[KLUG Members] Firewall rule question.
Bruce Smith
members@kalamazoolinux.org
Sun, 13 Jan 2002 12:30:56 -0500
After upgrading to IPCOP, I have a _technical_ question
about it's ipchains rules.
I'm getting a log entry for rejected packet about every
two seconds. Neither IP (source or destination) is mine.
I think it may be logging some kind of broadcast, like
dhcp, but I don't recognize the port either.
...
Jan 13 13:00:58 ipcop last message repeated 26 times
Jan 13 13:01:59 ipcop last message repeated 27 times
Jan 13 13:03:02 ipcop last message repeated 27 times
Jan 13 13:04:03 ipcop last message repeated 27 times
Jan 13 13:05:07 ipcop last message repeated 27 times
Jan 13 13:06:11 ipcop last message repeated 28 times
Jan 13 13:07:12 ipcop last message repeated 27 times
Jan 13 13:08:13 ipcop last message repeated 26 times
Jan 13 13:09:17 ipcop last message repeated 27 times
Jan 13 13:10:21 ipcop last message repeated 28 times
Jan 13 13:10:32 ipcop last message repeated 5 times
Jan 13 13:10:35 ipcop kernel: Packet log: input - eth1
PROTO=88 10.69.80.1:65535 224.0.0.10:65535 L=60 S=0xC0
I=0 F=0x0000 T=2 (#12)
My assigned IP from my ISP is in the 24.247.*.* range.
I know my ISP's DHCP server is running on a private IP
of 10.x.x.x. (FWIW)
One thought I had is maybe IPCop is rejecting all private
IP address ranges from the internet, but I can't find
anything like that in the rules.
It seems to run fine otherwise, but any idea what would
be causing these entries?
--------------------------------------------
Bruce Smith bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan 49093 USA
http://www.armstrong-intl.com/
--------------------------------------------