[Firehol-support] Odd OUT-unknown messages
Marcus Williams
marcus at quintic.co.uk
Thu Dec 1 11:49:40 GMT 2005
Hi -
I am seeing a lot of OUT-unknown tagged logs (blocked by the firewall)
which are effecting network connectivity on my network as these tend to
be dns requests strangely. My firehol.conf file is:
version 5
# The network of our eth0 LAN.
home_ips="192.168.202.0/24"
server_ignored_ports="udp/712 tcp/135 udp/135 tcp/137 udp/137 tcp/138
udp/138 tcp/139 udp/139 tcp/445 udp/445"
client_ignored_ports="any"
interface eth0 dhcp
policy return
server dhcp accept
interface eth0 home src "${home_ips}"
policy reject
server "dns ssh icmp" accept
server "ignored" drop
client "dns icmp" accept
interface eth1 internet src not "${home_ips} ${UNROUTABLE_IPS}"
server ident reject with tcp-reset
client all accept
router internet2home inface eth1 outface eth0
masquerade reverse
client all accept
server ident reject with tcp-reset
So I've a small network on 192.168.202.x which this machine is on
(eth0). eth1 is the ADSL router facing interface (which picks up its IP
192.168.1.2 via DHCP). The ADSL router is 192.168.1.1
Is there anyway to track down where these are coming from? (Actually I'm
guessing there from dnsmasq, my dns cache & DHCP server - but why do
they end up going down the "unknown" interface?)
Thanks
Marcus
--
Marcus Williams -- http://www.cad-schroer.co.uk
CAD Schroer UK, 39 Newnham Road, Cambridge, UK
More information about the Firehol-support
mailing list