Troubleshooting: Unterschied zwischen den Versionen

Version vom 29. Oktober 2020, 08:01 Uhr

DHCP

Wie finde ich heraus ob meine Checkpoint die DHCP Requests blockiert?

[Expert@CP_Test:0]# fw ctl zdebug + drop | grep :67
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped b y fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped b y fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped b y fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 192.168.1.117:68 -> 255.255.255.255:67 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 192.168.1.1:67 -> 255.255.255.255:68 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 29;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped by fw_handle_first_packet Reason: Rulebase reject - rule 28;
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=17 0.0.0.0:68 -> 255.255.255.255:67 dropped by

[Expert@CP_Test:0]# tcpdump -nnnei eth7 port 67 or 68
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth7, link-type EN10MB (Ethernet), capture size 96 bytes
11:36:12.842806 d0:d3:e0:c8:41:bc > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 526: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from d0:d3:e0:c 8:41:bc, length: 484
11:36:14.552714 d0:d3:e0:c8:41:bc > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 526: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from d0:d3:e0:c 8:41:bc, length: 484
11:36:16.192722 d0:d3:e0:c8:41:bc > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 526: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from d0:d3:e0:c 8:41:bc, length: 484
11:36:17.488312 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8 e:32:c0, length: 316
11:36:19.500903 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8 e:32:c0, length: 316
11:36:23.525974 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8 e:32:c0, length: 316
11:36:31.576122 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8 e:32:c0, length: 316
11:36:38.428793 d0:d3:e0:c8:41:bc > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 526: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from d0:d3:e0:c 8:41:bc, length: 484
11:36:40.402802 d0:d3:e0:c8:41:bc > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 526: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from d0:d3:e0:c 8:41:bc, length: 484
11:36:42.408770 d0:d3:e0:c8:41:bc > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 526: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from d0:d3:e0:c 8:41:bc, length: 484
11:36:48.703262 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8e:32:c0, length: 316
11:36:50.715754 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8e:32:c0, length: 316
11:36:54.740823 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8e:32:c0, length: 316
11:37:02.791062 90:fb:5b:8e:32:c0 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 358: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 90:fb:5b:8e:32:c0, length: 316
fw_handle_first_packet Reason: Rulebase reject - rule 28;
</per>

Troubleshooting: Unterschied zwischen den Versionen

Version vom 29. Oktober 2020, 08:01 Uhr

DHCP

Wie finde ich heraus ob meine Checkpoint die DHCP Requests blockiert?

Navigationsmenü

Suche