[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Denying packets and log traffic

   Today in Debian-User I replied to a user's concern about his log traffic:

> Ever since I upgraded to potato my syslog and kern.log has grown to huge
> sizes:
> Feb  9 04:36:34 rademaker kernel: Packet log: input DENY eth0 PROTO=17
> L=242 S=0x00 I=7424 F=0x0000 T=128
> (#6)

   The response I gave was pretty lame, basically because I'm not sure
what's going on either, other than an IP chain rule is denying packets.

   So if I could ask a few questions, in order of priority; where can I find
documentation on what all the fields in the above log entry mean?  Does
anyone know what specific package changed recently in potato to generate
this (my guess is the ipmasq package, but that's a guess)?

   Also, does anyone have a quick fix for this issue?  I "fixed" it myself
by moving back to my old firewall rules, but that doesn't mean I know
anything more about the issue than before it happened, so again, doc
pointers and/or whacks with a clue-bat would be appreciated, TIA.

 Regards,  | <redwards@golgotha.net>   | GNU/Linux: superior tools
 .         | <http://www.golgotha.net> |  for those who know how
 Randy     |                           |       to use them.

Reply to: