From: Charles Brown <cab_77573@yahoo.com>
To: development@lists.ipfire.org
Subject: Re: Testing Issues with core165 Development Build: next/cad86575
Date: Fri, 11 Mar 2022 17:40:25 -0600 [thread overview]
Message-ID: <06880982-2e4c-1439-eeac-07f8342644c8@yahoo.com> (raw)
In-Reply-To: <5B9713D0-5822-4A0F-BE8A-A98019A8F72E@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 2424 bytes --]
True, it is not reproducible with latest c165 build.
However, I punted back to "core165 Development Build: next/cad86575" to
test my sanity, the glitch was quite reproducible.
Logs are attached: /var/log/messages; the (a) iptables output at first
boot; the (b) iptables output after changing hostile fw option to off
and rebooting
.
On 3/11/2022 10:28 AM, Michael Tremer wrote:
> Hello,
>
> I tried to reproduce this and I can’t.
>
> Could you please send the output of “iptables -L -nv” to help me debug this?
>
> -Michael
>
>> On 8 Mar 2022, at 20:13, Charles Brown <cab_77573(a)yahoo.com> wrote:
>>
>> Just tried again with next/2022-03-08 09:59:43 +0000-32ce7ab4/x86_64
>> It seems simple to reproduce. See attached log.
>> At initial boot after fresh install, cannot ping local private address gateway -- DROP_HOSTILE
>> After editing settings in /var/ipfiire/optionsfw/settings -- changing DROPHOSTILE to off -- and rebooting, things worked as expected.
>> I then changed DROPHOSTILE setting to on and rebooted -- resulting again with DROP_HOSTILE when pinging my local gateway.
>>
>>
>> On 3/8/2022 9:47 AM, Michael Tremer wrote:
>>> Hello Charles,
>>>
>>>> On 7 Mar 2022, at 12:26, Charles Brown <cab_77573(a)yahoo.com> wrote:
>>>>
>>>> Did a fresh install of core165 Development Build: next/cad86575
>>>>
>>>> 1) Private Network is ‘Hostile’ – should it be?
>>> No, it shouldn’t.
>>>
>>>> Initially, I had no access to red zone. All traffic was getting DROP_HOSTILE.
>>>> My test setup has gateway through a 192.168 private network. Could not ping my 192.168 gateway without disabling the “drop hostile” feature. Somehow I thought that private network range would not be considered ‘hostile’.
>>> Do you have some log files so I can look at what matched?
>>>
>>> What build are you running?
>>>
>>> -Michael
>>>
>>>> 2) Web page ids.cgi stops loading after header
>>>> The page header down through "Intrusion Prevention System <?>" is displayed and then stops -- nothing else on the page
>>>> Log in httpd error shows as:
>>>> "Unable to read file /var/ipfire/suricata/ignored at /var/ipfire/general-functions.pl line 883. "
>>>> I went to the directory and created the 'ignored' file and chowned it to nobody:nobody.
>>>> That allowed the page to complete loading
>>>>
>>>> -cab
>>>>
>> <hostile_private_net.log>
[-- Attachment #2: var_log_messages.txt --]
[-- Type: text/plain, Size: 4923 bytes --]
Mar 11 17:01:23 ipfire pakfire: DOWNLOAD INFO: 2.27.2-x86_64/lists/server-list.db has size of bytes
Mar 11 17:01:23 ipfire pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't connect to pakfire.ipfire.org:443 (Name or service not known)
Mar 11 17:01:23 ipfire pakfire: Giving up: There was no chance to get the file 2.27.2-x86_64/lists/server-list.db from any available server. There was an error on the way. Please fix it.
Mar 11 17:01:23 ipfire pakfire: MIRROR ERROR: Could not find or download a server list
Mar 11 17:01:26 ipfire kernel: usb 1-5.3: new high-speed USB device number 6 using xhci_hcd
Mar 11 17:01:26 ipfire kernel: usb 1-5.3: New USB device found, idVendor=067b, idProduct=2515, bcdDevice= 1.00
Mar 11 17:01:26 ipfire kernel: usb 1-5.3: New USB device strings: Mfr=1, Product=3, SerialNumber=0
Mar 11 17:01:26 ipfire kernel: usb 1-5.3: Product: USB Embedded Hub
Mar 11 17:01:26 ipfire kernel: usb 1-5.3: Manufacturer: Prolific Technology Inc.
Mar 11 17:01:26 ipfire kernel: hub 1-5.3:1.0: USB hub found
Mar 11 17:01:26 ipfire kernel: hub 1-5.3:1.0: 1 port detected
Mar 11 17:01:26 ipfire kernel: usb 1-5.3.1: new high-speed USB device number 7 using xhci_hcd
Mar 11 17:01:26 ipfire kernel: usb 1-5.3.1: New USB device found, idVendor=067b, idProduct=2517, bcdDevice= 1.00
Mar 11 17:01:26 ipfire kernel: usb 1-5.3.1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
Mar 11 17:01:26 ipfire kernel: usb 1-5.3.1: Product: USB Mass Storage Device
Mar 11 17:01:26 ipfire kernel: usb 1-5.3.1: Manufacturer: Prolific Technology Inc.
Mar 11 17:01:26 ipfire kernel: usb-storage 1-5.3.1:1.0: USB Mass Storage device detected
Mar 11 17:01:26 ipfire kernel: scsi host2: usb-storage 1-5.3.1:1.0
Mar 11 17:01:27 ipfire kernel: usb 1-5.3: USB disconnect, device number 6
Mar 11 17:01:27 ipfire kernel: usb 1-5.3.1: USB disconnect, device number 7
Mar 11 17:01:27 ipfire kernel: usb 1-5.3: new high-speed USB device number 8 using xhci_hcd
Mar 11 17:01:27 ipfire kernel: usb 1-5.3: New USB device found, idVendor=067b, idProduct=2515, bcdDevice= 1.00
Mar 11 17:01:27 ipfire kernel: usb 1-5.3: New USB device strings: Mfr=1, Product=3, SerialNumber=0
Mar 11 17:01:27 ipfire kernel: usb 1-5.3: Product: USB Embedded Hub
Mar 11 17:01:27 ipfire kernel: usb 1-5.3: Manufacturer: Prolific Technology Inc.
Mar 11 17:01:27 ipfire kernel: hub 1-5.3:1.0: USB hub found
Mar 11 17:01:27 ipfire kernel: hub 1-5.3:1.0: 1 port detected
Mar 11 17:01:27 ipfire kernel: usb 1-5.3.1: new high-speed USB device number 9 using xhci_hcd
Mar 11 17:01:27 ipfire kernel: usb 1-5.3.1: New USB device found, idVendor=067b, idProduct=2517, bcdDevice= 1.00
Mar 11 17:01:27 ipfire kernel: usb 1-5.3.1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
Mar 11 17:01:27 ipfire kernel: usb 1-5.3.1: Product: USB Mass Storage Device
Mar 11 17:01:27 ipfire kernel: usb 1-5.3.1: Manufacturer: Prolific Technology Inc.
Mar 11 17:01:27 ipfire kernel: usb-storage 1-5.3.1:1.0: USB Mass Storage device detected
Mar 11 17:01:27 ipfire kernel: scsi host2: usb-storage 1-5.3.1:1.0
Mar 11 17:01:28 ipfire kernel: scsi 2:0:0:0: Direct-Access IOCELL CELLDISK2.0 1.00 PQ: 0 ANSI: 0 CCS
Mar 11 17:01:28 ipfire kernel: sd 2:0:0:0: Attached scsi generic sg1 type 0
Mar 11 17:01:28 ipfire kernel: sd 2:0:0:0: [sdb] 2031616 512-byte logical blocks: (1.04 GB/992 MiB)
Mar 11 17:01:28 ipfire kernel: sd 2:0:0:0: [sdb] Write Protect is off
Mar 11 17:01:28 ipfire kernel: sd 2:0:0:0: [sdb] No Caching mode page found
Mar 11 17:01:28 ipfire kernel: sd 2:0:0:0: [sdb] Assuming drive cache: write through
Mar 11 17:01:28 ipfire kernel: sdb: sdb1
Mar 11 17:01:28 ipfire kernel: sd 2:0:0:0: [sdb] Attached SCSI removable disk
Mar 11 17:01:33 ipfire login[2563]: ROOT LOGIN on '/dev/console'
Mar 11 17:01:46 ipfire kernel: DROP_HOSTILE IN= OUT=red0 SRC=192.168.1.131 DST=192.168.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=31409 DF PROTO=ICMP TYPE=8 CODE=0 ID=8259 SEQ=1
Mar 11 17:01:47 ipfire kernel: DROP_HOSTILE IN= OUT=red0 SRC=192.168.1.131 DST=192.168.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=31440 DF PROTO=ICMP TYPE=8 CODE=0 ID=8259 SEQ=2
Mar 11 17:01:48 ipfire kernel: DROP_HOSTILE IN= OUT=red0 SRC=192.168.1.131 DST=192.168.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=32110 DF PROTO=ICMP TYPE=8 CODE=0 ID=8259 SEQ=3
Mar 11 17:01:49 ipfire kernel: DROP_HOSTILE IN= OUT=red0 SRC=192.168.1.131 DST=192.168.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=32789 DF PROTO=ICMP TYPE=8 CODE=0 ID=8259 SEQ=4
Mar 11 17:01:52 ipfire collectd[2444]: ping plugin: ping_send failed: Operation not permitted
Mar 11 17:01:52 ipfire kernel: DROP_HOSTILE IN= OUT=red0 SRC=192.168.1.131 DST=192.168.1.1 LEN=104 TOS=0x00 PREC=0x00 TTL=255 ID=33416 DF PROTO=ICMP TYPE=8 CODE=0 ID=39368 SEQ=0
Mar 11 17:02:22 ipfire kernel: DROP_HOSTILE IN= OUT=red0 SRC=192.168.1.131 DST=192.168.1.1 LEN=104 TOS=0x00 PREC=0x00 TTL=255 ID=57998 DF PROTO=ICMP TYPE=8 CODE=0 ID=39368 SEQ=0
[-- Attachment #3: iptables_L_nv_a.txt --]
[-- Type: text/plain, Size: 19727 bytes --]
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 IPSBYPASS all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xc0000000/0xc0000000
3700 203K BADTCP tcp -- * * 0.0.0.0/0 0.0.0.0/0
3869 215K CUSTOMINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
3869 215K GUARDIAN all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 OVPNBLOCK all -- tun+ * 0.0.0.0/0 0.0.0.0/0
3869 215K IPS_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x0/0xc0000000
3869 215K IPTVINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
3869 215K ICMPINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
3869 215K LOOPBACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CAPTIVE_PORTAL all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CONNTRACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DHCPGREENINPUT all -- green0 * 0.0.0.0/0 0.0.0.0/0
0 0 DHCPBLUEINPUT all -- blue0 * 0.0.0.0/0 0.0.0.0/0
0 0 HOSTILE all -- red0 * 0.0.0.0/0 0.0.0.0/0
0 0 TOR_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOCATIONBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IPSECINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 GUIINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 WIRELESSINPUT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
0 0 OVPNINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 INPUTFW all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REDINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 POLICYIN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 IPSBYPASS all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xc0000000/0xc0000000
0 0 BADTCP tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
0 0 CUSTOMFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 GUARDIAN all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IPSECBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
0 0 OVPNBLOCK all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 OVPNBLOCK all -- * tun+ 0.0.0.0/0 0.0.0.0/0
0 0 IPS_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x0/0xc0000000
0 0 IPTVFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOOPBACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CAPTIVE_PORTAL all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CONNTRACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 HOSTILE all -- red0 * 0.0.0.0/0 0.0.0.0/0
0 0 HOSTILE all -- * red0 0.0.0.0/0 0.0.0.0/0
0 0 LOCATIONBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IPSECFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 WIRELESSFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
0 0 FORWARDFW all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REDFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 POLICYFWD all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 IPSBYPASS all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xc0000000/0xc0000000
3984 225K CUSTOMOUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
3984 225K IPSECBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
3984 225K IPS_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x0/0xc0000000
3984 225K LOOPBACK all -- * * 0.0.0.0/0 0.0.0.0/0
115 9398 CONNTRACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DHCPGREENOUTPUT all -- * green0 0.0.0.0/0 0.0.0.0/0
0 0 DHCPBLUEOUTPUT all -- * blue0 0.0.0.0/0 0.0.0.0/0
115 9398 HOSTILE all -- * red0 0.0.0.0/0 0.0.0.0/0
0 0 IPSECOUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 TOR_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 OUTGOINGFW all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 POLICYOUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain BADTCP (2 references)
pkts bytes target prot opt in out source destination
3700 203K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
0 0 NEWNOTSYN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 ctstate NEW
Chain CAPTIVE_PORTAL (2 references)
pkts bytes target prot opt in out source destination
Chain CAPTIVE_PORTAL_CLIENTS (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 limit: up to 3kb/s burst 1mb mode srcip
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 limit: up to 3kb/s burst 1mb mode srcip
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain CONNTRACK (3 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED
0 0 CTINVALID all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED
Chain CTINVALID (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_CTINVALID "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_CTINVALID */
Chain CUSTOMFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain CUSTOMINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain CUSTOMOUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DHCPBLUEINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DHCPBLUEOUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DHCPGREENINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 DHCPINPUT all -- green0 * 0.0.0.0/0 0.0.0.0/0
Chain DHCPGREENOUTPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 DHCPOUTPUT all -- * green0 0.0.0.0/0 0.0.0.0/0
Chain DHCPINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:68 dpt:67
Chain DHCPOUTPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:67 dpt:68
Chain FORWARDFW (1 references)
pkts bytes target prot opt in out source destination
Chain GUARDIAN (2 references)
pkts bytes target prot opt in out source destination
Chain GUIINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- green0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:444
Chain HOSTILE (4 references)
pkts bytes target prot opt in out source destination
39 3195 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_HOSTILE "
115 9398 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_HOSTILE */
Chain ICMPINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
Chain INPUTFW (1 references)
pkts bytes target prot opt in out source destination
Chain IPSBYPASS (3 references)
pkts bytes target prot opt in out source destination
0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save mask 0x7fffffff
Chain IPSECBLOCK (2 references)
pkts bytes target prot opt in out source destination
Chain IPSECFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain IPSECINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPSECOUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPS_FORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain IPS_INPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPS_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPTVFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain IPTVINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain LOCATIONBLOCK (2 references)
pkts bytes target prot opt in out source destination
Chain LOG_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LOG_REJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain LOOPBACK (3 references)
pkts bytes target prot opt in out source destination
3869 215K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3869 215K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 SPOOFED_MARTIAN all -- * * 127.0.0.0/8 0.0.0.0/0
0 0 SPOOFED_MARTIAN all -- * * 0.0.0.0/0 127.0.0.0/8
Chain NEWNOTSYN (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_NEWNOTSYN "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_NEWNOTSYN */
Chain OUTGOINGFW (1 references)
pkts bytes target prot opt in out source destination
Chain OVPNBLOCK (3 references)
pkts bytes target prot opt in out source destination
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED
Chain OVPNINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain POLICYFWD (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- green0 * 192.168.2.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol ipsec
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- blue0 red0 192.168.3.0/24 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_FORWARD "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_FORWARD */
Chain POLICYIN (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:514
0 0 ACCEPT all -- green0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- blue0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol ipsec
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_INPUT "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_INPUT */
Chain POLICYOUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_OUTPUT */
Chain PSCAN (7 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_TCP PScan */ LOG flags 0 level 4 prefix "DROP_TCP Scan "
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_UDP PScan */ LOG flags 0 level 4 prefix "DROP_UDP Scan "
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_ICMP PScan */ LOG flags 0 level 4 prefix "DROP_ICMP Scan "
0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_FRAG PScan */ LOG flags 0 level 4 prefix "DROP_FRAG Scan "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_PScan */
Chain REDFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain REDINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 SPOOFED_MARTIAN all -- red0 * 192.168.1.131 0.0.0.0/0
0 0 ACCEPT tcp -- red0 * 0.0.0.0/0 0.0.0.0/0 tcp spt:67 dpt:68
0 0 ACCEPT udp -- red0 * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
Chain SPOOFED_MARTIAN (3 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_SPOOFED_MARTIAN "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_SPOOFED_MARTIAN */
Chain TOR_INPUT (1 references)
pkts bytes target prot opt in out source destination
Chain TOR_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain WIRELESSFORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- blue0 * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "DROP_Wirelessforward"
0 0 DROP all -- blue0 * 0.0.0.0/0 0.0.0.0/0 /* DROP_Wirelessforward */
Chain WIRELESSINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- blue0 * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "DROP_Wirelessinput"
0 0 DROP all -- blue0 * 0.0.0.0/0 0.0.0.0/0 /* DROP_Wirelessinput */
[-- Attachment #4: iptables_L_nv_b.txt --]
[-- Type: text/plain, Size: 19461 bytes --]
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 IPSBYPASS all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xc0000000/0xc0000000
7293 5494K BADTCP tcp -- * * 0.0.0.0/0 0.0.0.0/0
7381 5515K CUSTOMINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
7381 5515K GUARDIAN all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 OVPNBLOCK all -- tun+ * 0.0.0.0/0 0.0.0.0/0
7381 5515K IPS_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x0/0xc0000000
7381 5515K IPTVINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
7381 5515K ICMPINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
7381 5515K LOOPBACK all -- * * 0.0.0.0/0 0.0.0.0/0
3673 5310K CAPTIVE_PORTAL all -- * * 0.0.0.0/0 0.0.0.0/0
3673 5310K CONNTRACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DHCPGREENINPUT all -- green0 * 0.0.0.0/0 0.0.0.0/0
0 0 DHCPBLUEINPUT all -- blue0 * 0.0.0.0/0 0.0.0.0/0
0 0 HOSTILE all -- red0 * 0.0.0.0/0 0.0.0.0/0
0 0 TOR_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOCATIONBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IPSECINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 GUIINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 WIRELESSINPUT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
0 0 OVPNINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 INPUTFW all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REDINPUT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 POLICYIN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 IPSBYPASS all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xc0000000/0xc0000000
0 0 BADTCP tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
0 0 CUSTOMFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 GUARDIAN all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IPSECBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
0 0 OVPNBLOCK all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 OVPNBLOCK all -- * tun+ 0.0.0.0/0 0.0.0.0/0
0 0 IPS_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x0/0xc0000000
0 0 IPTVFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOOPBACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CAPTIVE_PORTAL all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 CONNTRACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 HOSTILE all -- red0 * 0.0.0.0/0 0.0.0.0/0
0 0 HOSTILE all -- * red0 0.0.0.0/0 0.0.0.0/0
0 0 LOCATIONBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IPSECFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 WIRELESSFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
0 0 FORWARDFW all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REDFORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 POLICYFWD all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 IPSBYPASS all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xc0000000/0xc0000000
4856 276K CUSTOMOUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
4856 276K IPSECBLOCK all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
4856 276K IPS_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x0/0xc0000000
4856 276K LOOPBACK all -- * * 0.0.0.0/0 0.0.0.0/0
1148 70442 CONNTRACK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DHCPGREENOUTPUT all -- * green0 0.0.0.0/0 0.0.0.0/0
0 0 DHCPBLUEOUTPUT all -- * blue0 0.0.0.0/0 0.0.0.0/0
77 5787 HOSTILE all -- * red0 0.0.0.0/0 0.0.0.0/0
77 5787 IPSECOUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
77 5787 TOR_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
77 5787 OUTGOINGFW all -- * * 0.0.0.0/0 0.0.0.0/0
77 5787 POLICYOUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain BADTCP (2 references)
pkts bytes target prot opt in out source destination
3668 202K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
0 0 PSCAN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
0 0 NEWNOTSYN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 ctstate NEW
Chain CAPTIVE_PORTAL (2 references)
pkts bytes target prot opt in out source destination
Chain CAPTIVE_PORTAL_CLIENTS (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 limit: up to 3kb/s burst 1mb mode srcip
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 limit: up to 3kb/s burst 1mb mode srcip
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain CONNTRACK (3 references)
pkts bytes target prot opt in out source destination
4720 5372K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED
19 988 CTINVALID all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
5 1644 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED
Chain CTINVALID (1 references)
pkts bytes target prot opt in out source destination
19 988 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_CTINVALID "
19 988 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_CTINVALID */
Chain CUSTOMFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain CUSTOMINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain CUSTOMOUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DHCPBLUEINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DHCPBLUEOUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain DHCPGREENINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 DHCPINPUT all -- green0 * 0.0.0.0/0 0.0.0.0/0
Chain DHCPGREENOUTPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 DHCPOUTPUT all -- * green0 0.0.0.0/0 0.0.0.0/0
Chain DHCPINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:68 dpt:67
Chain DHCPOUTPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:67 dpt:68
Chain FORWARDFW (1 references)
pkts bytes target prot opt in out source destination
Chain GUARDIAN (2 references)
pkts bytes target prot opt in out source destination
Chain GUIINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- green0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:444
Chain HOSTILE (4 references)
pkts bytes target prot opt in out source destination
Chain ICMPINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
Chain INPUTFW (1 references)
pkts bytes target prot opt in out source destination
Chain IPSBYPASS (3 references)
pkts bytes target prot opt in out source destination
0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save mask 0x7fffffff
Chain IPSECBLOCK (2 references)
pkts bytes target prot opt in out source destination
Chain IPSECFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain IPSECINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPSECOUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPS_FORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain IPS_INPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPS_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain IPTVFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain IPTVINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain LOCATIONBLOCK (2 references)
pkts bytes target prot opt in out source destination
Chain LOG_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LOG_REJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain LOOPBACK (3 references)
pkts bytes target prot opt in out source destination
3708 205K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3708 205K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 SPOOFED_MARTIAN all -- * * 127.0.0.0/8 0.0.0.0/0
0 0 SPOOFED_MARTIAN all -- * * 0.0.0.0/0 127.0.0.0/8
Chain NEWNOTSYN (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_NEWNOTSYN "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_NEWNOTSYN */
Chain OUTGOINGFW (1 references)
pkts bytes target prot opt in out source destination
Chain OVPNBLOCK (3 references)
pkts bytes target prot opt in out source destination
0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED
Chain OVPNINPUT (1 references)
pkts bytes target prot opt in out source destination
Chain POLICYFWD (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- green0 * 192.168.2.0/24 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol ipsec
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- blue0 red0 192.168.3.0/24 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_FORWARD "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_FORWARD */
Chain POLICYIN (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:514
0 0 ACCEPT all -- green0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- blue0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol ipsec
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_INPUT "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_INPUT */
Chain POLICYOUT (1 references)
pkts bytes target prot opt in out source destination
3 312 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_OUTPUT */
Chain PSCAN (7 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_TCP PScan */ LOG flags 0 level 4 prefix "DROP_TCP Scan "
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_UDP PScan */ LOG flags 0 level 4 prefix "DROP_UDP Scan "
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_ICMP PScan */ LOG flags 0 level 4 prefix "DROP_ICMP Scan "
0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 /* DROP_FRAG PScan */ LOG flags 0 level 4 prefix "DROP_FRAG Scan "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_PScan */
Chain REDFORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain REDINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 SPOOFED_MARTIAN all -- red0 * 192.168.1.131 0.0.0.0/0
0 0 ACCEPT tcp -- red0 * 0.0.0.0/0 0.0.0.0/0 tcp spt:67 dpt:68
0 0 ACCEPT udp -- red0 * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
Chain SPOOFED_MARTIAN (3 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix "DROP_SPOOFED_MARTIAN "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* DROP_SPOOFED_MARTIAN */
Chain TOR_INPUT (1 references)
pkts bytes target prot opt in out source destination
Chain TOR_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain WIRELESSFORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- blue0 * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "DROP_Wirelessforward"
0 0 DROP all -- blue0 * 0.0.0.0/0 0.0.0.0/0 /* DROP_Wirelessforward */
Chain WIRELESSINPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- blue0 * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix "DROP_Wirelessinput"
0 0 DROP all -- blue0 * 0.0.0.0/0 0.0.0.0/0 /* DROP_Wirelessinput */
next prev parent reply other threads:[~2022-03-11 23:40 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <06172f89-90ad-7851-ad93-25cd8d390c38.ref@yahoo.com>
2022-03-07 12:26 ` Charles Brown
2022-03-08 15:47 ` Michael Tremer
2022-03-08 20:13 ` Charles Brown
2022-03-11 16:28 ` Michael Tremer
2022-03-11 23:40 ` Charles Brown [this message]
2022-03-17 15:52 ` Michael Tremer
2022-03-17 19:34 ` Charles Brown
2022-03-18 9:14 ` Michael Tremer
[not found] <16a1fbd2-c1fc-50a5-8c58-5a85a0528f5c@yahoo.com>
2022-03-07 16:51 ` Stefan Schantl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=06880982-2e4c-1439-eeac-07f8342644c8@yahoo.com \
--to=cab_77573@yahoo.com \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox