Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 3805 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Default drop rule

Virtualroot
Hello,

I have a problem with this rule.
When I make a "aptitude install my packet", for some packets, I have a time out.

By analyzing the logs of the firewall, I am perceived that I had errors, in particular "Default Drop" since the serveur security.debian.org[:O].

Does anybody know not how to have more this error because impossible to install my mail server?

I'm sorry for my english but it's little bad.

Thank you for your reponses.


This thread was automatically locked due to age.
  • 0
    Hi, dropped RST packets are not usually a problem.

    Are you using the Web Security / Web Protection Features?
    If so, check the http log.

    Also, you should look at the IPS log.

    Barry
  • 0 in reply to BarryG
    I found this log which corresponds to the package which was in error:

    filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x12941a60" url="http://mirror.ovh.net/debian/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8.13-0+squeeze2_amd64.deb" exceptions="" error="client connection closed during scanner run" country="France" category="178" reputation="neutral" categoryname="Internet Services" content-type="application/x-debian-package"


    That it would be due to the fact that I use a double scan and that I block Spyware infection and communication?
  • 0
    Hi, you might need to add your server to the Transparent Mode Skiplist, and make sure you have a packetfilter rule to allow the http/https traffic out, at least temporarily.

    Barry