[Leaplist] Oddball iptables messages in my syslog file ....

William A. Mahaffey III wam at hiwaay.net
Fri Sep 19 08:37:36 EDT 2008 

.... I have 2 linux boxen on my LAN, 1 (this box) an AMD64X2 running 
FC9, the other an Intel Q6600 sorta-server running FC7 in runlevel 3. I 
have iptables running on both boxen, with a rule at the end to log 
whatever traffic it doesn't pass & then drop it. I log into the Q6600 
from the FC9 box & often stay logged in for weeks/months. I get many 
messages in the syslog file on the Q6600 like this:


Sep 19 04:21:18 Q6600 kernel: FWDROP:FW:IN=eth0 OUT= 
MAC=00:1a:4d:84:4d:89:00:1a:4d:41:55:27:08:00 SRC=192.168.0.4 
DST=192.168.0.9 LEN=100 TOS=0x08 PREC=0x00 TTL=64 ID=65128 DF PROTO=TCP 
SPT=22 DPT=54804 WINDOW=657 RES=0x00 ACK PSH URGP=0
Sep 19 04:22:02 Q6600 kernel: FWDROP:FW:IN=eth0 OUT= 
MAC=00:1a:4d:84:4d:89:00:1a:4d:41:55:27:08:00 SRC=192.168.0.4 
DST=192.168.0.9 LEN=100 TOS=0x08 PREC=0x00 TTL=64 ID=8822 DF PROTO=TCP 
SPT=22 DPT=36486 WINDOW=2309 RES=0x00 ACK PSH URGP=0
Sep 19 04:22:02 Q6600 kernel: FWDROP:FW:IN=eth0 OUT= 
MAC=00:1a:4d:84:4d:89:00:1a:4d:41:55:27:08:00 SRC=192.168.0.4 
DST=192.168.0.9 LEN=100 TOS=0x08 PREC=0x00 TTL=64 ID=9021 DF PROTO=TCP 
SPT=22 DPT=36486 WINDOW=4618 RES=0x00 ACK PSH URGP=0
Sep 19 04:23:21 Q6600 kernel: FWDROP:FW:IN=eth0 OUT= 
MAC=00:1a:4d:84:4d:89:00:1a:4d:41:55:27:08:00 SRC=192.168.0.4 
DST=192.168.0.9 LEN=100 TOS=0x08 PREC=0x00 TTL=64 ID=12000 DF PROTO=TCP 
SPT=22 DPT=36494 WINDOW=2218 RES=0x00 ACK PSH URGP=0


That MAC address is the concatenation of the MAC address on the 2 
machines. Spt 22 is ssh, presumably from the FC9 box into the Q6600. 
Everything (logins/shells under SSH) is working AOK, just lots of stuff 
in the syslog file as above. This just started happening a few weeks ago 
after a 'yum update all' on the FC9 box. What is causing this clutter ? 
How do I stop it, so more important stuff in the syslog file is not 
drowned out by these messages ? TIA ....

-- 

	William A. Mahaffey III

 ----------------------------------------------------------------------

	"The M1 Garand is without doubt the finest implement of war
	 ever devised by man."
                           -- Gen. George S. Patton Jr.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Leaplist mailing list