iptables and/or CUPS question
Bill Tangren
bjt at aa.usno.navy.mil
Thu Aug 11 16:46:17 UTC 2005
Burke, Thomas G. wrote:
> I cannot answer you question, as I am still using ipchains. However,
> 10.255.255.255 is the broadcast address for the 10.x.x.x series of
> networks. IIUC, 10.1.5.8 is broadcasting to the 10.x.x.x network that
> the service on port 631 is available. It appears to be receiving
> something from 10.1.4.238 (a different network) that is an invalid
> packet. Of course, it's been a long while since I've looked at this
> sort of thing, so I may be full of horse hockey.
>
> -Tom
>
>
> -----Original Message-----
>
> My RHEL ES4 box is behind a firewall. I have it set up as a CUPS print
> server. I noticed that I was getting this in my logwatch output (when
> Detail is set to Low):
>
> --------------------- Kernel Begin ------------------------
> From 10.1.5.58 - 2764 packets to udp(631)
> ---------------------- Kernel End -------------------------
>
> My box IS 10.1.5.58. It looked like iptables on my box was stopping
> packets from itself, so I bumped up the detail to Med, and got this:
>
> --------------------- Kernel Begin ------------------------
> From 10.1.5.58 - 2777 packets
> To 10.255.255.255 - 2777 packets
> Service: ipp (udp/631) (INPUT packet died:,eth0,none) - 2777
> packets
> ---------------------- Kernel End -------------------------
>
> This is a typical /var/log/message entry:
>
>
> Could anyone tell me (or point me to a link that explains) why iptables
> is doing this. It occurred to me that the print server might be badly
> configured, but I am able to use it to print from other computers on our
> network. And, there is no 10.255.255.255 box on the network.
>
>
Sorry. I cut and pasted the wrong packet. This is a better example:
Aug 11 03:07:14 mach2 kernel: INPUT packet died: IN=eth0 OUT= MAC=
SRC=10.1.5.58 DST=10.255.255.255 LEN=175 TOS=0x00 PREC=0x00 TTL=64
ID=1832 DF PROTO=UDP SPT=631 DPT=631 LEN=155
More information about the redhat-list
mailing list