[Firewall] Help: setting up port-forwarding

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Tue Nov 6 00:46:27 MST 2007

The whole entry is generated by the kernel, I have no control over it. 
However, I can recommend my arno-fwfilter script, which filters out 
stuff like that.....


Philip Prindeville wrote:
> On a somewhat unrelated note...
> Is there a simple way to suppress the "MAC=" ethernet dump of the packet 
> as in:
> Nov  5 15:01:17 pbx2 user.info kernel: Stealth scan (UNPRIV)?: IN=eth0 OUT= MAC=00:18:3a:55:15:35:00:90:1a:41:45:b1:08:00 SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=95 ID=6908 DF PROTO=TCP SPT=80 DPT=58821 WINDOW=65535 RES=0x00 ACK SYN URGP=0
> without hacking the script?
> I looked for a variable that controls this, but nothing stands out in the .conf file.
> On our network topology, 99% of the time the offending packets don't come from our subnet anyway, so the MAC= field is always the same.
> -Philip
> _______________________________________________
> Firewall mailing list
> Firewall at lists.btito.net
> http://lists.btito.net/mailman/listinfo/firewall_lists.btito.net
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl

Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
Arno's (Linux IPTABLES Firewall) Homepage:

More information about the Firewall mailing list