On Sat, 21 Jun 2003, Subba Rao wrote: > > I am using iptables on my system. It is very basic setup that denies all > outside connections. When an outside connection is attempted, the packet is > dropped and logged into the syslog. When I run tcpdump on the same interface, > I do see a lot of ARP requests and bootps/bootpc (UDP) requests. Why are these > attempts not logged into syslog? > > Is it because ARP requests are a lower level protocol? > > Another question is, when a legitimate packet is allowed and climbing the > TCP/IP stack, who (iptables or tcpdump) gets to see the packet first?
Can you post the output of "iptables -L -v" here? I guess these packets are not filtered, as ARPs are essential for IP communication and UDP packets might be related to some established connection. The notion of "outside connection" is only directly relevant to TCP. Alon -- This message was sent by Alon Altman ([EMAIL PROTECTED]) ICQ:1366540 GPG public key at http://alon.wox.org/pubkey.txt Key fingerprint = A670 6C81 19D3 3773 3627 DE14 B44A 50A3 FE06 7F24 -------------------------------------------------------------------------- -=[ Random Fortune ]=- Frankly, Scarlett, I don't have a fix. -- Rhett Buggler ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
