Matthew Schalit wrote:
>
[ snip ]
> All these are blocked by rule #42. What is that rule?
> These log messages are from strange hosts. 80% of them don't
> resolve to a real hostname. All the packets you listed are
> tcp packets with no SYN flag, meaning they are theoretically
> responses to some tcp dns request your machine made. Because
> they are all response packets, I'm not sure what's going on.
> I don't know why you're getting responses from so many odd
> computers. The other strange thing, is that I would expect
> your firewall rules to allow response to outgoing TCP DNS requests.
> That's why I want to see rule 42.
>
> ipchains -L > /tmp/myrules
> vi /tmp/myrules, find line 42, and post it.
Actually, I like this -- and have added it to weblet's:
/var/sh-www/cgi-bin/viewfw :
ipchains -L -nv --line-numbers
This automatically lists line numbers . . .
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . .
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
