[Shorewall-newbies] Log problem

Tom Eastep teastep at shorewall.net
Sun Feb 1 13:02:03 PST 2004


On Sun, 1 Feb 2004, Martin OK2CFM wrote:

> Hi all,
> I have computer which works as firewall and router in to internet.
> In my computer are two network interfaces:
> wlan0	62.209.206.83/255.255.255.192 - wifi internet connection
> eth0	192.168.1.1/255.255.255.0 - local subnet
> All is ok. Only my log is full of records like these:
>
> Feb  1 11:36:38 pc1 kernel: Shorewall:rfc1918:DROP:IN=wlan0 OUT=
> MAC=ff:ff:ff:ff:ff:ff:00:06:ab:00:6d:9a:08:00 SRC=0.0.0.0
> DST=255.255.255.255 LEN=330 TOS=0x00 PREC=0x00 TTL=128 ID=1536 PROTO=UDP
> SPT=68 DPT=67 LEN=310

That one can be eliminated by setting 'dhcp' on wlan0 in
/etc/shorewall/interfaces.

> Feb  1 11:36:38 pc1 kernel: martian source 255.255.255.255 from
> 192.168.1.100, on dev wlan0
> Feb  1 11:36:38 pc1 kernel: ll header:
> ff:ff:ff:ff:ff:ff:00:80:48:24:d2:e2:08:00
> Feb  1 11:37:03 pc1 kernel: martian source 62.209.206.127 from
> 192.168.1.2, on dev wlan0
> Feb  1 11:37:03 pc1 kernel: ll header:
> ff:ff:ff:ff:ff:ff:00:02:2d:18:24:16:08:00
> Feb  1 11:37:04 pc1 kernel: martian source 62.209.206.127 from
> 192.168.1.2, on dev wlan0
> Feb  1 11:37:04 pc1 kernel: ll header:
> ff:ff:ff:ff:ff:ff:00:02:2d:18:24:16:08:00
>
> But in my local network is not computer with IP 192.168.1.100 or
> 192.168.1.2!!!
> Can somebody help me?
>

Add this to /etc/shorewall/init:

	echo 0 > /proc/sys/net/ipv4/config/wlan0/log_martians

-Tom
--
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net


More information about the Shorewall-newbies mailing list