Oct 9 12:52:51 smeagol kernel: Firewall:IN=ppp0 OUT= MAC=
SRC=64.152.2.36 DST=MY_IP_ADDRESS LEN=52 TOS=0x00 PREC=0x00 TTL=246
ID=1093 DF PROTO=TCP SPT=80 DPT=33157 WINDOW=34752 RES=0x00 ACK FIN
URGP=0
In my firewall logs. I see them for ACK RST as well. These are valid
connections. My rules follow for the most part (a few allowed
connections to the machine in question have been removed from the
list). This often leaves open connections in a half closed state on
machines behind this firewall. It also some times kills totally open
connections and I see packets rejected that should be allowed through.
Please, help me help. Also, please CC me. The account I am subscribed
to the list with is acting up and I may be killing it.
Chain INPUT (policy DROP 3 packets, 999 bytes)
pkts bytes target prot opt in out source
destination
30 2880 DROP udp -- any any anywhere
anywhere udp spt:netbios-ns
33 7607 DROP udp -- any any anywhere
anywhere udp spt:netbios-dgm
37 3680 ICMP_INPUT icmp -- any any anywhere
anywhere
16543 5783K tcprules all -- any any anywhere
anywhere
0 0 firewall all -- any any anywhere
anywhere
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
1485 280K tcprules all -- any any anywhere
anywhere
0 0 firewall all -- any any anywhere
anywhere
Chain OUTPUT (policy ACCEPT 17692 packets, 6181610 bytes)
pkts bytes target prot opt in out source
destination
Chain ICMP_INPUT (1 references)
pkts bytes target prot opt in out source
destination
26 2184 ACCEPT icmp -- !ppp+ any anywhere
anywhere icmp echo-request
0 0 ACCEPT icmp -- any any anywhere
anywhere icmp echo-reply
11 1496 ACCEPT icmp -- any any anywhere
anywhere icmp destination-unreachable
0 0 LOGACCEPT icmp -- any any anywhere
anywhere icmp source-quench
0 0 LOGACCEPT icmp -- any any anywhere
anywhere icmp time-exceeded
0 0 LOGACCEPT icmp -- any any anywhere
anywhere icmp parameter-problem
0 0 LOGACCEPT icmp -- any any anywhere
anywhere icmp timestamp-request
0 0 LOGACCEPT icmp -- any any anywhere
anywhere icmp timestamp-reply
0 0 firewall icmp -- any any anywhere
anywhere
Chain LOGACCEPT (5 references)
pkts bytes target prot opt in out source
destination
0 0 LOG all -- any any anywhere
anywhere LOG level info prefix `PACKET ACCEPTED:'
0 0 ACCEPT all -- any any anywhere
anywhere
Chain M_DEBUG (0 references)
pkts bytes target prot opt in out source
destination
Chain firewall (4 references)
pkts bytes target prot opt in out source
destination
116 18258 LOG all -- any any anywhere
anywhere LOG level info prefix `Firewall:'
116 18258 DROP all -- any any anywhere
anywhere
Chain tcprules (2 references)
pkts bytes target prot opt in out source
destination
17325 6007K ACCEPT all -- any any anywhere
anywhere state RELATED,ESTABLISHED
587 37774 ACCEPT all -- !ppp+ any anywhere
anywhere state NEW
116 18258 firewall all -- ppp+ any anywhere
anywhere state INVALID,NEW
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/