ipchains logging too much!

Benjamin Honsinger Honsinger at whs.wsd.wednet.edu
Mon Mar 19 12:57:29 PST 2001


Ok, I understand the concept of ipchains and all that, but exactly how it works
I don't always get. I made my rc.firewall script with the cool web generator.
Anyway, the way I set it up to log is overkill, something is getting logged
several times a minute. However, my /var/log/messages file is very cryptic and
only gives me a number for PROTO= . So could someone please tell me how to stop
my ipchains from logging the below statements (as well as what service it is
denying):

Mar 15 13:46:13 server kernel: Packet log: input DENY eth0 PROTO=17 168.99.104.12:631 255.255.255.255:631 L=170 S=0x00 I=11 F=0x0000 T=64 (#39)
- This one happens _all_ the time
Mar 19 12:04:58 server kernel: Packet log: input DENY eth0 PROTO=6 168.99.104.238:548 168.99.104.16:49154 L=56 S=0x00 I=57609 F=0x4000 T=255 (#38)
- This one happens occasionally

Most of the time it is denying packets from the other couple of linux machines
I have setup here at school, occasionally it denies another computer.

Below is the logging section from my rc.firewall (if you need the whole script
it is attached)

# ----------------------------------------------------------------------------
# Enable logging for selected denied packets

#ipchains -A input -i $EXTERNAL_INTERFACE -p tcp -j DENY -l

#ipchains -A input -i $EXTERNAL_INTERFACE -p udp \
# --destination-port $PRIVPORTS -j DENY -l

#ipchains -A input -i $EXTERNAL_INTERFACE -p udp \
# --destination-port $UNPRIVPORTS -j DENY -l


#ipchains -A input -i $EXTERNAL_INTERFACE -p icmp \
# --icmp-type 5 -j DENY -l
#ipchains -A input -i $EXTERNAL_INTERFACE -p icmp \
# --icmp-type 13:255 -j DENY -l

#ipchains -A output -i $EXTERNAL_INTERFACE -j REJECT -l

# ----------------------------------------------------------------------------


Thank you very very much in advance for any help! =)

- Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rc.firewall
Type: text/x-java
Size: 18159 bytes
Desc: not available
URL: <http://mailman13.u.washington.edu/pipermail/linux/attachments/20010319/6a55ce07/attachment.bin>


More information about the Linux mailing list