Log full of "ing_filter: fixed ippp2 out ippp2"

From: Kimmo Sundqvist
Date: Wed Mar 09 2005 - 15:25:47 EST

Next message: Andrew Morton: "Re: [PATCH] 2.6.10 - direct-io async short read bug"
Previous message: Kronos: "Re: [PATCH] VGA arbitration: draft of kernel side"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello

Please cc all replies to me.

After upgrading my little NATting firewall/router from 2.6.7-ck4 to
2.6.10-gentoo-r6 my /var/log/messages is 15MB in size and most of it looks
like the text below. All traffic to the Internet seems to cause this.

"cat /var/log/messages | uniq | uniqmessages" results in a 3MB file. I use
syslog-ng.

Iptables setup script further down.

Mar 9 21:58:15 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:15 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:15 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:15 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:15 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:16 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:16 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:16 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:16 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:16 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:16 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:16 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2
Mar 9 21:58:17 shadowgate ing_filter: fixed ippp2 out ippp2

My firewall setup looks like:

IPTABLES=/sbin/iptables
MODPROBE=/sbin/modprobe
DEPMOD=/sbin/depmod

EXTIF="ippp2"
INTIF="eth0"
KAKKOSIF="eth1"

$DEPMOD -a

$MODPROBE ip_tables

#$MODPROBE ip_conntrack
#In the kernel

$MODPROBE ip_conntrack_ftp
$MODPROBE iptable_nat
$MODPROBE ip_nat_ftp

echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
#echo "1" > /proc/sys/net/ipv4/conf/all/proxy_arp

$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD

$IPTABLES -t nat -F

/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

$IPTABLES -A FORWARD -i $EXTIF -o $KAKKOSIF -m state --state \
ESTABLISHED,RELATED -j ACCEPT # RJ-45

$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state \
ESTABLISHED,RELATED -j ACCEPT # BNC segment

$IPTABLES -A FORWARD -i $KAKKOSIF -o $EXTIF -j ACCEPT # RJ-45
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT # BNC segment
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
$IPTABLES -A FORWARD -j LOG
exit 0

-Kimmo S.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [PATCH] 2.6.10 - direct-io async short read bug"
Previous message: Kronos: "Re: [PATCH] VGA arbitration: draft of kernel side"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]