Difrents INPUT/FORWARD -logging

To: debian-security@lists.debian.org
Subject: Difrents INPUT/FORWARD -logging
From: Robert Magier <isyn@isi.wat.waw.pl>
Date: Wed, 30 May 2001 22:08:37 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.10.10105302159560.2481-100000@dino.wcy.wat.waw.pl>

Welcome
I do not know where is the problem with my firewall set
I have set :

iptables -t filter - I FORWARD -j LOG 

And because of this smth like this is displayed on my screen

BAD_FORWARDIN=eth2 OUT=eth0
SRC=169.254.199.81  DST=148.81.116.98 
LEN=69 TOS=0x00  PREC=0x00  TTL=127 ID=34055  PROTO=UDP  SPT=137  DPT=53 LEN=49

This is strange because eth2 ip is 192.168.2.254 so if the src ip of this
packet is 169.254.199.81 this means that someone is having fun.

I want to know what machine is sending this packets, so I set
iptables -t filter -I INPUT -i eth2 -s 169.254.199.81 -j LOG
but it doesn't help
I see logs from FORWARD rules but i do not see any from INPUT rules.

This was  a shortcut of my firewall rules, but the meaning of this hole
problem has been shown to you

Can someone explain me this?


--
ROBERT MAGIER

Reply to:

Follow-Ups:
- Re: Difrents INPUT/FORWARD -logging
  - From: Giacomo Mulas <gmulas@ca.astro.it>

Prev by Date: Re: X & tcp listening
Next by Date: Password encrypting
Previous by thread: Re: X & tcp listening
Next by thread: Re: Difrents INPUT/FORWARD -logging
Index(es):
- Date
- Thread