I have a Shorewall installation which works (almost) perfectly... it implements a firewall bridging an OpenVPN interface, and services on the host running Shorewall - traffic is permitted from the OpenVPN interface to a minimal set of ports - each corresponding to a specific service running on the server running Shorewall.
My problem is that my syslog is filling with messages of the form: > Sep 2 15:37:31 server kernel: [52835.565836] > Shorewall:pub2fw:DROP:IN=tun0 OUT= MAC= SRC=SS.SS.SS.SS > DST=DD.DD.DD.DD LEN=143 TOS=0x00 PREC=0x00 TTL=64 ID=8370 DF PROTO=UDP > SPT=17500 DPT=17500 LEN=123 SS.SS.SS.SS is the public IP address of the server that runs the remote OpenVPN endpoint. DD.DD.DD.DD is the IP address of the local end-point for the OpenVPN link. The source port identifies the traffic as from the Dropbox Lansync protocol. I know this to be run on the remote server - and I am not in a position to influence the configuration of the remote server. The local server does not support/use the Dropbox Lansync protocol. I am very happy that these packets are dropped... but I'd prefer not to fill my syslog with notifications about this benign dropped packet. Please can someone point me towards some minimal change I can make to my Shorewall configuration that will eliminate this recurring syslog message - but otherwise leave Shorewall behaviour as is? ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
