Security Basics mailing list archives
FW bridge problems (Linux)
From: Chris Ditri <chrisd () better-investing org>
Date: Wed, 10 Dec 2003 08:41:23 -0500
Hello. I have setup a linux ethernet bridge/firewall. Everything seemed to be working pretty well, until one day I found that my /var/log/messages was filled up with 14 gigabytes of this junk: Dec 9 15:47:55 kronos nf_hook: hook 4 already set. Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=74 Dec 9 15:47:55 kronos nf_hook: hook 0 already set. Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=br0 len=69 Dec 9 15:47:55 kronos PROTO=6 209.202.220.135:25 10.103.232.134:46016 L=69 S=0x00 I=7745 F=0x4000 T=50 Dec 9 15:47:55 kronos nf_hook: hook 0 already set. Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=69 Dec 9 15:47:55 kronos nf_hook: hook 2 already set. Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth1 len=69 Dec 9 15:47:55 kronos PROTO=6 209.202.220.135:25 10.103.232.134:46016 L=69 S=0x00 I=7745 F=0x4000 T=50 Dec 9 15:47:55 kronos nf_hook: hook 2 already set. Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth1 len=69 Dec 9 15:47:55 kronos nf_hook: hook 4 already set. Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth1 len=69 Dec 9 15:47:55 kronos PROTO=6 209.202.220.135:25 10.103.232.134:46016 L=69 S=0x00 I=7745 F=0x4000 T=50 Dec 9 15:47:55 kronos nf_hook: hook 4 already set. Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth1 len=69 Dec 9 15:47:55 kronos nf_hook: hook 0 already set. Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=br0 len=58 Dec 9 15:47:55 kronos PROTO=6 10.103.232.134:46016 209.202.220.135:25 L=58 S=0x00 I=14180 F=0x4000 T=64 Dec 9 15:47:55 kronos nf_hook: hook 0 already set. Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth1 len=58 Dec 9 15:47:55 kronos nf_hook: hook 2 already set. Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth0 len=58 Dec 9 15:47:55 kronos PROTO=6 10.103.232.134:46016 209.202.220.135:25 L=58 S=0x00 I=14180 F=0x4000 T=64 Dec 9 15:47:55 kronos nf_hook: hook 2 already set. Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=58 Dec 9 15:47:55 kronos nf_hook: hook 4 already set. Dec 9 15:47:55 kronos skb: pf=2 (unowned) dev=eth0 len=58 Dec 9 15:47:55 kronos PROTO=6 10.103.232.134:46016 209.202.220.135:25 L=58 S=0x00 I=14180 F=0x4000 T=64 Dec 9 15:47:55 kronos nf_hook: hook 4 already set. Dec 9 15:47:55 kronos skb: pf=7 (unowned) dev=eth0 len=58 I did some poking around, and I heard that this was because of a bug in the 2.4.19 version of this software (patch for the kernel). So I downloaded and compiled the kernel in 2.4.23 -- with the same exact config file. All of a sudden none of my IPTABLES rules are not having any influence on traffic! Bye-bye fiewall... I tried to apply the patch to my 2.4.23 kernel, but it fails. I cannot find this version of a bridge patch for 2.4.23 anywhere. I have read that people have gotten this sort of thing working with kernel 2.4.20 and up -- but no reference as to what they had to do to get it working right. What can I do? Thanks! Chris --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- FW bridge problems (Linux) Chris Ditri (Dec 10)