-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 18 Jan 2003 14:53:45 -0800, Bruce Douglas wrote: > A mistake on my part.. wasn't trying to hide the internal ip/ports... > > per your input... the following is what is listed in the > /var/log/messages file > (i left out some of the earlier stuff for the sake of brevity) > > ( > iptables --insert INPUT --in-interface eth0 --protocol tcp > --destination-port http --jump LOG --log-level info > --log-prefix "www in: " > ) > > > gets:... > Jan 18 14:43:29 lserver2 kernel: www in: IN=eth0 OUT= > MAC=00:03:47:63:41:aa:00:c0:4f:02:50:15:08:00 SRC=192.168.1.3 > DST=192.168.1.52 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=30800 DF > PROTO=TCP SPT=1611 DPT=80 WINDOW=16384 RES=0x00 SYN U > RGP=0 - -snip- These were *all* connections from 192.168.1.3 (another host you haven't mentioned earlier!) to 192.168.1.52. After you had entered the iptables logging rule, did you try to access your Linux box Apache server from the outside? Or what else did you do actually to get those log messages? [One could modify the iptables rule to *not* log connections coming from your LAN (192.168.1.0/24), but that was not my intention. I wanted to see your port 80 traffic at the packet filter level.] > so.. the question is.. do i have something configured incorrectly?? - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+Kn0E0iMVcrivHFQRAgHqAJoCq4jM3AislpcbndVJxkmb+VfZOQCggJCc vmvWrgeONRQnsg9QfD1J2iQ= =ucCS -----END PGP SIGNATURE----- -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
