[Firewall] add save tcp port to AIF:UNPRIV TCP

Michel van Dop mvandop at xs4all.nl
Wed Apr 10 22:04:26 CEST 2013


 

Hello,

How can i remove 2 tcp ports from the unpriv tcp range
ports? 

I get many log rules like this:
AIF:UNPRIV TCP packet: IN=eth0
OUT= MAC=00:0c:29:19:39:be:00:03:fe:a0:xx:xx:xx:xx SRC=217.123.3.113
DST=82.94.xx.xx LEN=52 TOS=0x00 PREC=0x00 TTL=121 ID=2037 DF PROTO=TCP
SPT=50463 DPT=2197 WINDOW=8192 RES=0x00 SYN URGP=0 

I have a web
application runs on to unknow TCP port 2197 and 2199. 

And i have
already use this IDS_EXCLUDE_TCP="2199 2197" 

Best regards,
Michel 
--


 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20130410/eba974dc/attachment.html>


More information about the Firewall mailing list