Firewall question
John L Fjellstad
john-ubuntu at fjellstad.org
Thu Feb 1 01:17:18 UTC 2007
Dieter Schicker <dieter.schicker at uni-graz.at> writes:
> John L Fjellstad wrote:
>>
>> Add a firewall rule to log the package
>>
>
> Thanks. Well, that's the strange part: All firewall logs are turned on
> but I get no DENY message. Nevertheless tomcat starts very slowly.
> As I already said: When I deactivate the firewall everything works
> perfectly.
are you sure you LOGging before DENYing?
for instance, if you rule set looks like this:
DROP tcp -- anywhere anywhere state INVALID,NEW tcp dpt:ssh recent: UPDATE seconds: 60 name: DEFAULT side: source
LOG 0 -- anywhere anywhere limit: avg 3/hour burst 5 LOG level warning
nothing will be logged because the package is dropped before the LOG
rule is used. If you change the order, then the package will be logged.
I usually, when I can't figure out which rule triggers it, put a LOG
rule as the first rule in INPUT and OUTPUT. Run your program, then stop
the log (otherwise it will overwhelm you), and see what might be wrong.
That's the only suggestion I can really come up with.
--
John L. Fjellstad
web: http://www.fjellstad.org/ Quis custodiet ipsos custodes
More information about the ubuntu-users
mailing list