[psad-discuss] [psad-status] firewall setup warning on xxxxxx!

Mon, 30 Aug 2010 06:34:29 -0700 

  Hi,
     I have received this warning today: "[psad-status] firewall setup 
warning on xxxxxx!". It's the first time and I use psad for over a year.
     My iptables LOG policy is the next:
_________________________________________________________________________________________
$ sudo iptables -L

    Chain INPUT (policy DROP)
    target     prot opt source               destination
    ......
    LOG_FILTER  all  --  anywhere             anywhere
    LOG        all  --  anywhere             anywhere            LOG
    level info prefix `Unknown Input'

    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    ......
    LOG_FILTER  all  --  anywhere             anywhere
    LOG        all  --  anywhere             anywhere            LOG
    level info prefix `Unknown Forward'

    Chain OUTPUT (policy DROP)
    target     prot opt source               destination
    ......
    LOG_FILTER  all  --  anywhere             anywhere
    LOG        all  --  anywhere             anywhere            LOG
    level info prefix `Unknown Output'

    Chain LOG_FILTER (5 references)
    target     prot opt source               destination

    Chain LSI (52 references)
    target     prot opt source               destination
    LOG_FILTER  all  --  anywhere             anywhere
    LOG        tcp  --  anywhere             anywhere            tcp
    flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info
    prefix `Inbound '
    LOG        tcp  --  anywhere             anywhere            tcp
    flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info
    prefix `Inbound '
    LOG        icmp --  anywhere             anywhere            icmp
    echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
    LOG        all  --  anywhere             anywhere            limit:
    avg 5/sec burst 5 LOG level info prefix `Inbound '
    ......

    Chain LSO (0 references)
    target     prot opt source               destination
    LOG_FILTER  all  --  anywhere             anywhere
    LOG        all  --  anywhere             anywhere            limit:
    avg 5/sec burst 5 LOG level info prefix `Outbound '
    ......

_________________________________________________________________________________________

Isn't it correct?
Regards.

------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
psad-discuss mailing list
psad-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/psad-discuss

Reply via email to