At 09:50 PM 12/28/01 +0100, Jan Linders wrote: >Hello all, > >can someone tell me why i receive a lot of DENY messages for >certain IP-Addresses and ports. I've upgraded to the latest LRP and Linux >version 2.2.19.
Only in general terms. The packets you list below are either broadcast (255) or multicast (224 and up) packets that your firewall is set up to DENY and log. Examples extracted from your more complete list are: >Dec 28 20:17:57 firewall kernel: Packet log: input DENY eth0 PROTO=17 >192.168.0.4:1255 255.255.255.255:161 L=84 S=0x00 I=10151 F=0x0000 T=128 >(#10) >Dec 28 20:18:55 firewall kernel: Packet log: input DENY eth0 PROTO=2 >213.51.167.84:65535 224.0.0.22:65535 L=40 S=0x00 I=35 F=0x0000 T=1 >O=0x00000494 (#40) All the actual broadcast packets I spotted were from private addresses, which probably means that someone else on the cable-modem WAN has a misconfigured firewall. The address range for the multicast packets is rather large for a single cable-modem WAN, but your belief (as stated below) about them might be right nonetheless. >I'm linked to a CABLE modem. If this is the reason (I'm receiving >packets from other users on the same Cable segment), is there a way >to remove these DENY messages from the log ? Sure. Just change the rule that blocks the packets so it doesn't log them. Unfortunately, idenfifying your system as "the latest LRP" doesn't really tell us what you are using -- do you really mean (official) "LRP" (the "latest" I know of is 2.9.8, but I haven't been keeping up with Dave's work), or do you mean DachSetin or Oxygen? You'll need to tell us which of these you meant, so someone familiar with its specifics can tell you where to make the change you want. >See DENY messages below. [log details deleted] -- ------------------------------------"Never tell me the odds!"--- Ray Olszewski -- Han Solo Palo Alto, CA [EMAIL PROTECTED] ---------------------------------------------------------------- _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
