[Tech] Aiuto su /var/log/messages
Marco Santini
msantini@unifi.it
Ven 1 Dic 2000 00:43:29 CET
In /var/log/messages trovo ogni pochi secondi uniformemente sulle tutte le 24 ore:
Nov 30 03:29:44 localhost: kernel: Packet log: input REJECT ppp0 PROTO=103
151.5.148.128/65535 224.0.0.13/65535 L=42 S=0xC0 I=58404 F=0x0000 T1 (#6)
dove cambia via via la data e il numero I=XXXXX
Immagino che sia il risultato del lavoro di Ipchains :)
Ma non riesco a capire perchè questa insistenza.
La macchina è connessa con una ADSL ed ha un IP statico.
In fondo ho riportato la parte di input del firewall.
Ciao, Marco.
#########################################################
# Incoming, flush and set default policy of reject. Actually the default policy
# is irrelevant because there is a catch all rule with deny and log.
#
ipchains -F input
ipchains -P input REJECT
# local interface, local machines, going anywhere is valid
#
ipchains -A input -i $intint -s $intnet -d 0.0.0.0/0 -j ACCEPT
# remote interface, claiming to be local machines, IP spoofing, get lost
#
ipchains -A input -i $extint -s $intnet -d 0.0.0.0/0 -l -j REJECT
# remote interface, any source, going to permanent PPP address is valid
#
ipchains -A input -i $extint -s 0.0.0.0/0 -d $extip/32 -j ACCEPT
# loopback interface is valid.
#
ipchains -A input -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT
# catch all rule, all other incoming is denied and logged. pity there is no
# log option on the policy but this does the job instead.
#
ipchains -A input -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT
Maggiori informazioni sulla lista
flug-tech