[ILUG] odd shorewall behaviour
Brian Brazil
bbrazil at netsoc.tcd.ie
Mon Feb 7 12:16:39 GMT 2005
On Fri, Feb 04, 2005 at 06:55:20PM +0000, Gavin McCullagh wrote:
> Here are logs of one of his connections (they all look alike) and a couple
> of mine.
>
> # Log of his refusal on ssh
> Feb 4 18:22:59 robin kernel: Shorewall:rfc1918:DROP:IN=ppp0 OUT= MAC=
^^^^^^^
> SRC=83.39.XX.XXX DST=194.46.XX.XXX LEN=44 TOS=0x10 PREC=0x00 TTL=50
^^^^^^^^^^^^^^^^^^
> ID=17763 DF PROTO=TCP SPT=14770 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Thats just not right. The rfc1918 option in shorewll (in the interfaces
file) should only be blocking 10/8, 172.16/12 and 192.168/16.
Could you provide the output of 'shorewall status'?
Brian
--
Website: http://netsoc.tcd.ie/~bbrazil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 185 bytes
Desc: not available
Url : http://mail.linux.ie/pipermail/ilug/attachments/20050207/a4f19d2d/attachment.pgp
More information about the ILUG
mailing list