On 9/2/2014 8:25 AM, Steve wrote: > I have a Shorewall installation which works (almost) perfectly... it > implements a firewall bridging an OpenVPN interface, and services on the > host running Shorewall - traffic is permitted from the OpenVPN interface > to a minimal set of ports - each corresponding to a specific service > running on the server running Shorewall. > > My problem is that my syslog is filling with messages of the form: > >> Sep 2 15:37:31 server kernel: [52835.565836] >> Shorewall:pub2fw:DROP:IN=tun0 OUT= MAC= SRC=SS.SS.SS.SS >> DST=DD.DD.DD.DD LEN=143 TOS=0x00 PREC=0x00 TTL=64 ID=8370 DF PROTO=UDP >> SPT=17500 DPT=17500 LEN=123 > > SS.SS.SS.SS is the public IP address of the server that runs the remote > OpenVPN endpoint. > > DD.DD.DD.DD is the IP address of the local end-point for the OpenVPN link. > > The source port identifies the traffic as from the Dropbox Lansync > protocol. I know this to be run on the remote server - and I am not in > a position to influence the configuration of the remote server. The > local server does not support/use the Dropbox Lansync protocol. I am > very happy that these packets are dropped... but I'd prefer not to fill > my syslog with notifications about this benign dropped packet. > > Please can someone point me towards some minimal change I can make to my > Shorewall configuration that will eliminate this recurring syslog > message - but otherwise leave Shorewall behaviour as is?
This is Shorewall FAQ 6b. The solution is to add this rule: DROP pub fw udp 17500 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
