<quote who="CompuGenic"> > Hello all. > I use a basic iptables ruleset to perform SNAT on all outgoing > connections from my LAN, and to drop all NEW connections coming from the > Internet. > However, my logs are constantly filled with entries as follows: > Jun 9 8:51:12 host -- MARK -- > Jun 9 9:11:12 host -- MARK -- > Jun 9 9:31:12 host -- MARK -- > Jun 9 9:51:12 host -- MARK -- > Jun 9 10:11:12 host -- MARK -- > Jun 9 10:31:12 host -- MARK -- > > Notice the time patterns? I have no idea where these are coming from? Is > there a way to know if it's from my firewall, or to track the source? Hi Pablo, You can switch this off in your /etc/init.d/syslogd or on RH based systems in /etc/sysconfig/syslog e.g. # Options to syslogd # -m 0 disables 'MARK' messages. # -r enables logging from remote machines # -x disables DNS lookups on messages recieved with -r # See syslogd(8) for more details SYSLOGD_OPTIONS="-m 0" HTH. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 742001 E ghenry@xxxxxxxxxxxxxxxxxx Open Source. Open Solutions(tm). http://www.suretecsystems.com/
