[newbie] Shorewall messages

Mon, 04 Jul 2005 17:55:15 -0700 

Thanks to the good people on this list, I finally made the jump from dial up 
to cable last month. At the same time, I set up a small network. So far, we 
only do connection sharing. All in all, it has gone quite well. Well, 
sorta...

One of the things that I've noticed is that my messages log is getting crammed 
with entries from shorewall, growing to 968553 bytes in less than 40 hours of 
up time. Here is a brief sample from early yesterday morning:

Jul  3 02:06:46 localhost kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= MAC= 
SRC=192.168.1.100 DST=192.168.1.255 LEN=147 TOS=0x00 PREC=0x00 TTL=64 ID=13 
DF PROTO=UDP SPT=631 DPT=631 LEN=127 

Jul  3 02:07:17 localhost kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= MAC= 
SRC=192.168.1.100 DST=192.168.1.255 LEN=147 TOS=0x00 PREC=0x00 TTL=64 ID=14 
DF PROTO=UDP SPT=631 DPT=631 LEN=127 

Jul  3 02:07:48 localhost kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= MAC= 
SRC=192.168.1.100 DST=192.168.1.255 LEN=147 TOS=0x00 PREC=0x00 TTL=64 ID=15 
DF PROTO=UDP SPT=631 DPT=631 LEN=127 

Jul  3 02:08:19 localhost kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= MAC= 
SRC=192.168.1.100 DST=192.168.1.255 LEN=147 TOS=0x00 PREC=0x00 TTL=64 ID=16 
DF PROTO=UDP SPT=631 DPT=631 LEN=127 

(All of the ensuing messages are identical except for the ID.)

I am running Mandriva 10.1. The box is connected to a Linksys WRT54G router 
via CAT cable using an on-board NIC at the 192.168.1.100 address. The router 
is connected to a cable modem and then out to the world. Since I am not 
running any servers here, both shorewall and the Linksys firewall are set up 
accordingly. There are two other computers connected to the router -- another 
Mandriva 10.1 box w/shorewall on a hard wired connection, and a miniMac on a 
wireless connection. The miniMac is restricted to the router's SSID, and the 
router will only talk to the miniMac's MAC address.

Questions:
1. Are these messages worrisome? If so, what measures should I take?

2. If these messages are not indicative of a problem, but rather just part of 
running an always on connection, can I either dump these messages or have 
them written someplace else?

Your advice is solicited.

-- cmg


____________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://store.mandriva.com
Join the Club : http://www.mandrivaclub.com
____________________________________________________

Reply via email to