Re: IPTABLES logging (was: NTP, ntpdate and ISP-based firewall)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2004-03-09 at 22:23, Don Levey wrote:

> Interestingly, shortly after I enabled these logs, I'm noticing two
> logged block messages.  However, they are from addresses I didn't think
> I was blocking.  The addresses in question are:
> 	218.9.130.252
> 	218.72.107.86
> but the only rule I have that's even close is:
> -A RH-Lokkit-0-50-INPUT -s 218.148.121.0/8 -j LOG --log-level WARN
> --log-prefix IPTABLES-REJECT-09- --log-ip-options --log-tcp-options
> -A RH-Lokkit-0-50-INPUT -s 218.148.121.0/8 -j REJECT
> 
> (I've added numbers to the prefixes for debugging purposes, but so far I
> haven't logged another message).  I would imagine that these messages
> wouldn't be from the rules above, as the addresses don't match. 
> However, the overall blanket blocks at the end aren't logged, and the
> outside firewall seems to log other accesses to that server which are
> *not* getting logged but are also not on permitted ports (in particular,
> 135).  Any thoughts?
>  -Don
> 
> 
Silly me, I misinterpreted the rule I wrote regarding the 218.x.x.x/8.
*never mind*...

 -Don




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux