Re: [Dovecot] managesieve proxy cyrus

28 Jan 2009


      ...
Does Squirrelmail try to use STARTTLS? Having full session traffic logs
I don't think Squirrelmail is trying to use STARTTLS. But anyway I've
tried to trace the sieve connection protocol, you could find it in the
attachement. It's approximatively the same data, I've posted yesterday
with extra protocol tcp/ip :)
...
of when Squirrelmail is logging into Dovecot proxy and when logging into
Cyrus proxy would be helpful (ngrep, wireshark, etc). If Squirrelmail
uses STARTTLS, this doesn't really work though (but at least the logs
will reveal that it is doing STARTTLS). Also if it is doing that,
perhaps the issue is SASL PLAIN after all, since Dovecot proxy won't do
STARTTLS to the Cyrus.
Also if you set auth_debug=yes, what do you see in Dovecot logs when
attempting to log in?
Here is my dovecot log with auth_debug=yes :
Jan 28 09:31:24 myservername dovecot: auth(default): client in: AUTH   3
PLAIN   service=managesieve  secured  lip=127.0.0.1
rip=127.0.0.1   lport=2000      rport=42791     resp=<hidden>
Jan 28 09:31:24 myservername dovecot: auth-worker(default):
sql(imap2,127.0.0.1): query: SELECT NULL AS password, host, destuser,
'Y' as nopassword, 'Y' AS proxy FROM proxy WHERE user = 'imap2'
Jan 28 09:31:24 myservername dovecot: auth(default): client out: OK    3
user=imap2      host=138.138.138.138     destuser=imap2  proxy
pass=<hidden>
Jan 28 09:31:24 myservername dovecot: managesieve-login: Disconnected:
user=<imap2>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Jan 28 09:31:24 myservername dovecot: auth(default): new auth
connection: pid=4760
Frame 1 (74 bytes on wire, 74 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.796988000
Time delta from previous packet: 0.000000000 seconds
Time since reference or first frame: 0.000000000 seconds
Frame Number: 1
Packet Length: 74 bytes
Capture Length: 74 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 60
Identification: 0x7d21 (32033)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xa5f8 [correct]
Good: True
Bad : False
Source: IP_proxy_dovecot (IP_proxy_dovecot)
Destination: Ip_cyrus_server (Ip_cyrus_server)
Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 0, Len: 0
Source port: 53996 (53996)
Destination port: sieve (2000)
Sequence number: 0    (relative sequence number)
Header length: 40 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x384f [correct]
Options: (20 bytes)
Maximum segment size: 1460 bytes
SACK permitted
Time stamp: tsval 1185633227, tsecr 0
NOP
Window scale: 4 (multiply by 16)
Frame 2 (74 bytes on wire, 74 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.797024000
Time delta from previous packet: 0.000036000 seconds
Time since reference or first frame: 0.000036000 seconds
Frame Number: 2
Packet Length: 74 bytes
Capture Length: 74 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 60
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x231a [correct]
Good: True
Bad : False
Source: Ip_cyrus_server (Ip_cyrus_server)
Destination: IP_proxy_dovecot (IP_proxy_dovecot)
Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 0, Ack: 1, Len: 0
Source port: sieve (2000)
Destination port: 53996 (53996)
Sequence number: 0    (relative sequence number)
Acknowledgement number: 1    (relative ack number)
Header length: 40 bytes
Flags: 0x0012 (SYN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 5792
Checksum: 0x4004 [correct]
Options: (20 bytes)
Maximum segment size: 1460 bytes
SACK permitted
Time stamp: tsval 4156540679, tsecr 1185633227
NOP
Window scale: 0 (multiply by 1)
Frame 3 (66 bytes on wire, 66 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.797483000
Time delta from previous packet: 0.000459000 seconds
Time since reference or first frame: 0.000495000 seconds
Frame Number: 3
Packet Length: 66 bytes
Capture Length: 66 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0x7d22 (32034)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xa5ff [correct]
Good: True
Bad : False
Source: IP_proxy_dovecot (IP_proxy_dovecot)
Destination: Ip_cyrus_server (Ip_cyrus_server)
Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 1, Ack: 1, Len: 0
Source port: 53996 (53996)
Destination port: sieve (2000)
Sequence number: 1    (relative sequence number)
Acknowledgement number: 1    (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5840 (scaled)
Checksum: 0x83fb [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 1185633228, tsecr 4156540679
Frame 4 (259 bytes on wire, 259 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.798489000
Time delta from previous packet: 0.001006000 seconds
Time since reference or first frame: 0.001501000 seconds
Frame Number: 4
Packet Length: 259 bytes
Capture Length: 259 bytes
Protocols in frame: eth:ip:tcp:skinny:data
Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 245
Identification: 0x389b (14491)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xe9c5 [correct]
Good: True
Bad : False
Source: Ip_cyrus_server (Ip_cyrus_server)
Destination: IP_proxy_dovecot (IP_proxy_dovecot)
Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 1, Ack: 1, Len: 193
Source port: sieve (2000)
Destination port: 53996 (53996)
Sequence number: 1    (relative sequence number)
Next sequence number: 194    (relative sequence number)
Acknowledgement number: 1    (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5792
Checksum: 0x6e54 [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 4156540680, tsecr 1185633228
Data (193 bytes)
0000  22 49 4d 50 4c 45 4d 45 4e 54 41 54 49 4f 4e 22   "IMPLEMENTATION"
0010  20 22 43 79 72 75 73 20 74 69 6d 73 69 65 76 65    "Cyrus timsieve
0020  64 20 76 32 2e 32 2e 31 32 22 0d 0a 22 53 41 53   d v2.2.12".."SAS
0030  4c 22 20 22 50 4c 41 49 4e 22 0d 0a 22 53 49 45   L" "PLAIN".."SIE
0040  56 45 22 20 22 66 69 6c 65 69 6e 74 6f 20 72 65   VE" "fileinto re
0050  6a 65 63 74 20 65 6e 76 65 6c 6f 70 65 20 76 61   ject envelope va
0060  63 61 74 69 6f 6e 20 69 6d 61 70 66 6c 61 67 73   cation imapflags
0070  20 6e 6f 74 69 66 79 20 73 75 62 61 64 64 72 65    notify subaddre
0080  73 73 20 72 65 6c 61 74 69 6f 6e 61 6c 20 63 6f   ss relational co
0090  6d 70 61 72 61 74 6f 72 2d 69 3b 61 73 63 69 69   mparator-i;ascii
00a0  2d 6e 75 6d 65 72 69 63 20 72 65 67 65 78 22 0d   -numeric regex".
00b0  0a 22 53 54 41 52 54 54 4c 53 22 0d 0a 4f 4b 0d   ."STARTTLS"..OK.
00c0  0a                                                .
Frame 5 (66 bytes on wire, 66 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.799363000
Time delta from previous packet: 0.000874000 seconds
Time since reference or first frame: 0.002375000 seconds
Frame Number: 5
Packet Length: 66 bytes
Capture Length: 66 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0x7d23 (32035)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xa5fe [correct]
Good: True
Bad : False
Source: IP_proxy_dovecot (IP_proxy_dovecot)
Destination: Ip_cyrus_server (Ip_cyrus_server)
Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 1, Ack: 194, Len: 0
Source port: 53996 (53996)
Destination port: sieve (2000)
Sequence number: 1    (relative sequence number)
Acknowledgement number: 194    (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 6912 (scaled)
Checksum: 0x82f5 [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 1185633229, tsecr 4156540680
Frame 6 (107 bytes on wire, 107 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.800109000
Time delta from previous packet: 0.000746000 seconds
Time since reference or first frame: 0.003121000 seconds
Frame Number: 6
Packet Length: 107 bytes
Capture Length: 107 bytes
Protocols in frame: eth:ip:tcp:skinny:data
Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 93
Identification: 0x7d24 (32036)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xa5d4 [correct]
Good: True
Bad : False
Source: IP_proxy_dovecot (IP_proxy_dovecot)
Destination: Ip_cyrus_server (Ip_cyrus_server)
Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 1, Ack: 194, Len: 41
Source port: 53996 (53996)
Destination port: sieve (2000)
Sequence number: 1    (relative sequence number)
Next sequence number: 42    (relative sequence number)
Acknowledgement number: 194    (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 6912 (scaled)
Checksum: 0xdee3 [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 1185633230, tsecr 4156540680
Data (41 bytes)
0000  41 55 54 48 45 4e 54 49 43 41 54 45 20 22 50 4c   AUTHENTICATE "PL
0010  41 49 4e 22 20 22 41 47 6c 74 59 58 41 79 41 47   AIN" "AGltYXAyAG
0020  6c 74 59 58 41 79 22 0d 0a                        ltYXAy"..
Frame 7 (66 bytes on wire, 66 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.800129000
Time delta from previous packet: 0.000020000 seconds
Time since reference or first frame: 0.003141000 seconds
Frame Number: 7
Packet Length: 66 bytes
Capture Length: 66 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0x389c (14492)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xea85 [correct]
Good: True
Bad : False
Source: Ip_cyrus_server (Ip_cyrus_server)
Destination: IP_proxy_dovecot (IP_proxy_dovecot)
Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 194, Ack: 42, Len: 0
Source port: sieve (2000)
Destination port: 53996 (53996)
Sequence number: 194    (relative sequence number)
Acknowledgement number: 42    (relative ack number)
Header length: 32 bytes
Flags: 0x0010 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5792
Checksum: 0x6ddb [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 4156540680, tsecr 1185633230
Frame 8 (70 bytes on wire, 70 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.822573000
Time delta from previous packet: 0.022444000 seconds
Time since reference or first frame: 0.025585000 seconds
Frame Number: 8
Packet Length: 70 bytes
Capture Length: 70 bytes
Protocols in frame: eth:ip:tcp:skinny
Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 56
Identification: 0x389d (14493)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xea80 [correct]
Good: True
Bad : False
Source: Ip_cyrus_server (Ip_cyrus_server)
Destination: IP_proxy_dovecot (IP_proxy_dovecot)
Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 194, Ack: 42, Len: 4
Source port: sieve (2000)
Destination port: 53996 (53996)
Sequence number: 194    (relative sequence number)
Next sequence number: 198    (relative sequence number)
Acknowledgement number: 42    (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5792
Checksum: 0x1178 [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 4156540682, tsecr 1185633230
[Malformed Packet: SKINNY]
Frame 9 (66 bytes on wire, 66 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.823219000
Time delta from previous packet: 0.000646000 seconds
Time since reference or first frame: 0.026231000 seconds
Frame Number: 9
Packet Length: 66 bytes
Capture Length: 66 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0x7d25 (32037)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xa5fc [correct]
Good: True
Bad : False
Source: IP_proxy_dovecot (IP_proxy_dovecot)
Destination: Ip_cyrus_server (Ip_cyrus_server)
Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 42, Ack: 198, Len: 0
Source port: 53996 (53996)
Destination port: sieve (2000)
Sequence number: 42    (relative sequence number)
Acknowledgement number: 198    (relative ack number)
Header length: 32 bytes
Flags: 0x0011 (FIN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Window size: 6912 (scaled)
Checksum: 0x82ad [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 1185633253, tsecr 4156540682
Frame 10 (88 bytes on wire, 88 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.823267000
Time delta from previous packet: 0.000048000 seconds
Time since reference or first frame: 0.026279000 seconds
Frame Number: 10
Packet Length: 88 bytes
Capture Length: 88 bytes
Protocols in frame: eth:ip:tcp:skinny:data
Ethernet II, Src: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e), Dst: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Destination: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Internet Protocol, Src: Ip_cyrus_server (Ip_cyrus_server), Dst: IP_proxy_dovecot (IP_proxy_dovecot)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 74
Identification: 0x389e (14494)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xea6d [correct]
Good: True
Bad : False
Source: Ip_cyrus_server (Ip_cyrus_server)
Destination: IP_proxy_dovecot (IP_proxy_dovecot)
Transmission Control Protocol, Src Port: sieve (2000), Dst Port: 53996 (53996), Seq: 198, Ack: 43, Len: 22
Source port: sieve (2000)
Destination port: 53996 (53996)
Sequence number: 198    (relative sequence number)
Next sequence number: 220    (relative sequence number)
Acknowledgement number: 43    (relative ack number)
Header length: 32 bytes
Flags: 0x0018 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5792
Checksum: 0xfd20 [correct]
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 4156540682, tsecr 1185633253
Data (22 bytes)
0000  4f 4b 20 22 4c 6f 67 6f 75 74 20 43 6f 6d 70 6c   OK "Logout Compl
0010  65 74 65 22 0d 0a                                 ete"..
Frame 11 (60 bytes on wire, 60 bytes captured)
Arrival Time: Jan 28, 2009 09:31:24.823844000
Time delta from previous packet: 0.000577000 seconds
Time since reference or first frame: 0.026856000 seconds
Frame Number: 11
Packet Length: 60 bytes
Capture Length: 60 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f), Dst: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Destination: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
Address: Dell_1e:1e:1e (1e:1e:1e:1e:1e:1e)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Source: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
Address: Xensourc_1f:1f:1f (1f:1f:1f:1f:1f:1f)
.... ...0 .... .... .... .... = Multicast: This is a UNICAST frame
.... ..0. .... .... .... .... = Locally Administrated Address: This is a FACTORY DEFAULT address
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: IP_proxy_dovecot (IP_proxy_dovecot), Dst: Ip_cyrus_server (Ip_cyrus_server)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x232e [correct]
Good: True
Bad : False
Source: IP_proxy_dovecot (IP_proxy_dovecot)
Destination: Ip_cyrus_server (Ip_cyrus_server)
Transmission Control Protocol, Src Port: 53996 (53996), Dst Port: sieve (2000), Seq: 43, Len: 0
Source port: 53996 (53996)
Destination port: sieve (2000)
Sequence number: 43    (relative sequence number)
Header length: 20 bytes
Flags: 0x0004 (RST)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 0
Checksum: 0x5148 [correct]

Re: [Dovecot] managesieve proxy cyrus

Mathieu Kretchner