[Shorewall-newbies] UDP replys not dropped
Tom Eastep
teastep at shorewall.net
Wed Jan 7 09:46:30 PST 2004
On Wednesday 07 January 2004 09:30 am, Ingo Lantschner wrote:
>
> But also I have every minute this one:
> 16:56:08.890368 195.3.95.5 > 224.0.0.1: igmp query v2 [ttl 1]
>
Those also get dropped out of the 'common' chain.
[root at gateway root]# shorewall show common
Shorewall-1.4.8 Chain common at gateway.shorewall.net - Wed Jan 7 09:42:13
PST 2004
Counters reset Wed Jan 7 08:18:30 PST 2004
Chain common (6 references)
pkts bytes target prot opt in out source
destination
...
0 0 DROP all -- * * 0.0.0.0/0
224.0.0.0/4
...
[root at gateway root]#
It's been a while since I used pppd but isn't there a file that defines the
'ignore these' packets for the purpose of idle timeout?
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies
mailing list