Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] Multicast-Müll aus den logs 'rausbringen
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Fri, 18 Jan 2002 17:32:26 +0100 (MET)
  • Message-id: <Pine.LNX.4.43.0201181730190.17473-100000@xxxxxxxxxxxx>


This list is English.

> Hallo,
>
> mein Provider schickt mir jede Minute Multicast-Pakete, die mir die
> Messages zumüllen:
> --
> Jan 18 00:04:47 rohrpostfix kernel: SuSE-FW-UNALLOWED-TARGETIN=ippp0
> OUT= MAC= S
> RC=195.3.94.57 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=7983
> PROTO=2
> --
>
> Ich verwende die SuSE-FW2, und brauche jetzt noch eine iptable-regel,
> die mir die Pakete still verwirft.
>

translated: I need a rule that kicks a packet as matched by
SuSE-FW-UNALLOWED-TARGETIN above in the logs so that the logs are not
poisoned.


> Ich habs mit "iptables -A INPUT -i ippp0 -d 224.0.0.1/24 -j ACCEPT"

iptables -I INPUT -i ippp0 -d 224.0.0.1/24 -j DENY

> versucht, das hat aber nicht so geklappt... wo habe ich den Denkfehler
> gemacht?

Append instead of insert, ACCEPT instead of DENY. The rule would have
(silently) accepted the packets because no logs are written.


>
> danke
> Alexander
>




Thanks,
Roman.
--
- -
| Roman Drahtmüller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE GmbH - Security Phone: // you need vision!"
| Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -


< Previous Next >
References