[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debian repository on hit list

--- Brent Elmer <webe3@myrealbox.com> wrote:
> I am running debian testing with a 2.4.24 kernel, firestarter 0.9.2,
> iptables 1.2.9.  I have a dialup connection and a slow phone line which
> connects at 28.8k even though I have a 56k modem.  I am using progeny as
> my repository.  I use syanptic to upgrade packages and it works fine. 
>  My question is this:  Why do I see rama.progeny.com (216.37.455.114) in
> my firestarter hitlist?  Is part of the download being blocked by
> firestarter?  Is the progeny server trying to send something else that
> is getting blocked?  The protocol for the progeny hit is tcp and the
> service is unknown.  The downloads do eventually work.  I tried making
> rama.progeny.com a trusted host but I still see it in the hit list.
Active FTP dose this, use passive or configure FTP connection tracking. 
Since it workes I'd guess that syanptic is droping back to passive FTP
when it fails.  Using http and not FTP will also work, the 'unknown' port
is chosen by progeny and changes.

> I also get igmp hits from my isp every 30 seconds.  Is there any way to
> make firestarter not display them all in the hit list?
This is more of a firestarter question, but you could iptable in a rule
for droping igmp.

> I am not subscribed to the mailing list so please reply directly to me.
> Thanks,
> -- 
> Brent Elmer <webe3@myrealbox.com>
> -- 
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org

Do you Yahoo!?
Get better spam protection with Yahoo! Mail.

Reply to: