[Shorewall-newbies] Re: tcpflags SYN+FIN -- I use nessus from a pc inside the firewall

Nian Ma Nian.Ma at compel.com
Tue Mar 2 12:09:51 PST 2004


Nessus was running from a PC inside the firewall. Since the tcpflags are
set on the same interface, I thought the TCP SYN+FIN packages will be
dropped no matter where the source hosts are. I guess that's the
problem, but why?

Do you still need the status file?

Thanks a lot.
Mark

>>> Tom Eastep <teastep at shorewall.net> 3/2/04 2:31:54 PM >>>
On Tuesday 02 March 2004 11:17 am, Nian Ma wrote:
> TCP_FLAGS_DISPOSITION=DROP
>

If you will:

a) shorewall reset
b) run nessus probe
c) shorewall status > /tmp/status.txt
d) Send me the /tmp/status.txt as an attachment

I will try to determine what is happening.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net 
Washington USA  \ teastep at shorewall.net 




More information about the Shorewall-newbies mailing list