-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thursday 24 February 2005 22:30, Ian P. Thomas wrote:
> >>-A RH-Firewall-1-INPUT -j LOG -d 192.168.0.5 --log-prefix "iptables: " > >>-A RH-Firewall-1-INPUT -j DROP > >>COMMIT
The packets are dropped because they have a destination IP of 192.168.0.5 and are not being seen as being associated with an ESTABLISHED connection. If your outbound services, POP and web browsing, are operating in a sufficient manner, then I wouldn't worry about the dropped packets.
The packets are not being dropped because they have a destination addresses of 192.168.0.5. They are only being logged by the second to last rule. The last rule is dropping everything that reaches it. Doesn't matter what ip address it has or port it is going to.
For what it's worth, the reason for this rule is that, although I want all undesirable packets dropped, I am interested in seeing log entries only for packets specifically address to my host, not broadcast or other packets.
Jan
