Scharpff@tembit.de wrote:
Mostly I'm supriesed to find Log-Entrys wich do not belong to the Subnet for this NIC. I know that with special settings I can read virtualy ALL the network-traffic comming along the NIC, but the Kernel should normaly only "see" valid packets from within the subnet the NIC is asigned to ...
No the NIC looks for packages were the destination adresse is the own or the broadcast address ( in "normal" operation mode ) Because there should no packages arrive with a source address of the internal network on the external device and via verse there are rules which block such packages. So this is what you see in your log. So the question is how comes the package in the wrong subnet? May be misconfiguration of an computer or a notebook in the wrong subnet ?
And also I'm wondering why the logging works although I set it to "no".
Btw, does anyone know where to see what are "critical" Events ?
This are good questions :-) Bye Thomas
Thank you so far,
Franziskus
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com