I will take a stab Log entry 1 is comming in on eth0, and machine 192.168.1.4 is making a bootp/dhcp request, which you machine is reject.
Log entry 1 is going out on eth0 from 192.168.1.2 which is a reply to the boot/DHCP request from before. Note from memory the dchp server attachs to the interface in such a way that netfilter can't stop it. Why this happens when you loose conection not sure. A On Fri, Feb 27, 2004 at 01:41:33PM +1100, Alan L Tyree wrote: > What does this mean? I have a modem connection that times out after 5 > hours - dial on demand. When it restarts, my firewall log shows *lot* of > these entries: > > Feb 27 13:22:42 kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= > MAC=00:20:35:73:71:2a:00:50:bf:e6:77:b1:08:00 SRC=192.168.1.4 > DST=192.168.1.2 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP > SPT=68 DPT=67 LEN=308 > > Feb 27 13:22:42 kernel: Shorewall:all2all:REJECT:IN= OUT=eth0 > SRC=192.168.1.2 DST=192.168.1.4 LEN=328 TOS=0x00 PREC=0x00 TTL=64 > ID=36216 DF PROTO=UDP SPT=67 DPT=68 LEN=308 > > They always come in pairs like that. The firewall is 192.168.1.2 and the > other machine is the only one operating on the network. > > Thanks, > Alan > -- > ------------------------------------------------------ > Alan L Tyree > http://www2.austlii.edu.au/~alan > Tel: +61 2 4782 2670 > Mobile: +61 405 084 990 > Fax: +61 2 4782 7092 > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
signature.asc
Description: Digital signature
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
