[Shorewall-users] Dropped packet question....

Tom Eastep teastep@shorewall.net
Wed, 2 Jan 2002 05:54:08 -0800


On Wednesday 02 January 2002 04:10 am, Bear wrote:

>
> Log entry:
> Jan  2 03:27:56 net2all:DROP:IN=3Deth0 OUT=3Deth1 SRC=3D65.214.36.7
> DST=3D192.168.0.25 LEN=3D64 TOS=3D0x00 PREC=3D0x00 TTL=3D1 ID=3D32523 P=
ROTO=3DUDP SPT=3D53
> DPT=3D0 LEN=3D44

While the DPT is unusual, it's not unusual to see these sorts of orphan D=
NS=20
replies. I've handled them by:

a) cd /etc/shorewall; cp common.def common
b) Add the following to common

    run_iptables -A common -p udp --sport 53 -mstate --state NEW -j DROP

c) restart Shorewall

-Tom
--=20
Tom Eastep    \  teastep@shorewall.net
AIM: tmeastep  \  http://www.shorewall.net
ICQ: #60745924  \  Firewalls for Linux 2.4