Howdy all,
I have a pretty simple iptables setup. Basically, I permit anything
returning to my box that I initiated and then I permit some other
machines on my private network to do nfs to me and so on.
What's weird is that I'm getting logs of, what appears to be, denied
http return traffic from dictionary.com? I can't quite figure out if
perhaps I have an app (like maybe galeon?) that is initiating this and
maybe it's slow enough that iptables doesn't see it as being
established?
Here's a snippet of the logs.
Jan 30 10:50:01 [kernel] FW_INPUT IN=eth0 OUT=
MAC=00:b0:d0:23:d9:34:00:a0:c9:0d:e6:1b:08:00 SRC=66.161.12.81
DST=10.252.238.73 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=0 DF PROTO=TCP
SPT=80 DPT=38408 WINDOW=0 RES=0x00 RST URGP=0
Jan 30 11:00:01 [kernel] FW_INPUT IN=eth0 OUT=
MAC=00:b0:d0:23:d9:34:00:a0:c9:0d:e6:1b:08:00 SRC=66.161.12.81
DST=10.252.238.73 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=0 DF PROTO=TCP
SPT=80 DPT=38421 WINDOW=0 RES=0x00 RST URGP=0
Thanks,
Shane
--
[EMAIL PROTECTED] mailing list
