Packets dropped by iptables
Juan L. Pastor
seguridadlinux at yahoo.es
Wed Oct 13 08:34:54 UTC 2004
On Wed, 2004-10-13 at 10:14, Ow Mun Heng wrote:
> > > > If this are ACK packets, I assume that they are response to a previously
> > > > established communication. How can I let this packets come into my
> > >
> > > Based on the logs, yes they would seem to be ACK packets, but look at
> > > the DST, these are supposed to be NON-routeable addresses 192.168.x.x,
> > > which I think _should_ be rejected.
> > >
> > > Unless you are running NAT and you're doing DNAT. (?) are you?
> >
> > My linux box (192.168.1.2) is connected through an ADSL router
> > (192.168.1.1, internal IP) so I guess it is OK to let them come into my
> > box. How can I manage that?
>
> Ah... You didn't mention that earlier..
I explained my network architecture on the first post.
> In that case, then you will have to manage your ADSL router instead.
> (that is, if your ADSL router is doing the packet filtering, which I
> think it is.)
The problem is that I don't have the administration password of the
router (not provided by the ISP). So I have to deal just with my linux
box.
Juan
--
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html
More information about the fedora-list
mailing list