Hi: I configured shorewall-init on my debian fw to avoid messages like this:
____________________________ Jan 6 17:08:54 munin Shorewall:net2fw:DROP: IN=eth0 OUT= MAC=48:5b:39:ac:1b:5e: 00:12:da:a4:14:bf:08:00 SRC=213.162.248.20 DST=81.166.42.2 LEN=76 TOS=00 PREC=0x 00 TTL=56 ID=0 DF PROTO=UDP SPT=439 DPT=123 LEN=56 MARK=0 Jan 6 17:08:58 munin Shorewall:net2fw:DROP: IN=eth0 OUT= MAC=48:5b:39:ac:1b:5e: 00:12:da:a4:14:bf:08:00 SRC=193.212.132.34 DST=81.166.42.2 LEN=76 TOS=00 PREC=0x 00 TTL=114 ID=26939 PROTO=UDP SPT=23009 DPT=123 LEN=56 MARK=0 Jan 6 17:09:00 munin Shorewall:net2fw:DROP: IN=eth0 OUT= MAC=48:5b:39:ac:1b:5e: 00:12:da:a4:14:bf:08:00 SRC=88.84.190.34 DST=81.166.42.2 LEN=76 TOS=00 PREC=0x00 TTL=116 ID=33107 PROTO=UDP SPT=227 DPT=123 LEN=56 MARK=0 Jan 6 17:09:14 munin Shorewall:net2fw:DROP: IN=eth0 OUT= MAC=48:5b:39:ac:1b:5e: 00:12:da:a4:14:bf:08:00 SRC=193.212.132.34 DST=81.166.42.2 LEN=76 TOS=00 PREC=0x 00 TTL=114 ID=27111 PROTO=UDP SPT=23009 DPT=123 LEN=56 MARK=0 ____________________________ I have a public ntp server running on a box behind the fw. Tom (Eastep) recommended me to configure shorewall-init to get rid of these log entries. I installed shorewall-init and configured it to close the fw prior to network with: PRODUCTS="shorewall" In /etc/default/shorewall-init As I understand it this should be sufficient to close the fw before bringing up networking. But I see the above messages in the log when I reboot. Flushing the connection tracking table is the only solution by running 'conntrack -F'. But when I reboot the fw similar entries reappear in my fw logs and I have to run conntrack -F manually. How can I prevent these entries cluttering my log? Shorewall 4.5.21.5 on debian sid running linux 3.12.6 Please let me know if you need additional info about my config to help me solve this problem. Thanks ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
