Mailinglist Archive: opensuse-security (575 mails)
| < Previous | Next > |
Re: [suse-security] SuseFirewall2 DMZ
- From: Frédéric Poulet <pofrederic@xxxxxxxx>
- Date: Thu, 14 Nov 2002 10:36:59 +0100 (CET)
- Message-id: <20021114093659.1353.qmail@xxxxxxxxxxxxxxxxxxxxxxx>
i don't have dpt=21 when i try ftp service but dpt=113
--- Togan Muftuoglu <toganm@xxxxxxxxxxxxxxxxxxxxx> a écrit : > * Frédéric Poulet;
<pofrederic@xxxxxxxx> on 14 Nov, 2002 wrote:
> ># 13.)
> >FW_FORWARD="192.168.1.0/24,192.168.5.2,tcp,80 192.168.1.0/24,192.168.5.2,tcp,21"
>
> OK
> >
> ># 14.)
> >FW_FORWARD_MASQ="0/0,192.168.5.2,tcp,80 0/0,192.168.5.2,tcp,21"
>
> OK
>
> >> 4)tail -n30 /var/log/messages
>
>
> >Jan 23 08:28:12 linux kernel: SuSE-FW-DROP-DEFAULT IN=eth2 OUT=eth1 SRC=192.168.5.2
> >DST=192.168.1.199 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=6134 DF PROTO=TCP SPT=32969 DPT=113
> >WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0419B6680000000001030300)
>
> Not OK they are not related to FTP traffic ie DPT=113 is Identd request
> and its perfectly okau to drop it. We need the logs when you are trying
> to do the FTP so DPT=21 will be seen in the logs
>
>
> --
>
> Togan Muftuoglu
> Unofficial SuSE FAQ Maintainer
> http://dinamizm.ath.cx
>
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
--- Togan Muftuoglu <toganm@xxxxxxxxxxxxxxxxxxxxx> a écrit : > * Frédéric Poulet;
<pofrederic@xxxxxxxx> on 14 Nov, 2002 wrote:
> ># 13.)
> >FW_FORWARD="192.168.1.0/24,192.168.5.2,tcp,80 192.168.1.0/24,192.168.5.2,tcp,21"
>
> OK
> >
> ># 14.)
> >FW_FORWARD_MASQ="0/0,192.168.5.2,tcp,80 0/0,192.168.5.2,tcp,21"
>
> OK
>
> >> 4)tail -n30 /var/log/messages
>
>
> >Jan 23 08:28:12 linux kernel: SuSE-FW-DROP-DEFAULT IN=eth2 OUT=eth1 SRC=192.168.5.2
> >DST=192.168.1.199 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=6134 DF PROTO=TCP SPT=32969 DPT=113
> >WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0419B6680000000001030300)
>
> Not OK they are not related to FTP traffic ie DPT=113 is Identd request
> and its perfectly okau to drop it. We need the logs when you are trying
> to do the FTP so DPT=21 will be seen in the logs
>
>
> --
>
> Togan Muftuoglu
> Unofficial SuSE FAQ Maintainer
> http://dinamizm.ath.cx
>
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
| < Previous | Next > |