Hi Andreas, Andreas Baetz wrote:
You could try more general rules like iptables -I INPUT 1 -p TCP --dport 113 -j REJECT iptables -I INPUT 1 -p TCP --dport 113 -j LOG --log-prefix " Input identd" iptables -I FORWARD 1 -p TCP --dport 113 -j REJECT iptables -I FORWARD 1 -p TCP --dport 113 -j LOG --log-prefix " Forward identd"
In this case the first 2 rules should be 1. Logging 2. Rejecting anything that goes to port 113
Thanks for your help. But now it becomes even more strange: First I get two log-entries for droped packages, then I get two log-entries for rejected packages. But they look very much the same to me: Nov 27 18:25:29 internet kernel: DROP-TCP IN=ppp0 OUT= MAC= SRC=<Mailserver-IP> DST=<External-IP> LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=32011 PROTO=TCP SPT=1953 DPT=113 WINDOW=16384 RES=0x00 SYN URGP=0 Nov 27 18:28:15 internet kernel: Input identd IN=ppp0 OUT= MAC= SRC=<Mailserver-IP> DST=<External-IP> LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=36212 PROTO=TCP SPT=1991 DPT=113 WINDOW=16384 RES=0x00 SYN URGP=0 So why does the first package not match the REJECT-rule? Best regards, Ralf Ronneburger