Gajim / bloqueio firewall

1. Gajim / bloqueio firewall

harder
(usa Debian)

Enviado em 05/07/2010 - 10:41h

Prezados Colegas,

Quero ativar o Gajim, fiz uma verificação e descobri que o Firewall do desktop não permite acesso ( bloqueio ). Quando desativado o Gajim roda sem bloqueio, etc.

Roteador interface de gerenciamento, com IP dinâmico.

Abaixo segue portas abertas no firewall:

22 TCP, 53 TCP, 80 TCP, 137 TCP, 138 TCP, 139 TCP,
389 TCP, 443 TCP, 445 TCP, 587 TCP, 990 TCP, 992 TCP, 995 TCP, 5222 TCP.

Como posso ativar o acesso ao Gajim ?

Atenciosamente.
Harder.

0 0

Quote

2. Re: Gajim / bloqueio firewall

irado
(usa XUbuntu)

Enviado em 05/07/2010 - 10:46h

gajim é um cliente jabber e (normalmente) é utilizada a porta 5222 mas não estou certo se é tcp ou udp; vc tem a tcp aberta (na sua lista) então provavelmente (se o servidor estiver usando porta normal) não é problema de bloqueio. Não sei como funciona o seu fwll/gw - é produto comercial, nunca usei - mas veja se há um meio de fazer log de u'a máquina em particular (a sua, por ex), use EXCLUSIVAMENTE o gajim e examine-o pra ver o que é que está barrando, portas utilizadas, etc.

em ultima instancia, use o tcpdump 'olhando' os pacotes da SUA máquina e teste.

0 0

Quote

3. Gajim / bloqueio firewall

harder
(usa Debian)

Enviado em 06/07/2010 - 16:44h

Colega,

Acessar o Gajim, e respondeu com o erro:

Um erro ocorreu durante a criação da conta. Impossível conectar ao servidor.

No tcpdump, segue abaixo a resposta...

Seguindo com os testes..

Atenciosamente.
Harder.

# tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
16:06:21.460454 IP 192.168.254.1.48911 > 200.201.166.200.http: F 2919179545:2919179545(0) ack 3049258070 win 2003 <nop,nop,timestamp 1013674 99097430>
16:06:21.461350 IP 192.168.254.1.42959 > 192.168.254.254.domain: 49497+ PTR? 200.166.201.200.in-addr.arpa. (46)
16:06:21.553427 IP 192.168.254.1.48912 > 200.201.166.200.http: F 2914894911:2914894911(0) ack 974157264 win 2237 <nop,nop,timestamp 1013767 99097430>
16:06:21.884433 IP 192.168.254.1.48318 > andromeda-12.caixa.gov.br.http: F 2974080247:2974080247(0) ack 933408716 win 1812 <nop,nop,timestamp 1014098 2205840>
16:06:26.462454 IP 192.168.254.1.42959 > 192.168.254.254.domain: 49497+ PTR? 200.166.201.200.in-addr.arpa. (46)
16:06:30.326448 IP 192.168.254.1.48321 > andromeda-12.caixa.gov.br.http: F 2976302483:2976302483(0) ack 650913070 win 364 <nop,nop,timestamp 1022540 2205838>
16:06:31.463666 IP 192.168.254.1.59918 > 192.168.254.254.domain: 52051+ PTR? 1.254.168.192.in-addr.arpa. (44)
16:06:36.464454 IP 192.168.254.1.59918 > 192.168.254.254.domain: 52051+ PTR? 1.254.168.192.in-addr.arpa. (44)
16:06:36.689437 IP 192.168.254.1.48910 > 200.201.166.200.http: F 2926726806:2926726806(0) ack 106859871 win 1737 <nop,nop,timestamp 1028903 99097430>
16:06:37.004444 IP 192.168.254.1.48320 > andromeda-12.caixa.gov.br.http: F 2979939900:2979939900(0) ack 948472223 win 2003 <nop,nop,timestamp 1029218 2205848>
16:06:39.020451 IP 192.168.254.1.48322 > andromeda-12.caixa.gov.br.http: F 2983149706:2983149706(0) ack 3638370832 win 364 <nop,nop,timestamp 1031234 2205840>
16:06:41.465713 IP 192.168.254.1.47930 > 192.168.254.254.domain: 41955+ PTR? 254.254.168.192.in-addr.arpa. (46)
16:06:46.466456 IP 192.168.254.1.47930 > 192.168.254.254.domain: 41955+ PTR? 254.254.168.192.in-addr.arpa. (46)
16:06:50.891448 IP 192.168.254.1.48319 > andromeda-12.caixa.gov.br.http: F 2974911819:2974911819(0) ack 2512857992 win 1264 <nop,nop,timestamp 1043105 2205839>
16:06:51.467862 IP 192.168.254.1.56453 > 192.168.254.254.domain: 57118+ PTR? 240.166.201.200.in-addr.arpa. (46)
16:06:51.546831 IP 192.168.254.254.domain > 192.168.254.1.56453: 57118 3/0/0[|domain]
16:06:52.542457 IP 192.168.254.1.48909 > 200.201.166.200.http: F 2900730970:2900730970(0) ack 2709393268 win 2003 <nop,nop,timestamp 1044756 99097434>
16:06:53.431448 IP 192.168.254.1.48913 > 200.201.166.200.http: F 2921436546:2921436546(0) ack 297014732 win 2003 <nop,nop,timestamp 1045645 99097457>
16:06:55.891423 arp who-has 192.168.254.254 tell 192.168.254.1
16:06:55.891613 arp reply 192.168.254.254 is-at 00:13:a3:4f:69:2f (oui Unknown)
16:06:58.235452 IP 192.168.254.1.48908 > 200.201.166.200.http: F 2901200996:2901200996(0) ack 2975754635 win 2003 <nop,nop,timestamp 1050449 99097430>
16:06:58.550453 IP 192.168.254.1.48317 > andromeda-12.caixa.gov.br.http: F 2948602555:2948602555(0) ack 3761271052 win 1322 <nop,nop,timestamp 1050764 2205839>
16:07:00.692454 IP 192.168.254.1.48911 > 200.201.166.200.http: F 0:0(0) ack 1 win 2003 <nop,nop,timestamp 1052906 99097430>
16:07:00.881457 IP 192.168.254.1.48912 > 200.201.166.200.http: F 0:0(0) ack 1 win 2237 <nop,nop,timestamp 1053095 99097430>
16:07:00.924468 IP 192.168.254.1.48318 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 1812 <nop,nop,timestamp 1053138 2205840>
16:07:17.942448 IP 192.168.254.1.48321 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 364 <nop,nop,timestamp 1070156 2205838>
16:07:24.528779 IP 192.168.254.1.50649 > 192.168.254.254.domain: 35278+ SRV? _xmpp-client._tcp.jabber.fr. (45)
16:07:25.032011 IP 192.168.254.254.domain > 192.168.254.1.50649: 35278 0/0/0 (45)
16:07:25.036110 IP 192.168.254.1.44732 > 192.168.254.254.domain: 2835+ AAAA? jabber.fr. (27)
16:07:25.330043 IP 192.168.254.254.domain > 192.168.254.1.44732: 2835 0/1/0 (89)
16:07:25.330278 IP 192.168.254.1.52783 > 192.168.254.254.domain: 29972+ AAAA? jabber.fr.harder.local. (40)
16:07:30.330456 IP 192.168.254.1.52783 > 192.168.254.254.domain: 29972+ AAAA? jabber.fr.harder.local. (40)
16:07:30.769457 IP 192.168.254.1.48910 > 200.201.166.200.http: F 0:0(0) ack 1 win 1737 <nop,nop,timestamp 1082983 99097430>
16:07:31.404460 IP 192.168.254.1.48320 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 2003 <nop,nop,timestamp 1083618 2205848>
16:07:35.331539 IP 192.168.254.1.52277 > 192.168.254.254.domain: 38897+ A? jabber.fr. (27)
16:07:35.468467 IP 192.168.254.1.48322 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 364 <nop,nop,timestamp 1087682 2205840>
16:07:35.958936 IP 192.168.254.254.domain > 192.168.254.1.52277: 38897 1/0/0 A apijab3.apinc.org (43)
16:07:35.959956 IP 192.168.254.1.53408 > apijab3.apinc.org.xmpp-client: S 2092472515:2092472515(0) win 5840 <mss 1460,sackOK,timestamp 1088173 0,nop,wscale 5>
16:07:35.961272 IP 192.168.254.1.37224 > 192.168.254.254.domain: 9518+ PTR? 47.214.248.80.in-addr.arpa. (44)
16:07:35.961418 IP 192.168.254.1.44626 > 192.168.254.254.domain: 62321+ PTR? 47.214.248.80.in-addr.arpa. (44)
16:07:37.304613 IP 192.168.254.254.domain > 192.168.254.1.37224: 9518 1/0/0 (75)
16:07:37.305587 IP 192.168.254.254.domain > 192.168.254.1.44626: 62321 1/0/0 (75)
16:07:38.959446 IP 192.168.254.1.53408 > apijab3.apinc.org.xmpp-client: S 2092472515:2092472515(0) win 5840 <mss 1460,sackOK,timestamp 1091173 0,nop,wscale 5>
16:07:40.331421 arp who-has 192.168.254.254 tell 192.168.254.1
16:07:40.331610 arp reply 192.168.254.254 is-at 00:13:a3:4f:69:2f (oui Unknown)
16:07:44.959445 IP 192.168.254.1.53408 > apijab3.apinc.org.xmpp-client: S 2092472515:2092472515(0) win 5840 <mss 1460,sackOK,timestamp 1097173 0,nop,wscale 5>
16:07:56.959444 IP 192.168.254.1.53408 > apijab3.apinc.org.xmpp-client: S 2092472515:2092472515(0) win 5840 <mss 1460,sackOK,timestamp 1109173 0,nop,wscale 5>
16:07:58.859449 IP 192.168.254.1.48319 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 1264 <nop,nop,timestamp 1111073 2205839>
16:08:02.174449 IP 192.168.254.1.48909 > 200.201.166.200.http: F 0:0(0) ack 1 win 2003 <nop,nop,timestamp 1114388 99097434>
16:08:03.959448 IP 192.168.254.1.48913 > 200.201.166.200.http: F 0:0(0) ack 1 win 2003 <nop,nop,timestamp 1116173 99097457>
16:08:06.520691 IP 192.168.254.1.59838 > 192.168.254.254.domain: 49466+ AAAA? jabber.fr. (27)
16:08:06.860206 IP 192.168.254.254.domain > 192.168.254.1.59838: 49466 0/1/0 (89)
16:08:06.860504 IP 192.168.254.1.50528 > 192.168.254.254.domain: 7124+ AAAA? jabber.fr.harder.local. (40)
16:08:11.861471 IP 192.168.254.1.50528 > 192.168.254.254.domain: 7124+ AAAA? jabber.fr.harder.local. (40)
16:08:14.203451 IP 192.168.254.1.48908 > 200.201.166.200.http: F 0:0(0) ack 1 win 2003 <nop,nop,timestamp 1126417 99097430>
16:08:14.838455 IP 192.168.254.1.48317 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 1322 <nop,nop,timestamp 1127052 2205839>
16:08:16.862528 IP 192.168.254.1.53673 > 192.168.254.254.domain: 29152+ A? jabber.fr. (27)
16:08:17.148011 IP 192.168.254.254.domain > 192.168.254.1.53673: 29152 1/0/0 A apijab3.apinc.org (43)
16:08:17.148790 IP 192.168.254.1.37846 > apijab3.apinc.org.hpvirtgrp: S 2744037448:2744037448(0) win 5840 <mss 1460,sackOK,timestamp 1129362 0,nop,wscale 5>
16:08:19.004451 IP 192.168.254.1.48318 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 1812 <nop,nop,timestamp 1131218 2205840>
16:08:19.156451 IP 192.168.254.1.48911 > 200.201.166.200.http: F 0:0(0) ack 1 win 2003 <nop,nop,timestamp 1131370 99097430>
16:08:19.537450 IP 192.168.254.1.48912 > 200.201.166.200.http: F 0:0(0) ack 1 win 2237 <nop,nop,timestamp 1131751 99097430>
16:08:20.148452 IP 192.168.254.1.37846 > apijab3.apinc.org.hpvirtgrp: S 2744037448:2744037448(0) win 5840 <mss 1460,sackOK,timestamp 1132362 0,nop,wscale 5>
16:08:24.004418 arp who-has 192.168.254.254 tell 192.168.254.1
16:08:24.004637 arp reply 192.168.254.254 is-at 00:13:a3:4f:69:2f (oui Unknown)
16:08:26.148448 IP 192.168.254.1.37846 > apijab3.apinc.org.hpvirtgrp: S 2744037448:2744037448(0) win 5840 <mss 1460,sackOK,timestamp 1138362 0,nop,wscale 5>
16:08:38.148449 IP 192.168.254.1.37846 > apijab3.apinc.org.hpvirtgrp: S 2744037448:2744037448(0) win 5840 <mss 1460,sackOK,timestamp 1150362 0,nop,wscale 5>
16:08:47.520491 IP 192.168.254.1.41717 > 192.168.254.254.domain: 5050+ AAAA? jabber.fr. (27)
16:08:47.557441 IP 192.168.254.254.domain > 192.168.254.1.41717: 5050 0/1/0 (89)
16:08:47.557681 IP 192.168.254.1.35948 > 192.168.254.254.domain: 24035+ AAAA? jabber.fr.harder.local. (40)
16:08:52.558461 IP 192.168.254.1.35948 > 192.168.254.254.domain: 24035+ AAAA? jabber.fr.harder.local. (40)
16:08:53.174456 IP 192.168.254.1.48321 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 364 <nop,nop,timestamp 1165388 2205838>
16:08:57.559524 IP 192.168.254.1.55531 > 192.168.254.254.domain: 4922+ A? jabber.fr. (27)
16:08:57.628390 IP 192.168.254.254.domain > 192.168.254.1.55531: 4922 1/0/0 A apijab3.apinc.org (43)
16:08:57.629075 IP 192.168.254.1.53410 > apijab3.apinc.org.xmpp-client: S 3378650901:3378650901(0) win 5840 <mss 1460,sackOK,timestamp 1169842 0,nop,wscale 5>
16:09:00.628444 IP 192.168.254.1.53410 > apijab3.apinc.org.xmpp-client: S 3378650901:3378650901(0) win 5840 <mss 1460,sackOK,timestamp 1172842 0,nop,wscale 5>
16:09:06.628447 IP 192.168.254.1.53410 > apijab3.apinc.org.xmpp-client: S 3378650901:3378650901(0) win 5840 <mss 1460,sackOK,timestamp 1178842 0,nop,wscale 5>
16:09:11.628421 arp who-has 192.168.254.254 tell 192.168.254.1
16:09:11.628608 arp reply 192.168.254.254 is-at 00:13:a3:4f:69:2f (oui Unknown)
16:09:18.628448 IP 192.168.254.1.53410 > apijab3.apinc.org.xmpp-client: S 3378650901:3378650901(0) win 5840 <mss 1460,sackOK,timestamp 1190842 0,nop,wscale 5>
16:09:18.929447 IP 192.168.254.1.48910 > 200.201.166.200.http: F 0:0(0) ack 1 win 1737 <nop,nop,timestamp 1191143 99097430>
16:09:20.204449 IP 192.168.254.1.48320 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 2003 <nop,nop,timestamp 1192418 2205848>
16:09:28.364445 IP 192.168.254.1.48322 > andromeda-12.caixa.gov.br.http: F 0:0(0) ack 1 win 364 <nop,nop,timestamp 1200578 2205840>
16:14:33.252912 IP 192.168.254.254.de-cache-query > 239.255.255.250.ssdp: UDP, length 290
16:14:33.253226 IP 192.168.254.1.60899 > 192.168.254.254.domain: 56299+ PTR? 250.255.255.239.in-addr.arpa. (46)
16:14:33.277532 IP 192.168.254.254.de-cache-query > 239.255.255.250.ssdp: UDP, length 290
16:14:33.302580 IP 192.168.254.254.de-cache-query > 239.255.255.250.ssdp: UDP, length 346
16:14:33.327677 IP 192.168.254.254.de-cache-query > 239.255.255.250.ssdp: UDP, length 346
16:14:33.352750 IP 192.168.254.254.de-cache-query > 239.255.255.250.ssdp: UDP, length 274
16:14:33.377818 IP 192.168.254.254.de-cache-query > 239.255.255.250.ssdp: UDP, length 274
16:14:33.403557 IP 192.168.254.254.de-server > 239.255.255.250.ssdp: UDP, length 338
16:14:33.428007 IP 192.168.254.254.de-server > 239.255.255.250.ssdp: UDP, length 338
16:14:33.453669 IP 192.168.254.254.shockwave2 > 239.255.255.250.ssdp: UDP, length 340
16:14:33.478187 IP 192.168.254.254.shockwave2 > 239.255.255.250.ssdp: UDP, length 340
16:14:33.503809 IP 192.168.254.254.opennl > 239.255.255.250.ssdp: UDP, length 334
16:14:33.528342 IP 192.168.254.254.opennl > 239.255.255.250.ssdp: UDP, length 334
16:14:33.554293 IP 192.168.254.254.opennl-voice > 239.255.255.250.ssdp: UDP, length 266
16:14:33.579516 IP 192.168.254.254.opennl-voice > 239.255.255.250.ssdp: UDP, length 266
16:14:33.604646 IP 192.168.254.254.opennl-voice > 239.255.255.250.ssdp: UDP, length 310
16:14:33.629715 IP 192.168.254.254.opennl-voice > 239.255.255.250.ssdp: UDP, length 310
16:14:33.655376 IP 192.168.254.254.ibm-ssd > 239.255.255.250.ssdp: UDP, length 342
16:14:33.679887 IP 192.168.254.254.ibm-ssd > 239.255.255.250.ssdp: UDP, length 342
16:14:33.705834 IP 192.168.254.254.mpshrsv > 239.255.255.250.ssdp: UDP, length 290
16:14:33.731055 IP 192.168.254.254.mpshrsv > 239.255.255.250.ssdp: UDP, length 290
16:14:33.756217 IP 192.168.254.254.mpshrsv > 239.255.255.250.ssdp: UDP, length 342
16:14:33.781244 IP 192.168.254.254.mpshrsv > 239.255.255.250.ssdp: UDP, length 342
16:14:33.806934 IP 192.168.254.254.qnts-orb > 239.255.255.250.ssdp: UDP, length 338
16:14:33.831447 IP 192.168.254.254.qnts-orb > 239.255.255.250.ssdp: UDP, length 338
16:14:33.857046 IP 192.168.254.254.dka > 239.255.255.250.ssdp: UDP, length 338
16:14:33.881584 IP 192.168.254.254.dka > 239.255.255.250.ssdp: UDP, length 338
16:14:33.907536 IP 192.168.254.254.prat > 239.255.255.250.ssdp: UDP, length 270
16:14:33.932745 IP 192.168.254.254.prat > 239.255.255.250.ssdp: UDP, length 270
16:14:33.957842 IP 192.168.254.254.prat > 239.255.255.250.ssdp: UDP, length 312
16:14:33.982922 IP 192.168.254.254.prat > 239.255.255.250.ssdp: UDP, length 312
16:14:34.008627 IP 192.168.254.254.dssiapi > 239.255.255.250.ssdp: UDP, length 342
16:14:34.033095 IP 192.168.254.254.dssiapi > 239.255.255.250.ssdp: UDP, length 342
16:14:38.252422 arp who-has 192.168.254.254 tell 192.168.254.1
16:14:38.252621 arp reply 192.168.254.254 is-at 00:13:a3:4f:69:2f (oui Unknown)
16:14:38.253450 IP 192.168.254.1.60899 > 192.168.254.254.domain: 56299+ PTR? 250.255.255.239.in-addr.arpa. (46)

0 0

Quote

4. informação demais..

irado
(usa XUbuntu)

Enviado em 06/07/2010 - 17:22h

vc não fez filtragem do tcpdump; faça-a:

# tcpdump -vvi placa.interna src host ip.da.sua.maquina

NÃO ative nada na sua máquna, apenas tente acessar o gajim e criar a conta no servidor.

vc tem algum fwll ativo no gateway? olhou os logs pra ver o que está sendo rejeitado da sua máquina?

0 0

Quote

5. Gajim / Testes

Harder
(usa Debian)

Enviado em 07/07/2010 - 15:18h

Colega,

jamais usei o Tcpdump, não pude fazer a verificação. Tutorial ?!

O registro do sistema, entrada de logs atuais, sem “erros”.

Roteador: IP dinâmico. Tem um Firewall aqui, OK.

Configuração do Host, gateway padrão ( está em branco ) marcado (x) usar rede remota ( WAN )

Configuração do servidor DHCP, gateway padrão: 192.168.254.254

Obrigado pelas Dicas e compreensão.

Atenciosamente.
Harder.

0 0

Quote

6. Gajim / Tcpdump

Harder
(usa Debian)

Enviado em 08/07/2010 - 16:30h

Fiz uma busca que segue abaixo.

Não encontrei nada, até agora.

Atenciosamente,
Harder.

# tcpdump -i eth0

# tcpdump -i eth0 src host 192.168.254.254

# tcpdump -i eth0 dst host 192.168.254.254

# tcpdump -i eth0 dst port 5222

0 0

Quote