My RHEL ES4 box is behind a firewall. I have it set up as a CUPS print
server. I noticed that I was getting this in my logwatch output (when
Detail is set to Low):
--------------------- Kernel Begin ------------------------
From 10.1.5.58 - 2764 packets to udp(631)
---------------------- Kernel End -------------------------
My box IS 10.1.5.58. It looked like iptables on my box was stopping
packets from itself, so I bumped up the detail to Med, and got this:
--------------------- Kernel Begin ------------------------
From 10.1.5.58 - 2777 packets
To 10.255.255.255 - 2777 packets
Service: ipp (udp/631) (INPUT packet died:,eth0,none) - 2777
packets
---------------------- Kernel End -------------------------
This is a typical /var/log/message entry:
Aug 11 12:13:26 mach2 kernel: Invalid packet: IN=eth0 OUT=
MAC=01:00:5e:00:00:01:08:00:4e:b0:01:e9:08:00 SRC=10.1.4.238
DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=255 ID=53647 PROTO=ICMP
TYPE=9 CODE=0
Could anyone tell me (or point me to a link that explains) why iptables
is doing this. It occurred to me that the print server might be badly
configured, but I am able to use it to print from other computers on our
network. And, there is no 10.255.255.255 box on the network.
Any ideas?
TIA,
Bill Tangren
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
