Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
AW: [suse-security] Multicast packets fill up my log files
  • From: Peer Stefan <stefan.peer@xxxxxxxx>
  • Date: Fri, 18 Jan 2002 09:13:31 +0100
  • Message-id: <3559BA35534FD511A1200002557C39B0AFC5@xxxxxxxxxxxxxxxxxxxxx>
Hi,
have a look at /etc/rc.config.d/firewall2.rc.config. Section 16 deals with
logging:
FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="no"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix
SuSE-FW"

You can safely change the FW_LOG_DROP_CRIT="yes" to FW_LOG_DROP_CRIT="no",
once you are sure your firewall rules work the way they should.

regards,
Stefan

-----Ursprüngliche Nachricht-----
Von: Alexander Topolanek [mailto:atopo@xxxxxxx]
Gesendet: Freitag, 18. Jänner 2002 07:01
An: suse-security@xxxxxxxx
Betreff: [suse-security] Multicast packets fill up my log files


Hi,
(and now in english :)

My provider sends me multicast packets every minutes, that are denied by
the SuSE-FW2 rules, and logged:
--
Jan 18 00:04:47 rohrpostfix kernel: SuSE-FW-UNALLOWED-TARGETIN=ippp0
OUT= MAC= S RC=195.3.94.57 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1
ID=7983 PROTO=2
--
I would need and iptable rule that discards those packets silently. I
tried "iptables -A INPUT -i ippp0 -d 224.0.0.1/24 -j ACCEPT" without
success, has anyone an idea where I went wrong?

thanks
Alexander


--
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx

< Previous Next >