[plug] iptables firewall question
Adam Davin
byteme-its at westnet.com.au
Wed Feb 15 19:43:11 WST 2006
Hello All,
Just a quick one, hopefully.
I have been tinkering with my firewall rules again, and I have the
following log entry appearing in syslog:
Feb 15 19:24:07 rabbit kernel: INPUT:IN=ppp0 OUT= MAC= SRC=63.111.24.34
DST=202.72.160.175 LEN=40 TOS=0x00 PREC=0xE0 TTL=235 ID=53383 PROTO=TCP
SPT=80 DPT=3672 WINDOW=8190 RES=0x00 ACK FIN URGP=0
and the following line in my firewall script:
$IPTABLES -A INPUT -i $EXTIF -p tcp --sport 80 --dport 1024:65535 -s !
$LAN -d $EXTIP -m state --state ESTABLISHED,RELATED -j ACCEPT
Where
$IPTABLES points to the iptables executable
$EXTIF is the external interface ppp0
$LAN is 192.168.0.0/24
$EXTIP is 202.72.160.175
Is it fair to say then that the packet coming in above is a bad packet
that should not be coming in as there is no related connection going
out?
Thanks and Regards,
--
Adam Davin
Byteme IT Services
Mob: 0422 893 898
Fax: 08 9493 4462
Email: byteme-its at westnet.com.au
More information about the plug
mailing list