Mailinglist Archive: opensuse-security (547 mails)
| < Previous | Next > |
Firewall Config Problem in SuSE 7?
- From: "jpriddy" <jpriddy@xxxxxxxxxxxxxxx>
- Date: Tue, 14 Nov 2000 04:49:13 -0600
- Message-id: <001f01c04e28$88d03a20$0601a8c0@dimenttionxps>
First off, I am pretty new to linux and unix in general and especially
firewalls (alas i have lived most my life as a slave to windows). And this
may in fact not be a question for you but for my ISP. Anyway.....
I have minimal home network and ever since I was rooted after carelessness,
I am pretty paranoid about security and reviewing my logs. Ever since I set
up my install to do ip masq/routing I keep on seeing these 2 repeating lines
from my isp's machines in /var/log/firewall :
Nov 14 01:25:51 beast kernel: Packet log: output DENY eth0 PROTO=1
24.92.74.X:3 24.92.68.22:3 L=156 S=0xC0 I=31139 F=0x0000 T=255 (#3)
Nov 13 18:15:16 beast kernel: Packet log: input DENY eth0 PROTO=17
24.92.68.23:67 24.92.74.X:68 L=576 S=0x00 I=8539 F=0x4000 T=248 (#52)
My question is not exactly why is my firewall denying these packets, but why
is "24.92.68.22 / ns2.midsouth.rr.com" and "24.92.68.23 /
pc-join.midsouth.rr.com"? And what the hell is "pc-join?" It really isn't
critical (I dont think anyway, since everything seems to work just fine),
but this seems odd to me. I just went over
/etc/rc.config.d/firewall.rc.config again carefully, but I really dont see
anything that would have to do with this.
I am somwhat new to this, but why would these machines need to hit me? The
isp uses DHCP, but the entries are too often for that. I can send in my
rc.config.firewall if needed.
Thanks,
-John
______
-Idiocy
"Never underestimate the power
of stupid people in large groups"
http://www.despair.com
______
firewalls (alas i have lived most my life as a slave to windows). And this
may in fact not be a question for you but for my ISP. Anyway.....
I have minimal home network and ever since I was rooted after carelessness,
I am pretty paranoid about security and reviewing my logs. Ever since I set
up my install to do ip masq/routing I keep on seeing these 2 repeating lines
from my isp's machines in /var/log/firewall :
Nov 14 01:25:51 beast kernel: Packet log: output DENY eth0 PROTO=1
24.92.74.X:3 24.92.68.22:3 L=156 S=0xC0 I=31139 F=0x0000 T=255 (#3)
Nov 13 18:15:16 beast kernel: Packet log: input DENY eth0 PROTO=17
24.92.68.23:67 24.92.74.X:68 L=576 S=0x00 I=8539 F=0x4000 T=248 (#52)
My question is not exactly why is my firewall denying these packets, but why
is "24.92.68.22 / ns2.midsouth.rr.com" and "24.92.68.23 /
pc-join.midsouth.rr.com"? And what the hell is "pc-join?" It really isn't
critical (I dont think anyway, since everything seems to work just fine),
but this seems odd to me. I just went over
/etc/rc.config.d/firewall.rc.config again carefully, but I really dont see
anything that would have to do with this.
I am somwhat new to this, but why would these machines need to hit me? The
isp uses DHCP, but the entries are too often for that. I can send in my
rc.config.firewall if needed.
Thanks,
-John
______
-Idiocy
"Never underestimate the power
of stupid people in large groups"
http://www.despair.com
______
| < Previous | Next > |