Verbosity Increase on ac10 vs ac1 ?!
Stef telford
stef@chronozon.dyndns.org
Sat, 10 Jun 2000 03:47:32 -0500 (CDT)
hello everyone, jst a quick message to ask if the
default behaviour has changed over dropped and
stranged packets ?
Using ac1 i dont get any errors in the logs (i have
a fairly strict policy in place hopefully ;) but in
ac10 (its actually ac11 but the makefile wasnt changed
to reflect this, oh well) there are a 'lot' of packets
showing up.
Now, i dont think this is a 'feature' in the netfilter
code, the packets (or errors) would seem to be more
suggestive of dubious packets, but jst thought I would
verify.
I can understand the following getting logged :
Chronozon kernel: NAT: 0 dropping untracked packet c71f3f00 1 255.255.255.255 -> 0.0.0.0
Basically saying it dropped a 'broadcast everywhere'
(which is VERY impolite if i am reading that correct ;)
But is the following getting logged :
NAT: 0 dropping untracked packet c48da540 1 10.6.0.3 -> 10.6.15.255
Becuase its an 'internal' addressed ip and i dont have
any interfaces on that (192.x.x.x and 24.x.x.x) ?!
Either way, is it possible to echo a value to someplace
in the netfilter code to tell nat that i +really+
+truly+ dont want to see the dropped connections ?!
Thanks once more,
Stefs.