Limiter not work correct on second nic
-
In my network where wan is fxp0,lan is stge0 and opt1 is rl0 ( second lan)
limiter not work correct on second lan nic (rl0) and client get full speed.fxp0@pci0:0:13:0: class=0x020000 card=0x000c8086 chip=0x12298086 rev=0x08 hdr=0x00 class = network subclass = ethernet cap 01[dc] = powerspec 2 supports D0 D1 D2 D3 current D0 stge0@pci0:0:14:0: class=0x020000 card=0x81801043 chip=0x102313f0 rev=0x41 hdr=0x00 class = network subclass = ethernet cap 01[50] = powerspec 2 supports D0 D1 D2 D3 current D0 rl0@pci0:0:15:0: class=0x020000 card=0x813910ec chip=0x813910ec rev=0x10 hdr=0x00 class = network subclass = ethernet cap 01[50] = powerspec 2 supports D0 D1 D2 D3 current D0
fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=2009 <rxcsum,vlan_mtu,wol_magic>ether 4c:00:10:54:46:32 inet 1.2.3.4 netmask 0xffffff00 broadcast 1.2.3.255 inet6 fe80::4e00:10ff:fe54:4632%fxp0 prefixlen 64 scopeid 0x1 nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>) status: active stge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 00:1d:60:5c:e5:76 inet 172.17.250.1 netmask 0xfffffff0 broadcast 172.17.250.15 inet6 fe80::21d:60ff:fe5c:e576%stge0 prefixlen 64 scopeid 0x2 nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=8 <vlan_mtu>ether 00:e0:4c:51:bc:60 inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::2e0:4cff:fe51:bc60%rl0 prefixlen 64 scopeid 0x3 nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>) status: active</full-duplex></performnud,accept_rtadv></vlan_mtu></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,vlan_mtu,wol_magic></up,broadcast,running,simplex,multicast>
cat rules.limiter pipe 1 config bw 5120Kb mask src-ip 0xffffffff pipe 2 config bw 10240Kb mask dst-ip 0xffffffff pipe 3 config bw 2048Kb mask src-ip 0xffffffff pipe 4 config bw 2048Kb mask dst-ip 0xffffffff
ipfw pipe list 00001: 5.120 Mbit/s 0 ms burst 0 q131073 50 sl. 0 flows (1 buckets) sched 65537 weight 0 lmax 0 pri 0 droptail sched 65537 type FIFO flags 0x1 64 buckets 3 active mask: 0x00 0xffffffff/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 13 ip 172.17.250.14/0 0.0.0.0/0 6 662 0 0 0 25 ip 172.17.250.4/0 0.0.0.0/0 1 76 0 0 0 29 ip 172.17.250.6/0 0.0.0.0/0 4 176 0 0 0 00002: 10.240 Mbit/s 0 ms burst 0 q131074 50 sl. 0 flows (1 buckets) sched 65538 weight 0 lmax 0 pri 0 droptail sched 65538 type FIFO flags 0x1 64 buckets 2 active mask: 0x00 0x00000000/0x0000 -> 0xffffffff/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 37 ip 0.0.0.0/0 172.17.250.6/0 4 176 0 0 0 45 ip 0.0.0.0/0 172.17.250.14/0 5 2981 0 0 0 00003: 2.048 Mbit/s 0 ms burst 0 q131075 50 sl. 0 flows (1 buckets) sched 65539 weight 0 lmax 0 pri 0 droptail sched 65539 type FIFO flags 0x1 64 buckets 1 active mask: 0x00 0xffffffff/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 174 ip 192.168.0.3/0 0.0.0.0/0 3265 192854 0 0 0 00004: 2.048 Mbit/s 0 ms burst 0 q131076 50 sl. 0 flows (1 buckets) sched 65540 weight 0 lmax 0 pri 0 droptail sched 65540 type FIFO flags 0x1 64 buckets 1 active mask: 0x00 0x00000000/0x0000 -> 0xffffffff/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 83 ip 0.0.0.0/0 192.168.0.3/0 6458 7770058 5 4608 0
-
this is limiter rule on rl0 ( pic)
pfctl -sn no nat proto carp all nat-anchor "natearly/*" all nat-anchor "natrules/*" all nat on fxp0 inet from 172.17.250.0/28 port = isakmp to any port = isakmp -> 87.120.x.y port 500 nat on fxp0 inet from 192.168.0.0/24 port = isakmp to any port = isakmp -> 87.120.x.y port 500 nat on fxp0 inet from 127.0.0.0/8 port = isakmp to any port = isakmp -> 87.120.x.y port 500 nat on fxp0 inet from 172.17.250.0/28 to any -> 87.120.x.yport 1024:65535 nat on fxp0 inet from 192.168.0.0/24 to any -> 87.120.x.y port 1024:65535 nat on fxp0 inet from 127.0.0.0/8 to any -> 87.120.x.y port 1024:65535 no rdr proto carp all rdr-anchor "relayd/*" all rdr-anchor "tftp-proxy/*" all rdr on fxp0 inet proto tcp from any to 87.120.x.y port = commplex-link -> 172.17.250.5 rdr on fxp0 inet proto udp from any to 87.120.x.y port = commplex-link -> 172.17.250.5 rdr on fxp0 inet proto tcp from any to 87.120.x.y port = 51413 -> 172.17.250.5 rdr on fxp0 inet proto udp from any to 87.120.x.y port = 51413 -> 172.17.250.5 rdr-anchor "miniupnpd" all
pfctl -sr ... pass in quick on stge0 inet from 172.17.250.0/28 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule" dnpipe(1, 2) pass in quick on rl0 inet from 192.168.0.0/24 to any flags S/SA keep state label "USER_RULE" dnpipe(3, 4) anchor "tftp-proxy/*" all anchor "miniupnpd" all
-
Do you have any other machines using this links?
Can you test it with any console tool(like tcpdump or iftop) to check it?
-
Co you have any other machines using this links?
Can you test it with any console tool(like tcpdump or iftop) to check it?
More info, LAN nic (stge0) is used for ethernet users,OPT1 nic (rl0) is used for wi-fi users through bridged AP ( bridged wan and wlan ports on routerstation ).
I use this network sheme for separate speeds (up/down) on ALL ethernet and wi-fi connected users (see pipe 1/2 and 3/4 in first post) assigned on Lan subnet / OPT1 subnet in firewall rules.What to test with tcpdump,iperf ?!
I test with iperf/transmission from user machine. -
Are you still on 2.0rc1? If so, the first thing to try is an upgrade to 2.0.1
The console test was just to be sure you are getting only test traffic on you graph.
Tcpdump will show all packates. This way you can see if It's a limiter issue or just traffic from other machines.
-
Are you still on 2.0rc1? If so, the first thing to try is an upgrade to 2.0.1
The console test was just to be sure you are getting only test traffic on you graph.
Tcpdump will show all packates. This way you can see if It's a limiter issue or just traffic from other machines.
Well
2.0.1-RELEASE (i386) built on Wed Dec 14 11:44:13 EST 2011 FreeBSD 8.1-RELEASE-p6 You are on the latest version.
I can't understand what to look with tcpdump on rl0 ,can you hint me ?
tcpdump -veni rl0 tcpdump: listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes 13:22:09.744281 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32050, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 218.94.54.170.45328: UDP, length 103 13:22:09.746146 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32051, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 79.21.254.162.21486: UDP, length 103 13:22:09.746202 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32052, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 120.28.241.126.4267: UDP, length 103 13:22:09.746246 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32053, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 183.83.213.47.9721: UDP, length 103 13:22:09.746290 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32054, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 67.215.242.138.6881: UDP, length 103 13:22:09.746336 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32055, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 94.198.234.86.31184: UDP, length 103 13:22:09.746383 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32056, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 188.254.202.176.54895: UDP, length 103 13:22:09.746424 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32057, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 212.233.203.139.14619: UDP, length 103 13:22:10.114074 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 62: (tos 0x0, ttl 128, id 32058, offset 0, flags [DF], proto TCP (6), length 48) 192.168.0.14.44515 > 78.189.153.237.28931: Flags [S.], cksum 0x8096 (correct), seq 1493898671, ack 3281577949, win 8192, options [mss 1460,nop,nop,sackOK], length 0 13:22:10.731320 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32059, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 62.65.242.246.31931: UDP, length 103 13:22:10.731638 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32060, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 77.91.198.111.26288: UDP, length 103 13:22:10.731712 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x4, ttl 255, id 35916, offset 0, flags [none], proto UDP (17), length 315) 188.254.202.176.54895 > 192.168.0.14.44515: UDP, length 287 13:22:10.731725 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x4, ttl 255, id 59381, offset 0, flags [none], proto UDP (17), length 315) 212.233.203.139.14619 > 192.168.0.14.44515: UDP, length 287 13:22:10.731735 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 8272, offset 0, flags [none], proto UDP (17), length 315) 94.198.234.86.31184 > 192.168.0.14.44515: UDP, length 287 13:22:10.731744 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 135: (tos 0x4, ttl 255, id 14464, offset 0, flags [none], proto UDP (17), length 121) 46.55.180.197.37816 > 192.168.0.14.30250: UDP, length 93 13:22:10.731767 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 319: (tos 0x8, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 305) 67.215.242.138.6881 > 192.168.0.14.44515: UDP, length 277 13:22:10.731799 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 310: (tos 0x8, ttl 255, id 26194, offset 0, flags [none], proto UDP (17), length 296) 183.83.213.47.9721 > 192.168.0.14.44515: UDP, length 268 13:22:10.731818 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 66: (tos 0x8, ttl 255, id 31865, offset 0, flags [DF], proto TCP (6), length 52) 78.189.153.237.28931 > 192.168.0.14.44515: Flags [.], cksum 0xbd3d (correct), ack 1, win 64400, options [nop,nop,sack 1 {0:1}], length 0 13:22:10.731836 00:e0:4c:51:bc:60 > c4:46:19:49:94:ba, ethertype IPv4 (0x0800), length 98: (tos 0x8, ttl 255, id 32266, offset 0, flags [none], proto UDP (17), length 84) 94.245.121.251.3544 > 192.168.0.15.49688: UDP, length 56 13:22:10.733427 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32061, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 123.202.131.117.63903: UDP, length 103 13:22:10.734069 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32062, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 80.89.199.90.18691: UDP, length 103 13:22:10.734163 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32063, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 122.29.137.124.53778: UDP, length 103 13:22:10.734206 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32064, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 108.161.113.115.55698: UDP, length 103 13:22:10.734553 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32065, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 67.176.170.167.62217: UDP, length 103 13:22:10.737114 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 128, id 32066, offset 0, flags [none], proto UDP (17), length 118) 192.168.0.14.30250 > 46.55.180.197.37816: UDP, length 90 13:22:10.821013 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 319: (tos 0x8, ttl 255, id 62457, offset 0, flags [none], proto UDP (17), length 305) 62.65.242.246.31931 > 192.168.0.14.44515: UDP, length 277 13:22:10.822587 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32067, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 124.226.170.246.16001: UDP, length 103 13:22:10.908166 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 2381, offset 0, flags [none], proto UDP (17), length 315) 80.89.199.90.18691 > 192.168.0.14.44515: UDP, length 287 13:22:10.909549 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32068, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 82.232.45.29.17547: UDP, length 103 13:22:10.916560 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 16143, offset 0, flags [DF], proto UDP (17), length 315) 108.161.113.115.55698 > 192.168.0.14.44515: UDP, length 287 13:22:10.917773 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32069, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 75.189.228.236.31899: UDP, length 103 13:22:11.068036 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 319: (tos 0x8, ttl 255, id 47693, offset 0, flags [none], proto UDP (17), length 305) 122.29.137.124.53778 > 192.168.0.14.44515: UDP, length 277 13:22:11.069398 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32070, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 77.121.255.28.54554: UDP, length 103 13:22:11.080540 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 25664, offset 0, flags [none], proto UDP (17), length 315) 75.189.228.236.31899 > 192.168.0.14.44515: UDP, length 287 13:22:11.097867 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32071, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 176.103.206.244.55298: UDP, length 103 13:22:11.157437 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 58877, offset 0, flags [none], proto UDP (17), length 315) 77.121.255.28.54554 > 192.168.0.14.44515: UDP, length 287 13:22:11.163083 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32072, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 109.200.244.203.18944: UDP, length 103 13:22:11.240918 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 8757, offset 0, flags [none], proto UDP (17), length 315) 109.200.244.203.18944 > 192.168.0.14.44515: UDP, length 287 13:22:11.242801 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32073, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 24.212.97.6.35697: UDP, length 103 13:22:11.463858 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 5622, offset 0, flags [none], proto UDP (17), length 315) 24.212.97.6.35697 > 192.168.0.14.44515: UDP, length 287 13:22:11.491307 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32074, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 95.238.91.103.58500: UDP, length 103 13:22:11.743999 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32075, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 86.28.253.119.44002: UDP, length 103 13:22:11.746626 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32076, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 81.24.208.68.57134: UDP, length 103 13:22:11.811294 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 18895, offset 0, flags [none], proto UDP (17), length 315) 86.28.253.119.44002 > 192.168.0.14.44515: UDP, length 287 13:22:11.829892 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 70: (tos 0x8, ttl 255, id 29908, offset 0, flags [none], proto ICMP (1), length 56) 81.24.208.68 > 192.168.0.14: ICMP 81.24.208.68 udp port 57134 unreachable, length 36 (tos 0x0, ttl 247, id 32076, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 81.24.208.68.57134: UDP, length 103 13:22:11.889051 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 77: (tos 0x0, ttl 128, id 32077, offset 0, flags [none], proto UDP (17), length 63) 192.168.0.14.30250 > 111.221.74.33.40043: UDP, length 35 13:22:11.889794 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 77: (tos 0x0, ttl 128, id 32078, offset 0, flags [none], proto UDP (17), length 63) 192.168.0.14.30250 > 151.28.68.17.45036: UDP, length 35 13:22:11.889821 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 77: (tos 0x0, ttl 128, id 32079, offset 0, flags [none], proto UDP (17), length 63) 192.168.0.14.30250 > 169.231.5.136.52687: UDP, length 35 13:22:11.962903 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 521: (tos 0x8, ttl 255, id 1095, offset 0, flags [none], proto UDP (17), length 507) 151.28.68.17.45036 > 192.168.0.14.30250: UDP, length 479 13:22:11.967300 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 78: (tos 0x0, ttl 128, id 32080, offset 0, flags [none], proto UDP (17), length 64) 192.168.0.14.30250 > 79.125.151.20.27958: UDP, length 36 13:22:12.031855 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x4, ttl 255, id 57855, offset 0, flags [none], proto UDP (17), length 46) 79.125.151.20.27958 > 192.168.0.14.30250: UDP, length 18 13:22:12.033515 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 78: (tos 0x0, ttl 128, id 32081, offset 0, flags [none], proto UDP (17), length 64) 192.168.0.14.30250 > 142.166.201.194.50981: UDP, length 36 13:22:12.079164 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 521: (tos 0x8, ttl 255, id 11275, offset 0, flags [none], proto UDP (17), length 507) 169.231.5.136.52687 > 192.168.0.14.30250: UDP, length 479 13:22:12.086065 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 78: (tos 0x0, ttl 128, id 32082, offset 0, flags [none], proto UDP (17), length 64) 192.168.0.14.30250 > 89.143.118.184.30773: UDP, length 36 13:22:12.182946 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 521: (tos 0x8, ttl 255, id 19780, offset 0, flags [none], proto UDP (17), length 507) 89.143.118.184.30773 > 192.168.0.14.30250: UDP, length 479 13:22:12.187459 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 79: (tos 0x0, ttl 128, id 32083, offset 0, flags [none], proto UDP (17), length 65) 192.168.0.14.30250 > 213.199.179.146.40039: UDP, length 37 13:22:12.191613 00:e0:4c:51:bc:60 > c4:46:19:49:94:ba, ethertype IPv4 (0x0800), length 98: (tos 0x8, ttl 255, id 23151, offset 0, flags [none], proto UDP (17), length 84) 94.245.121.251.3544 > 192.168.0.15.49688: UDP, length 56 13:22:12.215943 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x8, ttl 255, id 22042, offset 0, flags [none], proto UDP (17), length 46) 142.166.201.194.50981 > 192.168.0.14.30250: UDP, length 18 13:22:12.217310 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 79: (tos 0x0, ttl 128, id 32084, offset 0, flags [none], proto UDP (17), length 65) 192.168.0.14.30250 > 46.73.213.111.3167: UDP, length 37 13:22:12.229881 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 62: (tos 0x8, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 48) 213.199.179.146.40039 > 192.168.0.14.30250: UDP, length 20 13:22:12.241174 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 533: (tos 0x8, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 519) 111.221.74.33.40043 > 192.168.0.14.30250: UDP, length 491 13:22:12.247535 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 79: (tos 0x0, ttl 128, id 32085, offset 0, flags [none], proto UDP (17), length 65) 192.168.0.14.30250 > 88.169.123.9.41181: UDP, length 37 13:22:12.302800 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 521: (tos 0x8, ttl 255, id 25908, offset 0, flags [none], proto UDP (17), length 507) 46.73.213.111.3167 > 192.168.0.14.30250: UDP, length 479 13:22:12.319148 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x8, ttl 255, id 27624, offset 0, flags [none], proto UDP (17), length 46) 88.169.123.9.41181 > 192.168.0.14.30250: UDP, length 18 ^@13:22:12.743933 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32086, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 187.37.219.57.50878: UDP, length 103 13:22:12.747415 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32087, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 77.54.122.6.49992: UDP, length 103 13:22:12.747471 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32088, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 94.51.11.245.16356: UDP, length 103 13:22:12.747516 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32089, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 91.148.189.130.13564: UDP, length 103 13:22:12.747559 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32090, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 78.73.9.127.20667: UDP, length 103 13:22:12.747606 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32091, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 122.172.43.68.20370: UDP, length 103 13:22:12.882471 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 319: (tos 0x8, ttl 255, id 53846, offset 0, flags [none], proto UDP (17), length 305) 77.54.122.6.49992 > 192.168.0.14.44515: UDP, length 277 13:22:12.883905 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32092, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 218.237.248.134.1038: UDP, length 103 13:22:12.925747 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 128, id 32093, offset 0, flags [DF], proto TCP (6), length 52) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [s], cksum 0xb461 (correct), seq 1747063256, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0 13:22:12.926187 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 128, id 32094, offset 0, flags [DF], proto TCP (6), length 52) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [s], cksum 0xb949 (correct), seq 1048354993, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0 13:22:12.931951 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 310: (tos 0x8, ttl 255, id 24641, offset 0, flags [none], proto UDP (17), length 296) 78.73.9.127.20667 > 192.168.0.14.44515: UDP, length 268 13:22:12.933262 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32095, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 183.104.144.222.6881: UDP, length 103 13:22:12.941634 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 66: (tos 0x4, ttl 255, id 974, offset 0, flags [DF], proto TCP (6), length 52) 213.240.252.97.49336 > 192.168.0.14.52472: Flags [S.], cksum 0x46d9 (correct), seq 103450447, ack 1747063257, win 65535, options [mss 1460,nop,wscale 0,nop,nop,sackOK], length 0 13:22:12.942749 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32096, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [.], cksum 0x477b (correct), ack 1, win 16425, length 0 13:22:12.945321 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 117: (tos 0x0, ttl 128, id 32097, offset 0, flags [DF], proto TCP (6), length 103) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [P.], ack 1, win 16425, length 63 13:22:12.948471 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 31644, offset 0, flags [none], proto UDP (17), length 315) 94.51.11.245.16356 > 192.168.0.14.44515: UDP, length 287 13:22:12.973275 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 163: (tos 0x4, ttl 255, id 976, offset 0, flags [DF], proto TCP (6), length 149) 213.240.252.97.49336 > 192.168.0.14.52472: Flags [P.], ack 64, win 65472, length 109 13:22:12.982060 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 66: (tos 0x8, ttl 255, id 28199, offset 0, flags [DF], proto TCP (6), length 52) 147.213.134.73.3792 > 192.168.0.14.52473: Flags [S.], cksum 0xd55c (correct), seq 1223269100, ack 1048354994, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0 13:22:12.985635 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 109: (tos 0x0, ttl 128, id 32098, offset 0, flags [DF], proto TCP (6), length 95) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [P.], ack 110, win 16397, length 55 13:22:12.987229 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32099, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [.], cksum 0xf606 (correct), ack 1, win 16425, length 0 13:22:12.987763 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 119: (tos 0x0, ttl 128, id 32100, offset 0, flags [DF], proto TCP (6), length 105) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [P.], ack 1, win 16425, length 65 13:22:12.995620 ec:55:f9:27:b1:b6 > 33:33:00:01:00:02, ethertype IPv6 (0x86dd), length 148: (hlim 1, next-header UDP (17) payload length: 94) fe80::fd59:7bd3:911a:d51d.546 > ff02::1:2.547: dhcp6 solicit (xid=be8309 (elapsed time 1500) (client ID hwaddr/time type 1 time 368372785 984be1f385cd)[|dhcp6ext]) 13:22:13.040848 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 201: (tos 0x8, ttl 255, id 28200, offset 0, flags [DF], proto TCP (6), length 187) 147.213.134.73.3792 > 192.168.0.14.52473: Flags [P.], ack 66, win 256, length 147 13:22:13.043525 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 129: (tos 0x0, ttl 128, id 32101, offset 0, flags [DF], proto TCP (6), length 115) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [P.], ack 148, win 16388, length 75 13:22:13.117301 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x4, ttl 255, id 983, offset 0, flags [DF], proto TCP (6), length 40) 213.240.252.97.49336 > 192.168.0.14.52472: Flags [.], cksum 0x8737 (correct), ack 119, win 65417, length 0 13:22:13.118449 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 67: (tos 0x0, ttl 128, id 32102, offset 0, flags [DF], proto TCP (6), length 53) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [P.], cksum 0x62bc (correct), ack 110, win 16397, length 13 13:22:13.136269 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 71: (tos 0x4, ttl 255, id 984, offset 0, flags [DF], proto TCP (6), length 57) 213.240.252.97.49336 > 192.168.0.14.52472: Flags [P.], cksum 0xa594 (correct), ack 132, win 65404, length 17 13:22:13.192276 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 329: (tos 0x8, ttl 255, id 48150, offset 0, flags [none], proto UDP (17), length 315) 122.172.43.68.20370 > 192.168.0.14.44515: UDP, length 287 13:22:13.193782 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32103, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 66.8.182.124.55223: UDP, length 103 13:22:13.291651 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 173: (tos 0x8, ttl 255, id 41184, offset 0, flags [none], proto ICMP (1), length 159) 218.237.248.134 > 192.168.0.14: ICMP 218.237.248.134 udp port 1038 unreachable, length 139 (tos 0x0, ttl 235, id 32092, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 218.237.248.134.1038: UDP, length 103[|icmp] 13:22:13.292798 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x8, ttl 255, id 28201, offset 0, flags [DF], proto TCP (6), length 40) 147.213.134.73.3792 > 192.168.0.14.52473: Flags [.], cksum 0x3411 (correct), ack 141, win 256, length 0 13:22:13.293817 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 67: (tos 0x0, ttl 128, id 32104, offset 0, flags [DF], proto TCP (6), length 53) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [P.], cksum 0x2c6c (correct), ack 148, win 16388, length 13 13:22:13.341185 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 72: (tos 0x8, ttl 255, id 28202, offset 0, flags [DF], proto TCP (6), length 58) 147.213.134.73.3792 > 192.168.0.14.52473: Flags [P.], cksum 0xc67f (correct), ack 154, win 256, length 18 13:22:13.342744 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 157: (tos 0x0, ttl 128, id 32105, offset 0, flags [none], proto UDP (17), length 143) 192.168.0.14.30250 > 157.55.235.146.40030: UDP, length 115 13:22:13.345349 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32106, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [.], cksum 0x469a (correct), ack 127, win 16393, length 0 13:22:13.406491 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 63: (tos 0x8, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 49) 157.55.235.146.40030 > 192.168.0.14.30250: UDP, length 21 13:22:13.546124 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32107, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [.], cksum 0xf4f2 (correct), ack 166, win 16383, length 0 13:22:13.743676 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32108, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 84.215.110.165.22217: UDP, length 103 13:22:13.743849 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32109, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 79.90.169.129.7632: UDP, length 103 13:22:13.810511 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 198: (tos 0x8, ttl 255, id 2205, offset 0, flags [none], proto UDP (17), length 184) 84.215.110.165.22217 > 192.168.0.14.44515: UDP, length 156 13:22:13.828145 00:e0:4c:51:bc:60 > c4:46:19:49:94:ba, ethertype IPv4 (0x0800), length 98: (tos 0x8, ttl 255, id 15709, offset 0, flags [none], proto UDP (17), length 84) 94.245.121.251.3544 > 192.168.0.15.49688: UDP, length 56 13:22:13.889695 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 310: (tos 0x8, ttl 255, id 4535, offset 0, flags [none], proto UDP (17), length 296) 79.90.169.129.7632 > 192.168.0.14.44515: UDP, length 268 13:22:13.891108 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32110, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 87.153.242.154.55627: UDP, length 103 13:22:13.891643 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32111, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 121.220.56.187.13671: UDP, length 103 13:22:13.891698 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32112, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 14.97.145.92.39002: UDP, length 103 13:22:13.919616 00:e0:4c:51:bc:60 > c4:46:19:49:94:ba, ethertype IPv4 (0x0800), length 98: (tos 0x8, ttl 255, id 10921, offset 0, flags [none], proto UDP (17), length 84) 94.245.121.251.3544 > 192.168.0.15.49688: UDP, length 56 13:22:13.945966 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 70: (tos 0x8, ttl 255, id 32110, offset 0, flags [none], proto ICMP (1), length 56) 87.153.242.154 > 192.168.0.14: ICMP host 87.153.242.154 unreachable - admin prohibited filter, length 36 (tos 0x0, ttl 246, id 32110, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 87.153.242.154.55627: UDP, length 103 13:22:13.959496 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32113, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [F.], cksum 0x4699 (correct), seq 132, ack 127, win 16393, length 0 13:22:13.959585 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32114, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [F.], cksum 0xf4f1 (correct), seq 154, ack 166, win 16383, length 0 13:22:13.975828 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x4, ttl 255, id 1014, offset 0, flags [DF], proto TCP (6), length 40) 213.240.252.97.49336 > 192.168.0.14.52472: Flags [.], cksum 0x8725 (correct), ack 133, win 65404, length 0 13:22:13.982046 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x4, ttl 255, id 1015, offset 0, flags [DF], proto TCP (6), length 40) 213.240.252.97.49336 > 192.168.0.14.52472: Flags [F.], cksum 0x8724 (correct), seq 127, ack 133, win 65404, length 0 13:22:13.983047 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32115, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52472 > 213.240.252.97.49336: Flags [.], cksum 0x4698 (correct), ack 128, win 16393, length 0 13:22:14.009533 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x8, ttl 255, id 28205, offset 0, flags [DF], proto TCP (6), length 40) 147.213.134.73.3792 > 192.168.0.14.52473: Flags [.], cksum 0x33f1 (correct), ack 155, win 256, length 0 13:22:14.012093 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 60: (tos 0x8, ttl 255, id 28206, offset 0, flags [DF], proto TCP (6), length 40) 147.213.134.73.3792 > 192.168.0.14.52473: Flags [F.], cksum 0x33f0 (correct), seq 166, ack 155, win 256, length 0 13:22:14.013085 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 128, id 32116, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.14.52473 > 147.213.134.73.3792: Flags [.], cksum 0xf4f0 (correct), ack 167, win 16383, length 0 13:22:14.727314 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32117, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 46.150.81.143.24906: UDP, length 103 13:22:14.727614 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 128, id 32118, offset 0, flags [none], proto UDP (17), length 131) 192.168.0.14.44515 > 94.66.190.163.10155: UDP, length 103 13:22:15.052466 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 319: (tos 0x0, ttl 1, id 38890, offset 0, flags [none], proto UDP (17), length 305) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 277 13:22:15.052523 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 391: (tos 0x0, ttl 1, id 14901, offset 0, flags [none], proto UDP (17), length 377) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 349 13:22:15.052593 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 387: (tos 0x0, ttl 1, id 55270, offset 0, flags [none], proto UDP (17), length 373) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 345 13:22:15.052657 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 367: (tos 0x0, ttl 1, id 65063, offset 0, flags [none], proto UDP (17), length 353) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 325 13:22:15.052719 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 399: (tos 0x0, ttl 1, id 7585, offset 0, flags [none], proto UDP (17), length 385) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 357 13:22:15.052782 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 381: (tos 0x0, ttl 1, id 2071, offset 0, flags [none], proto UDP (17), length 367) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 339 13:22:15.052846 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 383: (tos 0x0, ttl 1, id 33843, offset 0, flags [none], proto UDP (17), length 369) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 341 13:22:15.052909 00:e0:4c:51:bc:60 > 01:00:5e:7f:ff:fa, ethertype IPv4 (0x0800), length 383: (tos 0x0, ttl 1, id 8076, offset 0, flags [none], proto UDP (17), length 369) 192.168.0.254.28971 > 239.255.255.250.1900: UDP, length 341 13:22:15.129861 00:e0:4c:51:bc:60 > ec:55:f9:27:b1:b6, ethertype IPv4 (0x0800), length 66: (tos 0x8, ttl 255, id 23860, offset 0, flags [DF], proto TCP (6), length 52) 195.174.162.189.60485 > 192.168.0.14.44515: Flags [s], cksum 0xa3ea (correct), seq 3285067281, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0 13:22:15.207935 ec:55:f9:27:b1:b6 > 00:e0:4c:51:bc:60, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 128, id 32119, offset 0, flags [DF], proto TCP (6), length 52) 192.168.0.14.44515 > 195.174.162.189.60485: Flags [S.], cksum 0x2508 (correct), seq 2486495894, ack 3285067282, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0 [/s][/s][/s]
-
The tcpdump show only traffic from 192.168.0.14.
I'll try to simulate limit on second interface here and feedback.
-
The tcpdump show only traffic from 192.168.0.14.
I'll try to simulate limit on second interface here and feedback.
Yes,at this moment only 192.168.0.14 and 192.168.0.15 is connected and online.
-
After some day tests i found that upnp break ipfw limiter on all nics and assigned rules not work correctly.
-
Same problem reported here http://forum.pfsense.org/index.php/topic,37399.0.html
pfctl -vsr
scrub in on fxp0 all min-ttl 255 fragment reassemble [ Evaluations: 3366630 Packets: 683193 Bytes: 240344701 States: 0 ] [ Inserted: uid 0 pid 34968 ] scrub in on re0 all min-ttl 255 fragment reassemble [ Evaluations: 1887278 Packets: 1035091 Bytes: 496825229 States: 0 ] [ Inserted: uid 0 pid 34968 ] anchor "relayd/*" all [ Evaluations: 33964 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log all label "Default deny rule" [ Evaluations: 33964 Packets: 17161 Bytes: 1107535 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop out log all label "Default deny rule" [ Evaluations: 33964 Packets: 12 Bytes: 1416 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in quick inet6 all [ Evaluations: 33964 Packets: 30 Bytes: 2160 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop out quick inet6 all [ Evaluations: 7376 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop quick proto tcp from any port = 0 to any [ Evaluations: 33934 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop quick proto tcp from any to any port = 0 [ Evaluations: 18322 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop quick proto udp from any port = 0 to any [ Evaluations: 33936 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop quick proto udp from any to any port = 0 [ Evaluations: 15590 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop quick from <snort2c>to any label "Block snort2c hosts" [ Evaluations: 33938 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop quick from any to <snort2c>label "Block snort2c hosts" [ Evaluations: 33938 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log quick proto tcp from <sshlockout>to any port = 2299 label "sshlockout" [ Evaluations: 33938 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log quick proto tcp from <webconfiguratorlockout>to any port = https label "webConfiguratorlockout" [ Evaluations: 11827 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in quick from <virusprot>to any label "virusprot overload table" [ Evaluations: 26564 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log quick on fxp0 from <bogons>to any label "block bogon networks from WAN" [ Evaluations: 26565 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in on ! fxp0 inet from 87.120.xxx.0/24 to any [ Evaluations: 26565 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in inet from 87.120.xxx.yyy to any [ Evaluations: 26565 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in on fxp0 inet6 from fe80::4e00:10ff:fe54:4632 to any [ Evaluations: 26565 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log quick on fxp0 inet from 10.0.0.0/8 to any label "block private networks from wan block 10/8" [ Evaluations: 19933 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log quick on fxp0 inet from 127.0.0.0/8 to any label "block private networks from wan block 127/8" [ Evaluations: 19933 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log quick on fxp0 inet from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12" [ Evaluations: 19933 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in log quick on fxp0 inet from 192.168.0.0/16 to any label "block private networks from wan block 192.168/16" [ Evaluations: 19933 Packets: 2766 Bytes: 237779 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in on ! re0 inet from 192.168.0.0/24 to any [ Evaluations: 23799 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in inet from 192.168.0.254 to any [ Evaluations: 23799 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] block drop in on re0 inet6 from fe80::21c:c0ff:fec4:da44 to any [ Evaluations: 23799 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in quick on re0 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" [ Evaluations: 6630 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in quick on re0 inet proto udp from any port = bootpc to 192.168.0.254 port = bootps keep state label "allow access to DHCP server" [ Evaluations: 1 Packets: 2 Bytes: 717 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass out quick on re0 inet proto udp from 192.168.0.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" [ Evaluations: 8218 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in on lo0 all flags S/SA keep state label "pass loopback" [ Evaluations: 31174 Packets: 4 Bytes: 536 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass out on lo0 all flags S/SA keep state label "pass loopback" [ Evaluations: 4 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass out all flags S/SA keep state allow-opts label "let out anything from firewall host itself" [ Evaluations: 31172 Packets: 266001 Bytes: 255650100 States: 79 ] [ Inserted: uid 0 pid 34968 ] pass out route-to (fxp0 87.120.xxx.y) inet from 87.120.xxx.yyy to ! 87.120.xxx.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself" [ Evaluations: 7376 Packets: 332423 Bytes: 246309331 States: 44 ] [ Inserted: uid 0 pid 34968 ] pass in quick on re0 proto tcp from any to (re0) port = http flags S/SA keep state label "anti-lockout rule" [ Evaluations: 31174 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in quick on re0 proto tcp from any to (re0) port = https flags S/SA keep state label "anti-lockout rule" [ Evaluations: 6 Packets: 443 Bytes: 189501 States: 1 ] [ Inserted: uid 0 pid 34968 ] pass in quick on re0 proto tcp from any to (re0) port = 2299 flags S/SA keep state label "anti-lockout rule" [ Evaluations: 3 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] anchor "userrules/*" all [ Evaluations: 31171 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in quick on fxp0 reply-to (fxp0 87.120.xxx.y) inet proto icmp from any to 87.120.xxx.yyy keep state label "USER_RULE" [ Evaluations: 31171 Packets: 19 Bytes: 1978 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in quick on fxp0 reply-to (fxp0 87.120.xxx.y) inet proto tcp from any to 87.120.xxx.yyy port = https flags S/SA keep state label "USER_RULE" [ Evaluations: 17154 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in quick on fxp0 reply-to (fxp0 87.120.xxx.y) inet proto tcp from any to 87.120.xxx.yyy port = 2299 flags S/SA keep state label "USER_RULE" [ Evaluations: 5999 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] pass in quick on re0 inet from 192.168.0.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule" dnpipe(1, 2) [ Evaluations: 24520 Packets: 323866 Bytes: 237555787 States: 54 ] [ Inserted: uid 0 pid 34968 ] anchor "tftp-proxy/*" all [ Evaluations: 24547 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] anchor "miniupnpd" all [ Evaluations: 24547 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ]</bogons></virusprot></webconfiguratorlockout></sshlockout></snort2c></snort2c>
pfctl -vsn
no nat proto carp all [ Evaluations: 7870 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] nat-anchor "natearly/*" all [ Evaluations: 7870 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] nat-anchor "natrules/*" all [ Evaluations: 7870 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] nat on fxp0 inet from 192.168.0.0/24 port = isakmp to any port = isakmp -> 87.120.xxx.yyy port 500 [ Evaluations: 7870 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] nat on fxp0 inet from 127.0.0.0/8 port = isakmp to any port = isakmp -> 87.120.xxx.yyy port 500 [ Evaluations: 245 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] nat on fxp0 inet from 192.168.0.0/24 to any -> 87.120.xxx.yyy port 1024:65535 [ Evaluations: 6838 Packets: 347150 Bytes: 259653965 States: 41 ] [ Inserted: uid 0 pid 34968 ] nat on fxp0 inet from 127.0.0.0/8 to any -> 87.120.xxx.yyy port 1024:65535 [ Evaluations: 245 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] no rdr proto carp all [ Evaluations: 33730 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] rdr-anchor "relayd/*" all [ Evaluations: 33730 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] rdr-anchor "tftp-proxy/*" all [ Evaluations: 33730 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ] rdr-anchor "miniupnpd" all [ Evaluations: 33730 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 34968 ]
pfctl -a miniupnpd -vsn
rdr pass quick on fxp0 inet proto tcp from any to any port = 51413 keep state label "Transmission at 51413" rtable 0 -> 192.168.0.10 port 51413 [ Evaluations: 34050 Packets: 270701 Bytes: 255875228 States: 81 ] [ Inserted: uid 0 pid 16714 ]