iptable log-message
jdow
jdow at earthlink.net
Mon May 28 00:54:00 UTC 2007
From: "Manuel Arostegui Ramirez" <manuel at todo-linux.com>
> El Domingo, 27 de Mayo de 2007 11:44, Harald Hoyer escribió:
>> Hello,
>>
>> I have received this from my logwatch mail:
>>
>> ------- iptables firewall Begin --------
>>
>> Logged 171 packets on interface eth0
>> From 137.227.xxx.xxx - 171 packets to tcp(N1,N2,N3,...,Nn)
>> ----------------------------------
>>
>> The problem is that I don't trust the IP and I don't know how to avoid
>> it.
>>
>> Any idea?
>>
>
> I guess you shoud try to find out what the hell is that IP trying to do in
> your system
>
> And for a basic and simply quickly solution:
> iptables -I INPUT -s 137.227.xxx.xxx -j DROP
The log message suggests that iptables is already dropping or
rejecting the packets and logging them. Check the messages
log for more details than logwafch shows.
{^_^}
More information about the fedora-list
mailing list