firewall error message
I set up a simple firewall and SNAT using iptables. All works fine
except that sometimes I see the following in the /var/log/syslog
Mar 30 08:54:23 dobby kernel: New not syn:IN= OUT=eth1 SRC=314.12.142.106 \
DST=314.12.128.3 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=60918 DF PROTO=TCP \
SPT=32804 DPT=119 WINDOW=31856 RES=0x00 ACK PSH FIN URGP=0
Could you please tell me what might be the probable reason for these
messages? The actual rule that produces them is
iptables -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j LOG \
--log-prefix "New not syn:"
where
iptables -N bad_tcp_packets
iptables -A OUTPUT -p tcp -j bad_tcp_packets
The mentioned above errors appear when I get news using email client
Sylpheed on the machine where iptables command are executed e.g press
Get all button in the email client. What I specially would like to be
told of is: could the mistake in the firewall (my settings of course)
be the likely reason for these error messages or not?
--
Vladimir Zolotykh
Reply to: