LinuxSA Mailing list archives

Index: [thread] [date] [subject] [author] [stats]

  From: Andrew Speer <andrew.speer@isolutions.com.au>
  To  : Linux SA <linuxsa@linuxsa.org.au>
  Date: Sun, 21 Apr 2002 12:38:48 +0930

Re: ipchains logging help

wlsimes@tell.net.au wrote:

> I have tried putting the following line above it to it doesn't seem to
> work....

>- A input -s 0/0 -d 0/0 520 -p tcp -y -j REJECT

> Expecting that it will hit this line and reject it without logging it.

Someone may have already replied to you on this (I get the list in digest 
format, so am never right up to the minute), but as far as I know RIP is a 
udp based service, thus the ipchains rule would look more like:

A input -s 0/0 -d 0/0 520 -p *udp* -y -j REJECT

minus the *'s of course ! Hope that does the trick. My "services" file does 
have an entry for 520/tcp, called "extended file name server", which sounds 
intriguing, but not like RIP.


Andrew Speer

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject

Index: [thread] [date] [subject] [author] [stats]

Return to the LinuxSA Mailing List Information Page