Re: Firewall message in /var/log

To: debian-user@lists.debian.org
Subject: Re: Firewall message in /var/log
From: Barry Samuels <barry@datamansys.co.uk>
Date: Thu, 7 Sep 2000 21:53:35 +0100 (BST)
Message-id: <[🔎] E13X8fv-0000Xi-00@DATAMAN1.IBMPEERS>
In-reply-to: <[🔎] 20000905181859.B4834@fjellstad.org>

"John L . Fjellstad" <john-list@fjellstad.org> wrote:

> On Tue, Sep 05, 2000 at 04:46:44PM +0100, Barry Samuels wrote:
>  
> > kernel: Packet log: input DENY eth0 PROTO=17 192.14.17.1:513
> > 192.14.17.255:513 L=136 S=0x00 I=244 F=0x0000 T=64 (#30)
> 
> Check the IPCHAINS-HOWTO.

I have.  I tend to find quite a few of these documents moderately incomprehensible.

> In short,
> kernel     - message from kernel
> Packet log - log stamp

I can understand that!

> input      - chain in which packet got logged

Not sure about that (chain?).

> DENY       - access 

I can understand that!

> PROTO=17   - udp

Looked up 'man udp'.  Found that to be _totally_ incomprehensible.

> 192.14.17.1:513 - source of package with originating at port 513 (who port)
> 192.14.17.255:513 - destination of package, connecting at port 513

Looked up 'man rwhod' and could understand some of that.  So I suppose the Ipchains rules need
to be modified to stop it whingeing about that.  This is where it gets very tricky.

I used pmfirewall, on someone's recommendation, because I wanted to avoid messing about with
something that I don't understand and found pmfirewall to be just my sort of thing.

Perhaps I'll just put up with the messages.

Barry Samuels

Reply to:

References:
- Re: Firewall message in /var/log
  - From: "John L . Fjellstad" <john-list@fjellstad.org>

Prev by Date: Re: Firewall message in /var/log
Next by Date: Re: sndconfig?
Previous by thread: Re: Firewall message in /var/log
Next by thread: Re: Firewall message in /var/log
Index(es):
- Date
- Thread