-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm migrating to a cable-modem internet connection, and am getting all the external junk that goes along with the 'shared' nature of this type of link.
I'd like to drop a bunch of junk that's currently getting logged, but am not sure the best way to do this with shorewall. The packets giving me problems have a random (assigned by my not-so-net-savvy 'neighbors') source addressses, and broadcast destination addresses (ie: windows DHCP broadcasts for internal LANs that get sent out the external interface): Nov 11 20:39:23 morpheus kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:57:01:3f:a1:08:00 SRC=10.255.96.1 DST=255.255.255.255 LEN=328 TOS=0x06 PREC=0x00 TTL=16 ID=0 PROTO=UDP SPT=67 DPT=68 LEN=308 <and more like this with differnet source IP/MAC> I figure there's a graceful way to drop this stuff in shorewall, I'm just not seeing it. I'd put it in the blacklist file, but that filters by source IP, which is subject to change. I really want to be able to filter by protocol, source and/or dest port, and destination IP, before the traffic hits the rfc1918 rule with is causing the logging (I still want to log *OTHER* rfc1918 traffic that shows up at my external interface, just drop the DHCP replies). What's the "right" way to do this in shorewall? - -- Charles Steinkuehler [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFDdVSALywbqEHdNFwRAjuyAKDNnpj+1fRxWHeLuWQGns8Z6TVRhQCgra9p 1uixNJ2b5N0aHPp1H+c9w/w= =7wVL -----END PGP SIGNATURE----- ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
