I cannot answer you question, as I am still using ipchains. However, 10.255.255.255 is the broadcast address for the 10.x.x.x series of networks. IIUC, 10.1.5.8 is broadcasting to the 10.x.x.x network that the service on port 631 is available. It appears to be receiving something from 10.1.4.238 (a different network) that is an invalid packet. Of course, it's been a long while since I've looked at this sort of thing, so I may be full of horse hockey. -Tom -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Bill Tangren Sent: Thursday, August 11, 2005 12:23 PM To: redhat-list@xxxxxxxxxx Subject: iptables and/or CUPS question My RHEL ES4 box is behind a firewall. I have it set up as a CUPS print server. I noticed that I was getting this in my logwatch output (when Detail is set to Low): --------------------- Kernel Begin ------------------------ From 10.1.5.58 - 2764 packets to udp(631) ---------------------- Kernel End ------------------------- My box IS 10.1.5.58. It looked like iptables on my box was stopping packets from itself, so I bumped up the detail to Med, and got this: --------------------- Kernel Begin ------------------------ From 10.1.5.58 - 2777 packets To 10.255.255.255 - 2777 packets Service: ipp (udp/631) (INPUT packet died:,eth0,none) - 2777 packets ---------------------- Kernel End ------------------------- This is a typical /var/log/message entry: Aug 11 12:13:26 mach2 kernel: Invalid packet: IN=eth0 OUT= MAC=01:00:5e:00:00:01:08:00:4e:b0:01:e9:08:00 SRC=10.1.4.238 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=255 ID=53647 PROTO=ICMP TYPE=9 CODE=0 Could anyone tell me (or point me to a link that explains) why iptables is doing this. It occurred to me that the print server might be badly configured, but I am able to use it to print from other computers on our network. And, there is no 10.255.255.255 box on the network. Any ideas? TIA, Bill Tangren -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
