[Firewall] add save tcp port to AIF:UNPRIV TCP

Michel van Dop mvandop at xs4all.nl
Wed Apr 10 22:04:26 CEST 2013



How can i remove 2 tcp ports from the unpriv tcp range

I get many log rules like this:
AIF:UNPRIV TCP packet: IN=eth0
OUT= MAC=00:0c:29:19:39:be:00:03:fe:a0:xx:xx:xx:xx SRC=
DST=82.94.xx.xx LEN=52 TOS=0x00 PREC=0x00 TTL=121 ID=2037 DF PROTO=TCP
SPT=50463 DPT=2197 WINDOW=8192 RES=0x00 SYN URGP=0 

I have a web
application runs on to unknow TCP port 2197 and 2199. 

And i have
already use this IDS_EXCLUDE_TCP="2199 2197" 

Best regards,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20130410/eba974dc/attachment.html>

More information about the Firewall mailing list