[Tech] Aiuto su /var/log/messages

Marco Santini msantini@unifi.it
Ven 1 Dic 2000 00:43:29 CET


In /var/log/messages trovo ogni pochi secondi uniformemente sulle tutte le 24 ore:

Nov 30 03:29:44 localhost: kernel: Packet log: input REJECT ppp0 PROTO=103
151.5.148.128/65535 224.0.0.13/65535 L=42 S=0xC0 I=58404 F=0x0000 T1 (#6)

dove cambia via via la data e il numero I=XXXXX
Immagino che sia il risultato del lavoro di Ipchains :)
Ma non riesco a capire perchè questa insistenza.
La macchina è connessa con una ADSL ed ha un IP statico.
In fondo ho riportato la parte di input del firewall.
Ciao, Marco.

  #########################################################
  # Incoming, flush and set default policy of reject. Actually the default policy
  # is irrelevant because there is a catch all rule with deny and log.
  #
  ipchains -F input
  ipchains -P input REJECT

  # local interface, local machines, going anywhere is valid
  #
  ipchains -A input -i $intint -s $intnet -d 0.0.0.0/0 -j ACCEPT

  # remote interface, claiming to be local machines, IP spoofing, get lost
  #
  ipchains -A input -i $extint -s $intnet -d 0.0.0.0/0 -l -j REJECT

  # remote interface, any source, going to permanent PPP address is valid
  #
  ipchains -A input -i $extint -s 0.0.0.0/0 -d $extip/32 -j ACCEPT

  # loopback interface is valid.
  #
  ipchains -A input -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT

  # catch all rule, all other incoming is denied and logged. pity there is no
  # log option on the policy but this does the job instead.
  #
  ipchains -A input -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j REJECT






Maggiori informazioni sulla lista flug-tech