Wrong apf configuration ??? What are these lines???
I use APF firewall on my apache server for last couple of months..But only one servers shows these lines in /var/log/messages
Aug 5 13:58:23 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=11:11:11:11:11:11:11:11:11 SR
C=IP ADDRESS 1 DST=IP ADDRESS 2 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=53623 DF PROTO=TCP SPT=3658 DPT=9898 WIND
OW=16384 RES=0x00 SYN URGP=0
Aug 5 13:58:23 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=11:11:11:11:11:11:11:11:11 SR
C=IP ADDRESS 1 DST=IP ADDRESS 2 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=53623 DF PROTO=TCP SPT=3658 DPT=9898 WIND
OW=16384 RES=0x00 SYN URGP=0
Aug 5 13:58:23 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=11:11:11:11:11:11:11:11:11 SR
C=IP ADDRESS 1 DST=IP ADDRESS 2 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=53623 DF PROTO=TCP SPT=3658 DPT=9898 WIND
OW=16384 RES=0x00 SYN URGP=0
Here is my port configuration :
IG_TCP_CPORTS="21,22,25,53,80,110,143,443,2082,2083,2086,2087,2095,2096,3306"
IG_UDP_CPORTS="53"
EG_TCP_CPORTS="21,25,80,443,43,2089"
EG_UDP_CPORTS="20,21,53"
It's a Fedora core 1 server with WHM 9.4, solely used for database(mysql 4.0.18 ),with CPU Intel Xeon 2.4Ghz(4),RAM 2Gb
I used to configure this on all servers ... still only this server is crying out !!
Why?Anything wrong?
Please help !!!
