(This is a forward of a direct reply to me. I post it back to the list because I don't know the "real" solution to the problem. What package is responsible for the firewall rules below?)
As for redirecting the output to a more suitable location, you could try the ULOG target that can be handled by ulogd. Output from the LOG target is handled by syslogd. See the manpages for syslogd configuration and iptables. --- Forwarded message below --- Nicos Gollan <[EMAIL PROTECTED]> writes: > This is from iptables and indicates access to the ports used for Windows/ Samba > filesharing. Do > > iptables -L > > and check if there are entries with a LOG target. If you remove those entries, > the output should cease. If you want to get rid of it permanently, you'll > have to find out where they come from. Did you install something like > Bastille or another security tool? Reconfiguring those should do the trick. > > -- Here is my output of iptables -L: Chain FORWARD (policy DROP) target � � prot opt source � � � � � � � destination ACCEPT � � all �-- �192.168.1.0/24 � � � anywhere ACCEPT � � all �-- �anywhere � � � � � � 192.168.1.0/24 LOG � � � �all �-- �anywhere � � � � � � 192.168.1.0/24 � � LOG level warning DROP � � � all �-- �anywhere � � � � � � 192.168.1.0/24 LOG � � � �all �-- �anywhere � � � � � � anywhere � � � � � LOG level warning DROP � � � all �-- �anywhere � � � � � � anywhere Chain OUTPUT (policy DROP) target � � prot opt source � � � � � � � destination ACCEPT � � all �-- �anywhere � � � � � � anywhere ACCEPT � � all �-- �anywhere � � � � � � 255.255.255.255 ACCEPT � � all �-- �anywhere � � � � � � 192.168.1.0/24 ACCEPT � �!tcp �-- �anywhere � � � � � � BASE-ADDRESS.MCAST.NET/4 LOG � � � �all �-- �anywhere � � � � � � 192.168.1.0/24 � � LOG level warning DROP � � � all �-- �anywhere � � � � � � 192.168.1.0/24 ACCEPT � � all �-- �anywhere � � � � � � 255.255.255.255 ACCEPT � � all �-- � � � � � � � � � � � anywhere ACCEPT � � all �-- �10.255.255.255 � � � anywhere LOG � � � �all �-- �anywhere � � � � � � anywhere � � � � � LOG level warning DROP � � � all �-- �anywhere � � � � � � anywhere I did not install Bastille. I installed ipmasq. I do not know these entries were created. Any pointers to how to change LOG to point to a file on the hardisk? Thanks in advance. Sudeep � -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
