On 09/27/2010 08:55 PM, Carlos E. R. wrote:
On Monday, 2010-09-27 at 18:41 +0200, Togan Muftuoglu wrote:
On 09/27/2010 05:40 PM, Carlos E. R. wrote:
Sep 27 17:14:05 Telcontar kernel: [156512.022028] SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.1.14 DST=194.224.66.51 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=59635 DF PROTO=TCP SPT=33080 DPT=80 WINDOW=501 RES=0x00 ACK FIN URGP=0 OPT (0101080A094F9B36017FFCBB)
comes from the code finish_chains function in SuSEfirewall2
$iptables -A OUTPUT -j ACCEPT -m state --state NEW,ESTABLISHED,RELATED $LDAC $iptables -A OUTPUT ${LOG}"-OUT-ERROR "
Ok.... and what does it mean? O:-)
when you do SuSEfirewall2 status| grep OUT\-ERROR You will find this along 125 6260 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 \ limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-OUT-ERROR ' in /etc/sysconfig/SuSEfirewall2 ## Type: string # # How many packets per time unit get logged for each logging rule. # When empty a default of 3/minute is used to prevent port scans # flooding your log files. For desktop usage it's a good idea to # have the limit, if you are using logfile analysis tools however # you might want to disable it. # # Set to 'no' to disable the rate limit. Setting FW_LOG_ACCEPT_ALL # to 'yes' disables this option as well. # # Format: a digit and suffix /second, /minute, /hour or /day FW_LOG_LIMIT="" Hope this helps Togan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org