Simon Kelley on 16/05/08 19:48, wrote:
Adam Hardy wrote:
Hi,
I set up iptables myself today after using an obtusely written script
for some time.
I am trying to work out whether everything is in order and I am seeing
logs from iptables saying that it is dropping packets from the machine
every 12 minutes, which doesn't make sense - here's a line from the log:
May 16 19:21:10 isengard kernel: dropped from OUTPUT IN= OUT=eth1
SRC=192.168.0.2 DST=192.168.0.255 LEN=237 TOS=0x00 PREC=0x00 TTL=64
ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=217
Are you running Samba?
thekelleys:~# grep 138 /etc/services
netbios-dgm 138/tcp # NETBIOS Datagram Service
netbios-dgm 138/udp
Yes indeed. I see. OK. I can't see any reference to 192.168.0.255 in the samba
config. Before you say it, I guess my config is slightly wrong. I just twigged
that since 192.168.0.255 is configured as the broadcast address for the NIC on
the LAN, samba must see that, as does every NIC on the LAN and so I have to
enable the LAN to broadcast to the gateway, and in fact the gateway to broadcast
to the LAN ... which must require an OUTPUT rule to let it through.
Thanks for the clue,
regards
Adam
