Hi there,
Lovely piece of work, Vuurmuur. Thanx for that!
The following however is quite bothering me.
PROBLEM:
After having checked the appropriate anti-spoofings on the
INTERNET.OUTER-ZONE, the log-file (> /var/log/firewall.log) is flooded
with messages stating "vrmr: DROP spoof iana-0/8 etc".
WANTED:
Stopping this flooding.
SOLUTION (assumed):
Added service called 'dhcp_spoof' with udp 68->67 & broadcast-box checked.
Added rule to DROP service 'dhcp_spoof' FROM INTERNET.OUTER
(INT=internet_nic) TO any & LOG _unchecked_.
(Hierarchy = just above DROP ALL)
Applied changes - 'Success / A-OKE'.
STATUS:
Problem still exists.
I assumed that after having set this rule, the flooding would be stopped.
Alas, the messages keep appearing!
Even after having issued the command-sequence 'service vuurmuur stop &&
iptables -F && iptables -X && service vuurmuur start'.
So.....
QUESTION(s):
Could anyone enlighten me about what I'm doing wrong?
Has it something to do with the anti-spoofing rule, set in the
ZONE-definition, taking precedence over my custom rule?
If so, can I change this order and if so, howto?
Much obliged,
Attelas
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Vuurmuur-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
