iptables dropping legitimate packets?
Jan Morales
jan at geezjan.org
Sun Feb 27 03:57:43 UTC 2005
Robert Spangler wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thursday 24 February 2005 22:30, Ian P. Thomas wrote:
>
>
>> > >>-A RH-Firewall-1-INPUT -j LOG -d 192.168.0.5 --log-prefix "iptables: "
>> > >>-A RH-Firewall-1-INPUT -j DROP
>> > >>COMMIT
>>
>> The packets are dropped because they have a destination IP of
>> 192.168.0.5 and are not being seen as being associated with an
>> ESTABLISHED connection. If your outbound services, POP and web
>> browsing, are operating in a sufficient manner, then I wouldn't worry
>> about the dropped packets.
>
>
> The packets are not being dropped because they have a destination addresses of
> 192.168.0.5. They are only being logged by the second to last rule. The
> last rule is dropping everything that reaches it. Doesn't matter what ip
> address it has or port it is going to.
For what it's worth, the reason for this rule is that, although I want
all undesirable packets dropped, I am interested in seeing log entries
only for packets specifically address to my host, not broadcast or other
packets.
Jan
More information about the fedora-list
mailing list