Le dim 07/09/2003 Ã 15:34, ÐÐÐÐÐÐÐÑ ÐÐÑÐÐÐÐ a Ãcrit : > 194.67.23.25 -outside mail server from that i tried to send mail to my > mail server. > New not syn: IN=eth0 OUT=eth1 SRC=194.67.23.25 DST=192.168.5.2 LEN=88 > TOS=0x00 PREC=0x00 TTL=55 ID=2475 DF PROTO=TCP SPT=25 > DPT=49073 WINDOW=57920 RES=0x00 ACK PSH FIN URGP=0 > New not syn: IN=eth0 OUT=eth1 SRC=194.67.23.25 DST=192.168.5.2 LEN=88 > TOS=0x00 PREC=0x00 TTL=55 ID=4691 DF PROTO=TCP SPT=25 > DPT=49073 WINDOW=57920 RES=0x00 ACK PSH FIN URGP=0 [...] These logs have been raised by a rule you did not show in the ruleset you gave. This rule has a -j LOG --log-prefix "New not syn: " target and is supposed to match packets with state NEW that are not syn ones (-m state --state NEW -p tcp -m tcp ! --syn). This does not happens very often on SMTP flows, so this kind of log is a bit strange to me. Can we see you whole ruleset ? Without a complete ruleset, it is unlikely one can provide valuable help if there's side effects. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
