HI,
English is not my native language, so forgive about my mistakes.
I think you can point me to right direction to investigate some
"weird" log lines from my iptables ( 1.3.7 )
I use -m state to control my traffic and I am see a lot of log
lines, from a lot of src ips ( out of my range and from other
countries) and with SPT=80 PROTOCOL=TCP directed to machines, in my
lan. There are some line were SPT=10100 or 6667.
The strange thing is that target IPs were never used in my LAN.
They are in our range, but, we never used them. Other detail: all
lines have ACK SYN URGP=0.
I log everything I drop and, in that cases, an
RELATED,ESTABLISHED rule is blocking the packages.
Could some one point me in a good direction to solve/investigate
the problem?
Cássio
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
