public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] Help, iptables logging to current console
@ 2006-09-19  0:53 Walter Dnes
  2006-09-19  7:28 ` [gentoo-user] " Remy Blank
  0 siblings, 1 reply; 3+ messages in thread
From: Walter Dnes @ 2006-09-19  0:53 UTC (permalink / raw
  To: Gentoo Users List

  I'm temporarily on dialup after my ADSL router/modem died.  The ADSL
router/modem used to drop all the garbage aimed my ports 135, 445, 1434,
etc.  Iptables never saw it.  Now that I'm on dialup, iptables does see
the garbage, and so do I, on my current console...

IN=ppp0 OUT= MAC= SRC=208.65.244.98 DST=208.65.247.240 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=33631 DF PROTO=TCP SPT=3961 DPT=445 WINDOW=8760 RES=0x00 SYN URGP=0
IN=ppp0 OUT= MAC= SRC=208.65.244.98 DST=208.65.247.240 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=35461 DF PROTO=TCP SPT=1042 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
IN=ppp0 OUT= MAC= SRC=208.65.244.98 DST=208.65.247.240 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=35677 DF PROTO=TCP SPT=1042 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0

  The line in /var/lib/iptables/rules-save that triggers this is...

-A TCP_IN -p tcp -m tcp --dport 0:1023 -j DROP_LOG

  And the DROP_LOG rules are...

-A DROP_LOG -j LOG --log-level 6
-A DROP_LOG -j DROP

  In the past, I did not have this problem when on dialup.  I expect to
be back up on ADSL tomorrow evening, but I do want this solved.  The
most recent change on my system was the upgrade to gcc 4.1.1, and the
accompanying rebuild of system and world, a few days ago.

-- 
Walter Dnes <waltdnes@waltdnes.org> In linux /sbin/init is Job #1
My musings on technology and security at http://tech_sec.blog.ca
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2006-09-21  3:55 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-19  0:53 [gentoo-user] Help, iptables logging to current console Walter Dnes
2006-09-19  7:28 ` [gentoo-user] " Remy Blank
2006-09-21  3:49   ` Walter Dnes

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox