I'm temporarily on dialup after my ADSL router/modem died. The ADSL router/modem used to drop all the garbage aimed my ports 135, 445, 1434, etc. Iptables never saw it. Now that I'm on dialup, iptables does see the garbage, and so do I, on my current console...
IN=ppp0 OUT= MAC= SRC=208.65.244.98 DST=208.65.247.240 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=33631 DF PROTO=TCP SPT=3961 DPT=445 WINDOW=8760 RES=0x00 SYN URGP=0 IN=ppp0 OUT= MAC= SRC=208.65.244.98 DST=208.65.247.240 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=35461 DF PROTO=TCP SPT=1042 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0 IN=ppp0 OUT= MAC= SRC=208.65.244.98 DST=208.65.247.240 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=35677 DF PROTO=TCP SPT=1042 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0 The line in /var/lib/iptables/rules-save that triggers this is... -A TCP_IN -p tcp -m tcp --dport 0:1023 -j DROP_LOG And the DROP_LOG rules are... -A DROP_LOG -j LOG --log-level 6 -A DROP_LOG -j DROP In the past, I did not have this problem when on dialup. I expect to be back up on ADSL tomorrow evening, but I do want this solved. The most recent change on my system was the upgrade to gcc 4.1.1, and the accompanying rebuild of system and world, a few days ago. -- Walter Dnes <[EMAIL PROTECTED]> In linux /sbin/init is Job #1 My musings on technology and security at http://tech_sec.blog.ca -- gentoo-user@gentoo.org mailing list
