il mio firewall:

Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
4638 316K SYS_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 SYS_HTTPS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
4255 271K SYS_HTTPS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
45 3944 SYS_SSH tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
2 122 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:88
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1194
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
214 30437 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3228 3161K wan_lan all -- ETH00 ETH01 0.0.0.0/0 0.0.0.0/0
895 117K lan_dmz all -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0
2850 428K lan_wan all -- ETH01 ETH00 0.0.0.0/0 0.0.0.0/0
80 8263 wan_dmz all -- ETH00 ETH02 0.0.0.0/0 0.0.0.0/0
962 337K dmz_lan all -- ETH02 ETH01 0.0.0.0/0 0.0.0.0/0
104 7245 dmz_wan all -- ETH02 ETH00 0.0.0.0/0 0.0.0.0/0
0 0 vpn99_dmz all -- VPN99 ETH02 0.0.0.0/0 0.0.0.0/0
0 0 vpn99_lan all -- VPN99 ETH01 0.0.0.0/0 0.0.0.0/0
0 0 vpn99_wan all -- VPN99 ETH00 0.0.0.0/0 0.0.0.0/0
0 0 dmz_vpn99 all -- ETH02 VPN99 0.0.0.0/0 0.0.0.0/0
0 0 lan_vpn99 all -- ETH01 VPN99 0.0.0.0/0 0.0.0.0/0
0 0 wan_vpn99 all -- ETH00 VPN99 0.0.0.0/0 0.0.0.0/0
0 0 CapPort all -- * * 0.0.0.0/0 0.0.0.0/0


    Il "CapPort" essendo nell'ultima riga viene letto soltanto alla fine infatti come vediamo non ci sono pacchetti sul CapPort perchč ovviamente le richieste sulla porta 80 match sia sulla lan_wan che lan_dmz all'inizio.


Chain OUTPUT (policy DROP 426 packets, 105K bytes)
pkts bytes target prot opt in out source destination
8535 1858K SYS_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
7980 1742K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

Chain CapPort (1 references)
pkts bytes target prot opt in out source destination
0 0 CapPortACL all -- ETH01 * 0.0.0.0/0 0.0.0.0/0

Chain CapPortACL (1 references)
pkts bytes target prot opt in out source destination
0 0 CapPortFS all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CapPortFC all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CapPortWL all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain CapPortFC (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * x.x.x.x 0.0.0.0/0 MAC 00:00:00:00:00:00

Chain CapPortFS (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67

Chain CapPortWL (1 references)
pkts bytes target prot opt in out source destination

Chain SYS_HTTPS (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * x.x.x.x/24 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain SYS_INPUT (1 references)
pkts bytes target prot opt in out source destination
62 6485 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3 437 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 state ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80 state ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:8245 state ESTABLISHED
64 4864 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:123 state ESTABLISHED
4694 318K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0

Chain SYS_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
62 6485 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
3 226 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8245
68 5168 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123
8540 1877K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0

Chain SYS_SSH (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
265 17296 ACCEPT all -- ETH01 * x.x.x.x/24 0.0.0.0/0
1 60 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain dmz_lan (1 references)
pkts bytes target prot opt in out source destination
949 336K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
16 704 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain dmz_vpn99 (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

Chain dmz_wan (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
20 1497 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
35 2513 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
36 2185 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
14 1126 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain lan_dmz (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 x.x.x.x/24 icmp type 8
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT udp -- * * 0.0.0.0/0 x.x.x.x udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:21
23 2819 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:139
876 115K ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:445
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:631
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:389
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:901
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain lan_vpn99 (1 references)
pkts bytes target prot opt in out source destination

Chain lan_wan (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
201 12488 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
1545 248K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
35 2660 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1863
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
108 8856 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:59709
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:59709
81 4064 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:3478:3488
955 163K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:5060:5070
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:8000:8020
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:16384:16482
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2222
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4080
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4001
0 0 ACCEPT all -- * * x.x.x.x 0.0.0.0/0
0 0 ACCEPT all -- * * x.x.x.x 0.0.0.0/0
0 0 ACCEPT all -- * * x.x.x.x 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain vpn99_dmz (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:138
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain vpn99_lan (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain vpn99_wan (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain wan_dmz (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 x.x.x.x udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:443
35 1950 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:21
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1194
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
45 6313 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain wan_lan (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:18917
0 0 ACCEPT udp -- * * 0.0.0.0/0 x.x.x.xudp dpt:59765
3273 3173K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain wan_vpn99 (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Usando l'interfaccia web attualmente non ho trovato una soluzione.
Spero qualcuno abbia gią affrontato il problema.
Grazie & Distinti Saluti
Roberto Zanandrea
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> ZeroShell Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi


Powered by phpBB © 2001, 2005 phpBB Group
phpbb.it