NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
Hi,
This is the promised FreeBSD tcpdump session:
First a ping from Termux on the phone, and then an ssh session from the phone after password input (under Termux):
I see some 1.1.1.1, perhaps DNS...
root@freebsd-nuc8i7:/home/ramiro # tcpdump -n -i wg0 host 44.27.132.76
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on wg0, link-type NULL (BSD loopback), snapshot length 262144 bytes
11:59:15.870087 IP 90.167.219.169 > 44.27.132.76: ICMP echo request, id 3408, seq 1, length 64
11:59:15.870101 IP 44.27.132.76 > 90.167.219.169: ICMP echo reply, id 3408, seq 1, length 64
11:59:18.982409 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [S], seq 1145659086, win 65535, options [mss 1410,sackOK,TS val 856158644 ecr 0,nop,wscale 10], length 0
11:59:18.982435 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [S.], seq 604954042, ack 1145659087, win 65535, options [mss 1340,nop,wscale 8,sackOK,TS val 2301518137 ecr 856158644], length 0
11:59:19.152136 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 1, win 86, options [nop,nop,TS val 856158814 ecr 2301518137], length 0
11:59:19.160469 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 1:23, ack 1, win 86, options [nop,nop,TS val 856158818 ecr 2301518137], length 22: SSH: SSH-2.0-OpenSSH_10.2
11:59:19.160910 IP 44.27.132.76.12803 > 1.1.1.1.53: 1358+ PTR? 169.219.167.90.in-addr.arpa. (45)
11:59:19.202603 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [.], ack 23, win 257, options [nop,nop,TS val 2301518357 ecr 856158818], length 0
11:59:19.225134 IP 1.1.1.1.53 > 44.27.132.76.12803: 1358 1/0/0 PTR 169.pool90-167-219.static.orange.es. (94)
11:59:19.225410 IP 44.27.132.76.43824 > 1.1.1.1.53: 61806+ A? 169.pool90-167-219.static.orange.es. (53)
11:59:19.352579 IP 1.1.1.1.53 > 44.27.132.76.43824: 61806 1/0/0 A 90.167.219.169 (69)
11:59:19.352733 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 1:40, ack 23, win 257, options [nop,nop,TS val 2301518507 ecr 856158818], length 39: SSH: SSH-2.0-OpenSSH_10.0 FreeBSD-20250801
11:59:19.522262 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 40, win 86, options [nop,nop,TS val 856159184 ecr 2301518507], length 0
11:59:19.522295 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 40:1080, ack 23, win 257, options [nop,nop,TS val 2301518677 ecr 856159184], length 1040
11:59:19.540481 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], seq 23:1351, ack 40, win 86, options [nop,nop,TS val 856159187 ecr 2301518507], length 1328
11:59:19.541218 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 1351:1591, ack 40, win 86, options [nop,nop,TS val 856159189 ecr 2301518507], length 240
11:59:19.541231 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [.], ack 1591, win 256, options [nop,nop,TS val 2301518696 ecr 856159187], length 0
11:59:19.740407 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 1591:2823, ack 1080, win 89, options [nop,nop,TS val 856159382 ecr 2301518677], length 1232
11:59:19.748305 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [.], seq 1080:2408, ack 2823, win 257, options [nop,nop,TS val 2301518903 ecr 856159382], length 1328
11:59:19.748309 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 2408:2660, ack 2823, win 257, options [nop,nop,TS val 2301518903 ecr 856159382], length 252
11:59:19.932141 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 2660, win 94, options [nop,nop,TS val 856159589 ecr 2301518903], length 0
11:59:19.990239 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 2823:2907, ack 2660, win 94, options [nop,nop,TS val 856159642 ecr 2301518903], length 84
11:59:20.065367 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [.], ack 2907, win 257, options [nop,nop,TS val 2301519220 ecr 856159642], length 0
11:59:20.232286 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 2907:2951, ack 2660, win 94, options [nop,nop,TS val 856159897 ecr 2301519220], length 44
11:59:20.232410 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 2660:2704, ack 2951, win 257, options [nop,nop,TS val 2301519387 ecr 856159897], length 44
11:59:20.410154 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 2951:3019, ack 2704, win 94, options [nop,nop,TS val 856160064 ecr 2301519387], length 68
11:59:20.410585 IP 44.27.132.76.58571 > 1.1.1.1.53: 45437+ PTR? 169.219.167.90.in-addr.arpa. (45)
11:59:20.490312 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [.], ack 3019, win 257, options [nop,nop,TS val 2301519645 ecr 856160064], length 0
11:59:20.507248 IP 1.1.1.1.53 > 44.27.132.76.58571: 45437 1/0/0 PTR 169.pool90-167-219.static.orange.es. (94)
11:59:20.507459 IP 44.27.132.76.15545 > 1.1.1.1.53: 10122+ A? 169.pool90-167-219.static.orange.es. (53)
11:59:20.631596 IP 1.1.1.1.53 > 44.27.132.76.15545: 10122 1/0/0 A 90.167.219.169 (69)
11:59:20.634352 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 2704:2984, ack 3019, win 257, options [nop,nop,TS val 2301519789 ecr 856160064], length 280
11:59:20.820221 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 3019:3111, ack 2984, win 97, options [nop,nop,TS val 856160467 ecr 2301519789], length 92
11:59:20.822669 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 2984:3068, ack 3111, win 257, options [nop,nop,TS val 2301519977 ecr 856160467], length 84
11:59:21.032105 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 3068, win 97, options [nop,nop,TS val 856160695 ecr 2301519977], length 0
11:59:27.001110 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 3111:3195, ack 3068, win 97, options [nop,nop,TS val 856166635 ecr 2301519977], length 84
11:59:27.006150 IP 44.27.132.76.23721 > 1.1.1.1.53: 33661+ A? 169.pool90-167-219.static.orange.es. (53)
11:59:27.064139 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [.], ack 3195, win 257, options [nop,nop,TS val 2301526219 ecr 856166635], length 0
11:59:27.100246 IP 1.1.1.1.53 > 44.27.132.76.23721: 33661 1/0/0 A 90.167.219.169 (69)
11:59:27.100365 IP 44.27.132.76.16104 > 1.1.1.1.53: 26919+ AAAA? 169.pool90-167-219.static.orange.es. (53)
11:59:27.196095 IP 1.1.1.1.53 > 44.27.132.76.16104: 26919 0/1/0 (137)
11:59:27.196545 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 3068:3112, ack 3195, win 257, options [nop,nop,TS val 2301526351 ecr 856166635], length 44
11:59:27.372299 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 3112, win 97, options [nop,nop,TS val 856167029 ecr 2301526351], length 0
11:59:27.380302 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 3195:3279, ack 3112, win 97, options [nop,nop,TS val 856167029 ecr 2301526351], length 84
11:59:27.380632 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 3112:3140, ack 3279, win 257, options [nop,nop,TS val 2301526535 ecr 856167029], length 28
11:59:27.560056 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 3279:3391, ack 3140, win 97, options [nop,nop,TS val 856167214 ecr 2301526535], length 112
11:59:27.560105 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 3140:3768, ack 3391, win 257, options [nop,nop,TS val 2301526715 ecr 856167214], length 628
11:59:27.782239 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 3768, win 99, options [nop,nop,TS val 856167439 ecr 2301526715], length 0
11:59:27.782254 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 3768:3812, ack 3391, win 257, options [nop,nop,TS val 2301526937 ecr 856167439], length 44
11:59:27.952156 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 3812, win 99, options [nop,nop,TS val 856167614 ecr 2301526937], length 0
11:59:27.960230 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [P.], seq 3391:3851, ack 3812, win 99, options [nop,nop,TS val 856167615 ecr 2301526937], length 460
11:59:27.962876 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 3812:3920, ack 3851, win 257, options [nop,nop,TS val 2301527117 ecr 856167615], length 108
11:59:27.963367 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 3920:4420, ack 3851, win 257, options [nop,nop,TS val 2301527118 ecr 856167615], length 500
11:59:27.963401 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 4420:5008, ack 3851, win 257, options [nop,nop,TS val 2301527118 ecr 856167615], length 588
11:59:27.970470 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 5008:5156, ack 3851, win 257, options [nop,nop,TS val 2301527125 ecr 856167615], length 148
11:59:27.970857 IP 44.27.132.76.22 > 90.167.219.169.3411: Flags [P.], seq 5156:5216, ack 3851, win 257, options [nop,nop,TS val 2301527125 ecr 856167615], length 60
11:59:28.142169 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 4420, win 102, options [nop,nop,TS val 856167796 ecr 2301527117], length 0
11:59:28.142304 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 5156, win 107, options [nop,nop,TS val 856167802 ecr 2301527118], length 0
11:59:28.188147 IP 90.167.219.169.3411 > 44.27.132.76.22: Flags [.], ack 5216, win 107, options [nop,nop,TS val 856167847 ecr 2301527125], length 0
^C
59 packets captured
59 packets received by filter
0 packets dropped by kernel
root@freebsd-nuc8i7:/home/ramiro #
root@freebsd-nuc8i7:/home/ramiro # netstat -rn
Routing tables
Internet:
Destination Gateway Flags Netif Expire
0.0.0.0/1 link#3 US wg0
default 192.168.1.1 UGS em0
44.27.132.76 link#2 UH lo0
44.27.227.1 192.168.1.1 UGHS em0
127.0.0.1 link#2 UH lo0
128.0.0.0/1 link#3 US wg0
192.168.1.0/24 link#1 U em0
192.168.1.200 link#2 UHS lo0
Internet6:
Destination Gateway Flags Netif Expire
::/96 link#2 URS lo0
::/1 link#3 US wg0
::1 link#2 UHS lo0
::ffff:0.0.0.0/96 link#2 URS lo0
8000::/1 link#3 US wg0
fe80::%lo0/10 link#2 URS lo0
fe80::%lo0/64 link#2 U lo0
fe80::1%lo0 link#2 UHS lo0
fe80::644d:cf7a:c00:bae9%lo0 link#2 UHS lo0
ff02::/16 link#2 URS lo0
root@freebsd-nuc8i7:/home/ramiro #
Thanks.
Ramiro.
Home |
Main Index |
Thread Index |
Old Index