[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Mldonkey-users] some connections to mld dropped by iptables
|
From: |
Neil Sedger |
|
Subject: |
[Mldonkey-users] some connections to mld dropped by iptables |
|
Date: |
Fri, 21 Feb 2003 01:54:46 +0000 |
|
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3b) Gecko/20030210 |
I'm constantly - one every few seconds - getting firewall drop messages
from iptables that look like:
Feb 21 01:19:52 giles kernel: RULE -1 - DROP: IN=ppp0 OUT= MAC=
SRC=<some inet ip> DST=<my internet ip> LEN=40 TOS=0x00 PREC=0x00
TTL=118 ID=47465 DF PROTO=TCP SPT=1729 DPT=8000 WINDOW=17280 RES=0x00
ACK FIN URGP=0
Feb 21 01:53:12 giles kernel: RULE -1 - DROP: IN=ppp0 OUT= MAC=
SRC=<some inet ip> DST=<my internet ip> LEN=121 TOS=0x00 PREC=0x00
TTL=49 ID=13664 DF PROTO=TCP SPT=3560 DPT=8000 WINDOW=64240 RES=0x00 ACK
PSH FIN URGP=0
I run my mldonkey as 8000 as the incoming TCP port, and this is open in
the firewall (as shown by my high id and lots of connections to me on
that port, some from lowid users).
My iptables script is generated by 'fwbuilder' - a very nice gui in
which I now have a busy setup. The rules that create 'RULE -1' are:
# Rule dropping TCP sessions opened prior firewall restart
#
$IPTABLES -N RULE_000
$IPTABLES -A OUTPUT -p tcp ! --syn -m state --state NEW -j RULE_000
$IPTABLES -A INPUT -p tcp ! --syn -m state --state NEW -j RULE_000
$IPTABLES -A FORWARD -p tcp ! --syn -m state --state NEW -j RULE_000
$IPTABLES -A RULE_000 -m state --state NEW -j LOG --log-level info
--log-prefix "RULE -1 - DROP: "
$IPTABLES -A RULE_000 -m state --state NEW -j DROP
Is this right? Should these packets be dropped by a security-concious
firewall?
Is donkey wrong?
Are fwbuilder and the above rules wrong?
Thanks
Neil
- [Mldonkey-users] some connections to mld dropped by iptables,
Neil Sedger <=