Re: 127.0.0.1 coming in from eth0?
>I can't have the connection off for very
> long.
Looks that the new home of your nic will be the trash
bin :-D
Don't take this for gospel, but if u can't connect but
can "ping", i'm almost sure that ur nic is loosing
packets.
But, once again, don't take this for gospel.
H.I.H.U.
--- Mikko Kilpikoski <mikko.kilpikoski@ravalik.fi>
escreveu: > Hi.
>
> I have small trouble with firewall logs getting
> spammed with
>
> REJECT IN=br0 OUT=br0 PHYSIN=eth0 PHYSOUT=eth1
> SRC=127.0.0.1
> DST=in.d.m.z LEN=40 TOS=0x00 PREC=0x00 TTL=122
> ID=nnnnn PROTO=TCP SPT=80
> DPT=x WINDOW=0 RES=0x00 ACK RST URGP=0
>
> where eth0 is internet, dst varies between the hosts
> in dmz (eth1) and
> dpt varies between about 1k-2k. The time between
> packets vary between 10
> seconds to 2 minutes. It doesn't seem to be doing
> anything serious.
>
> System is woody with 2.4.22 ebtables-brnf bridgeing
> firewall (ebtables
> off, monolithic kernel). Also eth2 is private
> 192.0.0.0/24 lan, with
> masquerading. Both br0 and eth2 have ip addresses.
>
> I reported this to isp, but they haven't noticed
> anything strange with
> the connection. Someone told me that this could be a
> nic going bad. Any
> ideas how to find out where the packets originate
> from and what to do
> about it? I can't have the connection off for very
> long.
>
> --
> Mikko Kilpikoski
>
>
> --
> To UNSUBSCRIBE, email to
> debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
=====
-
"Se conhecer a ti e conhecer o teu inimigo,
não temerás o resultado de mil batalhas."
(Sun Tzu)
"If you know yourself and know your enemy,
won't fear the result of a thousand battles."
(Sun Tzu)
_______________________________________________________________________
Desafio AntiZona: participe do jogo de perguntas e respostas que vai
dar um Renault Clio, computadores, câmeras digitais, videogames e muito
mais! www.cade.com.br/antizona
Reply to: