ipchains -A input -b -p 17 -d 0.0.0.0/0 -s $extip 520 -j DENY #der rechner will immer ins chello lan auf XXX.XXX.XXX.255 verbinden. eigene chain, damit nix geloggt wird hängt mit dem nfs zusammen denk ich mal
hmmmmmmm.... seth:~ # grep 17 /etc/protocols udp 17 UDP # user datagram protocol seth:~ # grep 520 /etc/services route 520/udp router routed # RIP seth:~ # Could it be possible that you are running ROUTED on your machine? This services generates every now and then a bit of broadcast (xxx.xxx.xxx.255) traffic, and Im pretty sure that its functionality is quite useless for you. Check in YaST, the Configuration options. START_ROUTED=no or something. This should stop this ;-) also ipchains -A input -b -i lo -s $extip -d 127.0.0.0/24 -j ACCEPT #loopback whats that for? If you really get any packets with like destination = 127.0.0.1 via your external interface, then it would be wise to discard them ;-) such packets are *definately* spoofed, no? hope this helps Chr. Burri .-. /v\ L I N U X // \\ >Phear the Penguin< /( )\ ^^-^^