CSI (Security Policy) Help

Frank Chiulli frankc.fedora at gmail.com
Sun Feb 1 03:18:29 UTC 2009


So I've implemented the CSI (Security Policy) as previously posted by Mike
(http://infrastructure.fedoraproject.org/csi/security-policy/en-US/html-singel/)

Now I'm seeing the following messages in /var/log/messages:
Jan 31 19:09:21 localhost kernel: FW-REJECT IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:16:01:41:10:5b:08:00 SRC=192.168.2.248
DST=192.168.2.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP
SPT=137 DPT=137 LEN=58

Jan 31 19:09:21 localhost kernel: FW-REJECT IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:0e:3b:02:0e:b7:08:00 SRC=192.168.2.250
DST=192.168.2.255 LEN=229 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP
SPT=138 DPT=138 LEN=209


192.168.2.248 is a NAS device
192.168.2.250 is a Hawking print server

I'm not an iptables expert.  Usually I just leave it alone.  Can
someone help me write one or more rules to eliminate the messages?

Frank




More information about the Fedora-infrastructure-list mailing list