Mailinglist Archive: opensuse (1470 mails)

< Previous Next >
Re: [opensuse] What is the meaning of these firewall log entries?
13.02.2016 08:08, Carlos E. R. пишет:
On 2016-02-13 05:56, Andrei Borzenkov wrote:

No. He sees this message because other system blocks UDP

[SRC=192.168.1.14 DST=192.168.1.15 LEN=343 TOS=0x00 PREC=0x00
TTL=64 ID=3128 PROTO=UDP SPT=6666 DPT=6666 LEN=323 ]

But that is not possible. I have explicitly open "udp,6666" on both
machines:

OK "blocks" was the wrong word, sorry.


FW_TRUSTED_NETS="192.168.1.14,udp,syslog 192.168.1.14,tcp,514
192.168.1.14,udp,6666 192.168.1.14,icmp"

and conversely on the other machine.


In fact, "netcat -u 192.168.1.15 6666" succeeds to send text to the
other machine.


The strange thing is that it stops working after some time (hours?),
and I have to restart on the listener:


Yes. The message you get means nobody is listening on this port and you
just confirmed that it stops working after some time - which very much
sounds like is stops listening. Check timestamps on port unreachable
messages, compare with timestamps when it stops working.


netcat -u -l 6666 | tee -a remote_log


Apparently, it happens when I stop the sender.



< Previous Next >
Follow Ups