You are not logged in.
I noticed that my firewall logs are full of outgoing connections being blocked, like that. there are very few inbound hits, probably because I'm behind NAT (the ADSL router does not filter anything, I rely only on iptables/firehol on host).
I used the same config for firehol for some time, and firehol hasn't been updated for a while:
version 5
FIREHOL_LOG_MODE="ULOG"
interface eth0 internet
policy drop
protection strong
server any s_whitelist accept src "192.168.100.100 192.168.100.201"
client any c_whitelist accept dst "192.168.100.100 192.168.100.201"
server any s_reserved_drop drop src "${MULTICAST_IPS} ${UNROUTABLE_IPS}"
client any c_reserved_drop drop dst "${MULTICAST_IPS} ${UNROUTABLE_IPS}"
server icmp accept
server custom torrents "tcp/29701 udp/29701" any accept
client all accept
nothing special, drop everything, even on LAN, except .100 (router) and .201 (the other computer), accept ICMP and established, and one open port for torrents.
so why am I getting that many outgoing connections dropped?
btw, looks like most of them are flagged ACK PSH FIN URGP=0...
Last edited by silvik (2011-01-30 11:41:27)
Offline
I switched to arno's firewall script in AUR and quit getting these messages.
Offline