On Wed, 6 Nov 2002 00:39, you wrote: > Hi Paul ! > > The distribution is: RedHat 7.2. Have you configured iptables with the config file /etc/sysconfig/iptables= ? This is the RedHat way of doing it, and unless you have a specific reason= not to, you may as well do it that way to. > The following messages I got in /var/log/messages: > > Nov 1 04:57:34 rock kernel: IN=3Deth0 OUT=3Deth1 SRC=3D200.18.4= 2.50 > DST=3D80.135.20.116 LEN=3D48 TOS=3D0x00 PREC=3D0x00 TTL=3D127 ID=3D2986= 6 DF PROTO=3DTCP > SPT=3D1051 DPT=3D4661 WINDOW=3D16384 RES=3D0x00 SYN URGP=3D0 So that's a log from iptables... > ---> Power down probably in this moment. Do you power it down, or is it crashing? > Nov 1 05:43:38 rock syslogd 1.4.1: restart. > Nov 1 05:43:42 rock kernel: Receiver lock-up workaround activated. > Nov 1 05:43:42 rock kernel: eth1: OEM i82557/i82558 10/100 Ethernet, > 00:04:AC:E6:59:73, IRQ 10. This is odd... Syslog restarts and then your ethernet modules get loaded.= If this was on startup you should see a lot more stuff between the first two lines. Why is the ethernet module getting reloaded here? Have you got something in a cron job maybe? > Nov 1 05:43:42 rock kernel: Receiver lock-up bug exists -- enabling > work-around. Nov 1 05:43:42 rock kernel: Board assembly 698523-001, > Physical connectors present: RJ45 > Nov 1 05:43:42 rock kernel: Primary interface chip i82555 PHY #1. > Nov 1 05:43:42 rock kernel: General self-test: passed. > Nov 1 05:43:42 rock kernel: Serial sub-system self-test: passed. > Nov 1 05:43:42 rock kernel: Internal registers self-test: passed. > Nov 1 05:43:42 rock kernel: ROM checksum self-test: passed (0x24c9f0= 43). > Nov 1 05:43:42 rock kernel: Receiver lock-up workaround activated. > Nov 1 05:43:42 rock kernel: eepro100.c:v1.09j-t 9/29/99 Donald Becker > http://www.scyld.com/network/eepro100.html > Nov 1 05:43:42 rock kernel: eepro100.c: $Revision: 1.36 $ 2000/11/17 > Modified by Andrey V. Savochkin <saw@saw.sw.com.sg> and others > Nov 1 05:43:42 rock kernel: eth0: OEM i82557/i82558 10/100 Ethernet, > 00:04:AC:E6:5E:5F, IRQ 11. > Nov 1 05:43:42 rock kernel: Receiver lock-up bug exists -- enabling > work-around. Nov 1 05:43:42 rock kernel: Board assembly 698523-001, > Physical connectors present: RJ45 > Nov 1 05:43:42 rock kernel: Primary interface chip i82555 PHY #1. > Nov 1 05:43:42 rock kernel: General self-test: passed. > Nov 1 05:43:42 rock kernel: Serial sub-system self-test: passed. > Nov 1 05:43:42 rock kernel: Internal registers self-test: passed. > Nov 1 05:43:42 rock kernel: ROM checksum self-test: passed (0x24c9f0= 43). > Nov 1 05:43:42 rock kernel: ip_tables: (C) 2000-2002 Netfilter core te= am > Nov 1 05:43:42 rock kernel: ip_conntrack (768 buckets, 6144 max) > -----> THE PROBLEM: Nov 1 05:44:38 my_firewall iptables: Aplicar as > regras de 'firewall' do iptables: failed If you do an 'lsmod' here, does it show the iptables module loaded? Does = it show ipchains? After this fails how are you starting iptables? Also, what is myfirewall iptables: - is that from some script? I haven't = seen that one before. Are you maybe using a firewall tool to configure iptable= s? Okay, I know there are more questions than answers here but the more info= the better. Cheers, Paul. PS. I've also posted this back to the security list which you should probably= as well rather than mailing me directly. Many eyes make light work! ------------------------------------------------------- ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
