Can't use my console because of logs?
I have Debian on a firewall which until now has only needed SSH
access. Now I need to be able to use a monitor and can't because of
errant logging appearing continuously on the screen.
This is what appears:
Jun 5 15:53:32 enterprise kernel: catch-allIN=ppp0 OUT= MAC=
SRC=18.104.22.168 DST=22.214.171.124 LEN=48 TOS=0x00 PREC=0x00 TTL=109
ID=5038 DF PROTO=TCP SPT=52451 DPT=6347 WINDOW=64240 RES=0x00 SYN
URGP=0 OPT (020405B401010402)
Its a continuous stream of info.
If anyone can tell me what the problem is or where to start looking
I'd be greatful.
My firewall rule-set is attached in case that's the problem.
"Faced with the choice between changing one's mind and proving that
there is no need to do so, almost everyone gets busy on the proof. "
- John Kenneth Galbraith
# PATH and modules
PATH=/sbin:$PATH; export PATH
# Change to your hostname
# Don't touch this
iptables -F -t nat
iptables -F -t mangle
## Create chain which blocks new connections, except if coming from inside.
iptables -N block
iptables -N DLOG
# Anti-spoofing rule
iptables -A block -m state --state INVALID -j DLOG
iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow services on lo in entirety - Squirrelmail, etc. need this.
iptables -A block -s 127.0.0.1/32 -i lo -j ACCEPT
# Allow LAN on eth0 in entirety - assuming the Lan consists
# of trusted users only. Otherwise use the Internet rules for
# the LAN with exceptions for your machine.
iptables -A block -s 192.168.0.0/24 -i eth0 -j ACCEPT
iptables -A block -p tcp --destination-port 21 -j ACCEPT
# Open ssh port - there are no circumstances in which denying
# yourself ssh access is a good idea.
iptables -A block -p tcp --destination-port 22 -j ACCEPT
# Open httpd port, if you run websites
iptables -A block -p tcp --destination-port 80 -j ACCEPT
# Open imapd port, if you provide IMAP mail service.
iptables -A block -p tcp --destination-port 143 -j ACCEPT
# Open gnutella port - I need this for my URL from gnutella to work
iptables -A block -p tcp --destination-port 6346 -j ACCEPT
iptables -A block -j DLOG
#The DLOG (drop+log) chain
iptables -A DLOG -j LOG --log-prefix="catch-all" --log-tcp-options \
iptables -A DLOG -j DROP
## Jump to that chain from INPUT and FORWARD chains.
iptables -A INPUT -j block
iptables -A FORWARD -j block
## Set up masquerading - sharing my ADSL connection.
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
## Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward