Mailinglist Archive: opensuse-security (511 mails)
| < Previous | Next > |
Re: [suse-security] Firewall Logging (no CodeRed :-)
- From: Bjoern Engels <bengels@xxxxxxxxxxx>
- Date: Fri, 10 Aug 2001 10:25:00 +0200
- Message-id: <01081010250007.02345@spock>
On Friday, 10. August 2001 10:16, Franziskus Scharpff wrote:
> Aug 10 08:06:46 colossus kernel: Packet log: input DENY eth0 PROTO=17
> 192.168.1.55:137 192.168.1.255:137 L=78 S=0x00 I=2645 F=0x0000 T=128 (#3)
Ok, these are UDP NetBIOS name service requests from outside, you'll find
them in every firewall log I bet.
> FW_SERVICES_EXTERNAL_UDP="ssh"
You don't need this, ssh runs via tcp.
> FW_LOG_DENY_CRIT="no"
> FW_LOG_DENY_ALL="no"
Hmm, in my opinion the firewall shouldn't log, you're right. But it's some
time ago when I used SuSEfirewall... Anyway you shouldn't worry about
these packets, I have them in my logs, too... Maybe Marc Heuse or
anybody else who knows the SuSEfirewall package better than me reads
this thread and can tell you, why it's being logged ;)
Bjoern
> Aug 10 08:06:46 colossus kernel: Packet log: input DENY eth0 PROTO=17
> 192.168.1.55:137 192.168.1.255:137 L=78 S=0x00 I=2645 F=0x0000 T=128 (#3)
Ok, these are UDP NetBIOS name service requests from outside, you'll find
them in every firewall log I bet.
> FW_SERVICES_EXTERNAL_UDP="ssh"
You don't need this, ssh runs via tcp.
> FW_LOG_DENY_CRIT="no"
> FW_LOG_DENY_ALL="no"
Hmm, in my opinion the firewall shouldn't log, you're right. But it's some
time ago when I used SuSEfirewall... Anyway you shouldn't worry about
these packets, I have them in my logs, too... Maybe Marc Heuse or
anybody else who knows the SuSEfirewall package better than me reads
this thread and can tell you, why it's being logged ;)
Bjoern
| < Previous | Next > |