Mikko Lyly wrote:
i know this proly does not belong in this list but if any one has an idea why i am geting this please tell!
i keep geting this stuff to kernel logs
Forged DCC command from 10.255.128.4: 62.71.235.143:10388
Forged DCC command from 10.255.128.4: 62.71.235.143:10388
Forged DCC command from 10.255.128.4: 62.71.235.143:10347
Forged DCC command from 10.255.128.4: 62.71.235.143:10378
Forged DCC command from 10.255.128.4: 62.71.235.143:10336
Hmm IIRC the reason is the remote site not masquerading proper.
DCC transfer requests contain the ip, so if the remote person is
masquerading his traffic but not also changing the ip contained in
the dcc request iptables refuses to accept the connection as related
because the two ips differ. The RELATED expectation is made by
the connection tracking helper which parses the dcc requests. If it
would accept it, it would allow 10.255.128.4 to connect to some port
on your system, so someone evil could easily cirumvent your packet
filter rules by sending forged dcc requests.
Bye,
Patrick
