Re: [Shorewall-users] ACKs in Logs After Upgrade to 5.1

Tue, 06 Feb 2018 07:38:36 -0800 

On 02/06/2018 06:25 AM, John Thomas wrote:
>     Logs in 5.1, but not when on 5.0
> 
> 
>         Feb  5 16:38:53 home kernel: net-fw DROP IN=eth0 OUT=
>         MAC=(redacted) SRC=208.85.46.26 DST= 208.85.46.26 LEN=1280
>         TOS=0x00 PREC=0x00 TTL=55 ID=13502 DF PROTO=TCP SPT=80 DPT=41374
>         WINDOW=201 RES=0x00 ACK URGP=0 
>         Feb  5 16:39:28 home kernel: net-fw DROP IN=eth0 OUT= MAC=
>         (redacted) SRC=208.85.46.26 DST=(redacted) LEN=1280 TOS=0x00
>         PREC=0x00 TTL=55 ID=13503 DF PROTO=TCP SPT=80 DPT=41374
>         WINDOW=201 RES=0x00 ACK URGP=0 
>         Feb  5 16:40:37 home kernel: net-fw DROP IN=eth0 OUT=
>         MAC=(redacted) SRC=208.85.46.26 DST=(redacted) LEN=1280 TOS=0x00
>         PREC=0x00 TTL=55 ID=13504 DF PROTO=TCP SPT=80 DPT=41374
>         WINDOW=201 RES=0x00 ACK URGP=0 
>         Feb  5 16:42:38 home kernel: net-fw DROP IN=eth0 OUT=
>         MAC=(redacted) SRC=208.85.46.26 DST=(redacted) LEN=1280 TOS=0x00
>         PREC=0x00 TTL=55 ID=13505 DF PROTO=TCP SPT=80 DPT=41374
>         WINDOW=201 RES=0x00 ACK URGP=0 
> 
> 
>     I'm getting these ACK DROP message in the logs from Google on IPv6,
>     Pandora (daughter), one DNS provider that I cannot remember.  Could
>     I trouble you to help me understand what is going on?
> 
> Another odd log I did not get on 5.0.  This is without the ACK in it and
> is UDP from port 443. 
> Feb  6 00:01:30 home kernel: net-fw DROP IN=eth0 OUT= MAC=(redacted)
> SRC=172.217.5.74 DST=(redacted) LEN=77 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF
> PROTO=UDP SPT=443 DPT=44373 LEN=57 
> Feb  6 00:01:31 home kernel: net-fw DROP IN=eth0 OUT= MAC=(redacted)
> SRC=172.217.5.74 DST=(redacted) LEN=77 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF
> PROTO=UDP SPT=443 DPT=44373 LEN=57  
> 

Please send me (privately) the output of 'shorewall dump' as an attachment.

Thanks,
-Tom
-- 
Tom Eastep        \   Q: What do you get when you cross a mobster with
Shoreline,         \     an international standard?
Washington, USA     \ A: Someone who makes you an offer you can't
http://shorewall.org \   understand
                      \_______________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to