[fw-wiz] Weird FW bridge stuff (Linux)
From: Chris Ditri (chrisd_at_better-investing.org)
Date: 12/09/03
- Previous message: Melson, Paul: "RE: [fw-wiz] SunScreen Log Analyzer"
- Next in thread: Chris Ditri: "Re: [fw-wiz] Weird FW bridge stuff (Linux)"
- Reply: Chris Ditri: "Re: [fw-wiz] Weird FW bridge stuff (Linux)"
- Reply: Lorens Kockum: "Re: [fw-wiz] Weird FW bridge stuff (Linux)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com Date: Tue, 9 Dec 2003 15:51:36 -0500
Hello.
I have setup a linux ethernet bridge/firewall. Everything seemed to be
working pretty well, until one day I found that my /var/log/messages was
filled up with 14 gigabytes of this junk:
Dec 9 15:47:55 kronos nf_hook: hook 4 already set.
Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=74
Dec 9 15:47:55 kronos nf_hook: hook 0 already set.
Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=br0 len=69
Dec 9 15:47:55 kronos PROTO=6 209.202.220.135:25 10.103.232.134:46016 L=69
S=0x00 I=7745 F=0x4000 T=50
Dec 9 15:47:55 kronos nf_hook: hook 0 already set.
Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=69
Dec 9 15:47:55 kronos nf_hook: hook 2 already set.
Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth1 len=69
Dec 9 15:47:55 kronos PROTO=6 209.202.220.135:25 10.103.232.134:46016 L=69
S=0x00 I=7745 F=0x4000 T=50
Dec 9 15:47:55 kronos nf_hook: hook 2 already set.
Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth1 len=69
Dec 9 15:47:55 kronos nf_hook: hook 4 already set.
Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth1 len=69
Dec 9 15:47:55 kronos PROTO=6 209.202.220.135:25 10.103.232.134:46016 L=69
S=0x00 I=7745 F=0x4000 T=50
Dec 9 15:47:55 kronos nf_hook: hook 4 already set.
Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth1 len=69
Dec 9 15:47:55 kronos nf_hook: hook 0 already set.
Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=br0 len=58
Dec 9 15:47:55 kronos PROTO=6 10.103.232.134:46016 209.202.220.135:25 L=58
S=0x00 I=14180 F=0x4000 T=64
Dec 9 15:47:55 kronos nf_hook: hook 0 already set.
Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth1 len=58
Dec 9 15:47:55 kronos nf_hook: hook 2 already set.
Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth0 len=58
Dec 9 15:47:55 kronos PROTO=6 10.103.232.134:46016 209.202.220.135:25 L=58
S=0x00 I=14180 F=0x4000 T=64
Dec 9 15:47:55 kronos nf_hook: hook 2 already set.
Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=58
Dec 9 15:47:55 kronos nf_hook: hook 4 already set.
Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth0 len=58
Dec 9 15:47:55 kronos PROTO=6 10.103.232.134:46016 209.202.220.135:25 L=58
S=0x00 I=14180 F=0x4000 T=64
Dec 9 15:47:55 kronos nf_hook: hook 4 already set.
Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=58
I did some poking around, and I heard that this was because of a bug in the
2.4.19 version of this software (patch for the kernel). So I downloaded and
compiled the kernel in 2.4.23 -- with the same exact config file. All of a
sudden none of my IPTABLES rules are not having any influence on traffic!
Bye-bye fiewall...
I tried to apply the patch to my 2.4.23 kernel, but it fails. I cannot find
this version of a bridge patch for 2.4.23 anywhere. I have read that people
have gotten this sort of thing working with kernel 2.4.20 and up -- but no
reference as to what they had to do to get it working right.
What can I do?
Thanks!
Chris
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Melson, Paul: "RE: [fw-wiz] SunScreen Log Analyzer"
- Next in thread: Chris Ditri: "Re: [fw-wiz] Weird FW bridge stuff (Linux)"
- Reply: Chris Ditri: "Re: [fw-wiz] Weird FW bridge stuff (Linux)"
- Reply: Lorens Kockum: "Re: [fw-wiz] Weird FW bridge stuff (Linux)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
