|
Title: Getting INPUT:DROP by firewall for client connecting to the proxy port Post by: ayachem on Wednesday 01 July 2015, 06:07:37 am This is a strange situation involving Endian 2.5.2.
One laptop client occasionally shows up in my endian logs with the following entry: ulogd[4137]: INPUT:DROP IN=br0 OUT= MAC=00:90:36:97:c5:4c:00:07:7d:ad:25:d9:09:00 SRC=192.70.1.100 DST=192.30.1.5 LEN=40 TOS=00 PREC=0x00 TTL=128 ID=1115 DF PROTO=TCP SPT=64727 DPT=8080 SEQ=3363350564 ACK=2362886263 WINDOW=0 RST URGP=0 MARK=0 The firewall is actually disabled in the GUI. This log entry is showing destination port of 8080 on the endian device, which is the transparent proxy port. The user experiences failure of their internet access (via the proxy), while maintaining all other network connectivity. I am forced to reboot the client to restore the connection. Can you see anything in this log entry that indicates what is really wrong? Is it malformed traffic? Any advice on where else to check? Thanks in advance, Michelle |