On Fri, Sep 2, 2011 at 4:00 PM, Tom Eastep <[email protected]> wrote: > On Fri, 2011-09-02 at 13:10 +0300, Liutauras Adomaitis wrote: > >> I've been using it for a years, but only now I stepped on the strange >> problem: >> the rule is >> ACCEPT:info all fw tcp 22 >> Primitive, however I get logs for each packet and expectation is that >> i get logs only for every incoming connection, syn packet. >> I've been using Mandriva and I guess distribution has made some rules, >> macros and this line was working as I expected, however now on Fedora >> 13 it just logs every packet. >> >> Any ideas? > > Did you inadvertently place the rule in the ESTABLISHED section of the > rules file rather than in the NEW section? > > -Tom > --
Just double checked - no. Here is my rules file: #SECTION ESTABLISHED #SECTION RELATED SECTION NEW ACCEPT all $FW tcp 22 - # SSH Can this be related to the fact that I'm running virtual machine based on OpenVZ. I just got it from my hosting provider. I am not familiar with such type of virtualization. Can this be related? I see other strange things - although I can access the box via ssh, I cannot access internet from this virtual machine, even DNS not working. using tcpdump I see udp packet leaving the box, and the response coming back however it is droped silently somewhere. My policy file: #SECTION ESTABLISHED #SECTION RELATED SECTION NEW ACCEPT all $FW tcp 22 - # SSH My Interfaces file: net venet0 detect dhcp,tcpflags,logmartians,nosmurfs And zones: fw firewall net ipv4 ------------------------------------------------------------------------------ Special Offer -- Download ArcSight Logger for FREE! Finally, a world-class log management solution at an even better price-free! And you'll get a free "Love Thy Logs" t-shirt when you download Logger. Secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsisghtdev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
