-----BEGIN PGP SIGNED MESSAGE----- Hi Jürgen!
So I definitely want the firewall to drop ALL these packet, not only some of them (each second packet, as it seems...)
I'm not using SuSE 8.1, so can't really help you with your problem,
but now that you mention it:
Oct 23 19:58:03 akira kernel: SuSE-FW-ACCEPT IN=ppp0 OUT= MAC=
SRC=217.82.120.186 DST=80.134.29.51 LEN=64 TOS=0x00 PREC=0x00 TTL=124
ID=63058 DF PROTO=TCP SPT=3822 DPT=4662 WINDOW=44032 RES=0x00 SYN
URGP=0 OPT (020405AC010303030101080A000000000000000001010402)
Oct 23 19:58:03 akira kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC=
SRC=217.82.120.186 DST=80.134.29.51 LEN=64 TOS=0x00 PREC=0x00 TTL=124
ID=63058 DF PROTO=TCP SPT=3822 DPT=4662 WINDOW=44032 RES=0x00 SYN
URGP=0 OPT (020405AC010303030101080A000000000000000001010402)
The above looks to me like *one* packet, which only gets logged twice
(same ID). Maybe the new SuSE-FW2 logs the packet first like it
*would* accept it, but passes it on further down the chain until it
is finally dropped by the default rule. Could there be a bug in the
new firewall script? Marc or anyone?
Regards, Andy
- --
Andreas J. Mueller email: