Package: fiaif
Version: 1.19.2-11
Severity: normal
Hi. With
INPUT[5]="ACCEPT_LOG tcp 3306 0.0.0.0/0=>0.0.0.0/0"
in /etc/fiaif/zone.ext, connections to this port are logged as both
accepted and dropped
Dec 22 13:47:39 sns kernel: [FIAIF_ACCEPT]:IN=eth0 OUT= MAC=xxx SRC=xxx
DST=xxx LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20659 DF PROTO=TCP SPT=34180
DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0
Dec 22 13:47:39 sns kernel: [FIAIF_DROP]:IN=eth0 OUT= MAC=xxx SRC=xxx
DST=xxx LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20659 DF PROTO=TCP SPT=34180
DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0
and connections fail. But with
INPUT[5]="LOG tcp 3306 0.0.0.0/0=>0.0.0.0/0"
INPUT[6]="ACCEPT tcp 3306 0.0.0.0/0=>0.0.0.0/0"
connections are logged and accepted. I expected these to be equivalent.
I'm not sure whether there's a similar problem with DROP_NOLOG and
REJECT_NOLOG.
Rob
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (30, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-2-386
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages fiaif depends on:
ii bash 2.05b-26 The GNU Bourne Again SHell
ii coreutils 5.2.1-2 The GNU core utilities
ii cron 3.0pl1-86 management of regular background p
ii debconf 1.4.30.13 Debian configuration management sy
ii debianutils 2.8.4 Miscellaneous utilities specific t
ii dnsutils 1:9.2.4-1sarge1 Clients provided with BIND
ii grep 2.5.1.ds1-4 GNU grep, egrep and fgrep
ii iptables 1.2.11-10 Linux kernel 2.4+ iptables adminis
ii logtail 1.2.39 Print log file lines that have not
ii net-tools 1.60-10 The NET-3 networking toolkit
ii sed 4.1.2-8 The GNU sed stream editor
ii wget 1.9.1-12 retrieves files from the web
-- debconf information:
* fiaif/warning:
* fiaif/enable_cron: true
* fiaif/enable_initd: true
* fiaif/cron_logfile:
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
