Re: [Leaf-user] Am so lovin LEAF, but have got some question
Well I tried a long winded version with due props for a lot of you here that have helped me get my LEAF FW running, through just your interaction on this list. Now I'm just asking if anyone has some suggestions for this. BIG THANKS for your time. At 04:09 PM 2/6/02, I wrote: If you really must get to the point of the story skip down to the closing tag for LONG VERSION OF SHORT STORY. Big thanks to many! Not in any order but how I'm finding them in my mail archive, and I know I'll for snip, snip their downloads, as I heard on the list. /LONG VERSION OF SHORT STORY. What I am trying to do is not log some lines that keep showing up in my messages. I believe these to be either net-bios related messages or VPN keep alives being broadcast from the corporate VPN connection. I can not just turn all of that off as I need to map local drives to corporate assets. However if I can tell the firewall to ignore or not log these I will have met my goal. Feb 6 14:10:19 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI SOME8DIGITHEXNO has no masq table entry. Feb 6 14:10:21 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI DIFF8DIGITHEXNO has no masq table entry. As Always... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Am so lovin LEAF, but have got some question
Hello Dennis I don't use VPN myself, but found an answer to your question using google What I am trying to do is not log some lines that keep showing up in my messages. I believe these to be either net-bios related messages or VPN keep alives being broadcast from the corporate VPN connection. I can not just turn all of that off as I need to map local drives to corporate assets. However if I can tell the firewall to ignore or not log these I will have met my goal. These are kernel logging messages used during debugging. http://www.sandelman.ottawa.on.ca/linux- ipsec/html/2000/12/msg00342.html look in ipsec.conf to lines like .debug= and set them to none, this should stop this messages Feb 6 14:10:19 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI SOME8DIGITHEXNO has no masq table entry. Feb 6 14:10:21 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI DIFF8DIGITHEXNO has no masq table entry. As Always... hope this will help Eric Wolzak http://leaf.sf.net/devel/ericw Bering http://leaf.sf.net/devel/jnilo ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Am so lovin LEAF, but have got some question
On Fri, 8 Feb 2002, Dennis S wrote: Well I tried a long winded version with due props for a lot of you here that have helped me get my LEAF FW running, through just your interaction on this list. Now I'm just asking if anyone has some suggestions for this. BIG THANKS for your time. At 04:09 PM 2/6/02, I wrote: If you really must get to the point of the story skip down to the closing tag for LONG VERSION OF SHORT STORY. Big thanks to many! Not in any order but how I'm finding them in my mail archive, and I know I'll for snip, snip their downloads, as I heard on the list. /LONG VERSION OF SHORT STORY. What I am trying to do is not log some lines that keep showing up in my messages. I believe these to be either net-bios related messages or VPN keep alives being broadcast from the corporate VPN connection. I can not just turn all of that off as I need to map local drives to corporate assets. However if I can tell the firewall to ignore or not log these I will have met my goal. Feb 6 14:10:19 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI SOME8DIGITHEXNO has no masq table entry. Feb 6 14:10:21 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI DIFF8DIGITHEXNO has no masq table entry. As Always... If you're on Dachstein there's a SILENT_DENY option in network.conf that is what you're looking for. -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Am so lovin LEAF, but have got some question
If you really must get to the point of the story skip down to the closing tag for LONG VERSION OF SHORT STORY. Big thanks to many! Not in any order but how I'm finding them in my mail archive, and I know I'll leave out some. Especially jack at monkeynoodle, guitarlynn at kscable, charles at steinkuehler, jnilo at sourceforge, mschalit at pacbell, mds at helices, mhnoyes at sourceforge, ray at comarre and many others that host supporting web pages, reply to posted questions I have lurked here for a couple of months and have added a couple of cents or a question now and then. My system is an old Compaq Prosignia 66Mhz 486DX with 48Mb RAM, two ne200 0 compatible NICS and a single 3 1/2 floppy drive. It is so sweet to be getting a useful firewall out of that, it was a killer machine in it's hay days. I have gotten to work remotely for my employer, so on a cable modem I sit in my basement in Missouri and work for my employer in Virginia. The last thing I want is for my VPN connection to corporate to be the access point that some one uses to get into the system. That is one of the primary reasons for the firewall. Now although I've told you my hardware, I'd be hard pressed to tell what version of LRP I'm using. Got most of my material from Charles and think it would be a Dachstein (sp?) floppy based system. I know that I use 1.68Mb floppies. What I trying to say here is that I have visited so many web sites, downloaded so many images and executables so that this M$ box could make initial boot floppies and such that I'm not sure what I've got. What I have done is zip up a messages file and a capture of the boot screen text that I'd gladly mail to anyone that wants to contact me and take a look. I am trying to be sensitive to those that pay for their downloads, as I heard on the list. /LONG VERSION OF SHORT STORY. What I trying to do is not log some lines that keep showing up in my messages. I believe these to be either net-bios related messages or VPN keep alives being broadcast from the corporate VPN connection. I can not just turn all of that off as I need to map local drives to corporate assets. However if I can tell the firewall to ignore or not log these I will have met my goal. Feb 6 14:10:19 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI SOME8DIGITHEXNO has no masq table entry. Feb 6 14:10:21 ardentpursuit kernel: ip_demasq_esp(): Inbound from MY.CORP.VPN.ADDRESS SPI DIFF8DIGITHEXNO has no masq table entry. As Always... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
