Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 19 November 2024, 10:27:13 pm

Login with username, password and session length

Visit the Official Endian Reference Manual  HERE
14258 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Firewall dropping packets from Green to FW Mgmt port 10443
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Firewall dropping packets from Green to FW Mgmt port 10443  (Read 9114 times)
johnc1949
Jr. Member
*
Offline Offline

Posts: 1


« on: Sunday 17 February 2013, 02:45:57 am »

I keep seeing the following log entry in my FW logs.

INPUT:DROP TCP (br0) 192.168.10.68:61356 -> 192.168.10.1:10443-MAC=00:1b:21:58:4f:43:5c:96:9d:8f:83:19:08:00 LEN=40 TOS=00 PREC=0x00 TTL=64 ID=39209 DF SEQ=1212831354 ACK=0 WINDOW=0 RST URGP=0 MARK=0

192.168.10.1 is the IP of my firewalls GREEN interface Eth1/Br0.

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 100
    link/ether 00:1b:21:58:4f:43 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::21b:21ff:fe58:4f43/64 scope link
       valid_lft forever preferred_lft forever
3: eth2: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 100
    link/ether 00:1b:21:26:37:4b brd ff:ff:ff:ff:ff:ff
    inet6 fe80::21b:21ff:fe26:374b/64 scope link
       valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:13:d3:b2:a7:c7 brd ff:ff:ff:ff:ff:ff
    inet ...10/22 brd ...255 scope global eth0
6: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
    link/ether 00:1b:21:26:37:4b brd ff:ff:ff:ff:ff:ff
    inet 192.168.20.1/24 brd 192.168.20.255 scope global br1
7: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
    link/ether 00:1b:21:58:4f:43 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.1/24 brd 192.168.10.255 scope global br0

 I also have verified that the automatically generated System Services rule below is present and active.
6       GREEN    TCP/10443    ALLOW    Service (ADMIN)

I can't seem to track down the cause of this.  Sure would be nice if Endian would put the rule number that creating the log entry instead of just the Chain name.  I suspect that this is being dropped because of a bad TCP state or flag issue.  It is also possible that Endian is not happy that I use eth0 as my RED interface instead of the default eth1.  Any advice for how to resolve these annoying log entries would be appreciated.

BTW, I am running the Community Appliance, Version 2.5.1 with kernel 2.6.32.43-57.e43.i586

Tks

 
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com