This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Filterrules ???

Is there anyone who can help me to filter(drop) some unwanted logged trafic from the packtet filter log.

---------------------------------------------------------------------------Aug 28 23:40:58 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:00:e8:9d:99:cd:08:00 SRC=192.168.0.25 DST=255.255.255.255 LEN=44 TOS=0x00 PREC=0x00 TTL=32 ID=59242 PROTO=UDP SPT=1028 DPT=38293 LEN=24
Aug 28 23:40:58 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:00:e8:9d:99:cd:08:00 SRC=192.168.0.25 DST=255.255.255.255 LEN=44 TOS=0x00 PREC=0x00 TTL=32 ID=59245 PROTO=UDP SPT=1028 DPT=38293 LEN=24
Aug 28 23:40:58 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:00:e8:9d:99:cd:08:00 SRC=192.168.0.25 DST=255.255.255.255 LEN=44 TOS=0x00 PREC=0x00 TTL=32 ID=59246 PROTO=UDP SPT=1028 DPT=38293 LEN=24
Aug 28 23:40:58 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:00:e8:9d:99:cd:08:00 SRC=192.168.0.25 DST=255.255.255.255 LEN=44 TOS=0x00 PREC=0x00 TTL=32 ID=59281 PROTO=UDP SPT=1028 DPT=38293 LEN=24
Aug 28 23:40:58 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:00:e8:9d:99:cd:08:00 SRC=192.168.0.25 DST=255.255.255.255 LEN=44 TOS=0x00 PREC=0x00 TTL=32 ID=59282 PROTO=UDP SPT=1028 DPT=38293 LEN=24
Aug 28 23:41:48 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=60702 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:41:52 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=60958 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:42:00 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=61214 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:42:16 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=61470 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:42:33 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:22:b0:ec:6e:08:00 SRC=81.216.250.3 DST=81.216.250.63 LEN=234 TOS=0x00 PREC=0x00 TTL=128 ID=14774 PROTO=UDP SPT=138 DPT=138 LEN=214
Aug 28 23:43:14 (none) kernel: ICMP Drop: IN=eth1 OUT= MAC=00:00:1c[:D]5:ab:78:00:09:e8:99[:D]f:3f:08:00 SRC=81.218.236.86 DST=81.216.250.13 LEN=92 TOS=0x00 PREC=0x00 TTL=103 ID=60815 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=11508
Aug 28 23:43:36 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:24:4a:6b:70:08:00 SRC=81.216.250.2 DST=81.216.250.63 LEN=237 TOS=0x00 PREC=0x00 TTL=128 ID=62713 PROTO=UDP SPT=1024 DPT=138 LEN=217
Aug 28 23:43:36 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:24:4a:6b:70:08:00 SRC=81.216.250.2 DST=81.216.250.63 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=62969 PROTO=UDP SPT=1029 DPT=137 LEN=58
Aug 28 23:43:37 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:24:4a:6b:70:08:00 SRC=81.216.250.2 DST=81.216.250.63 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=63225 PROTO=UDP SPT=1029 DPT=137 LEN=58
Aug 28 23:43:37 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:24:4a:6b:70:08:00 SRC=81.216.250.2 DST=81.216.250.63 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=63481 PROTO=UDP SPT=1029 DPT=137 LEN=58
Aug 28 23:43:47 (none) kernel: ICMP Drop: IN=eth1 OUT= MAC=00:00:1c[:D]5:ab:78:00:09:e8:99[:D]f:3f:08:00 SRC=81.218.63.165 DST=81.216.250.13 LEN=92 TOS=0x00 PREC=0x00 TTL=100 ID=5340 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=35301
Aug 28 23:43:52 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=61726 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:43:56 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=61982 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:43:59 (none) kernel: ICMP Drop: IN=eth1 OUT= MAC=00:00:1c[:D]5:ab:78:00:09:e8:99[:D]f:3f:08:00 SRC=81.218.106.90 DST=81.216.250.13 LEN=92 TOS=0x00 PREC=0x00 TTL=103 ID=41625 PROTO=ICMP TYPE=8 CODE=0 ID=768 SEQ=49504
Aug 28 23:44:04 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=62238 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:44:20 (none) kernel: UDP Drop: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:c8:25:61:cc:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=62494 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 28 23:44:31 (none) kernel: ICMP Drop: IN=eth1 OUT= MAC=00:00:1c[:D]5:ab:78:00:09:e8:99[:D]f:3f:08:00 SRC=81.218.191.253 DST=81.216.250.13 LEN=92 TOS=0x00 PREC=0x00 TTL=103 ID=40324 PROTO=ICMP TYPE=8 CODE=0 ID=768 SEQ=47062
---------------------------------------------------------------------------

This thread was automatically locked due to age.

Parents

0 Magnus_Lundberg over 22 years ago

Thanks for all replies !!

I am almost there only some ICMP entries left

Is there anyone who knows how you group services like ICMP and ESP into a servicegroup I cant find any way ??

Thanks again

Magnus
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Magnus_Lundberg over 22 years ago

Thanks for all replies !!

I am almost there only some ICMP entries left

Is there anyone who knows how you group services like ICMP and ESP into a servicegroup I cant find any way ??

Thanks again

Magnus
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data