I have a Shorewall installation which works (almost) perfectly... it
implements a firewall bridging an OpenVPN interface, and services on the
host running Shorewall - traffic is permitted from the OpenVPN interface
to a minimal set of ports - each corresponding to a specific service
running on the server running Shorewall.
My problem is that my syslog is filling with messages of the form:
> Sep 2 15:37:31 server kernel: [52835.565836]
> Shorewall:pub2fw:DROP:IN=tun0 OUT= MAC= SRC=SS.SS.SS.SS
> DST=DD.DD.DD.DD LEN=143 TOS=0x00 PREC=0x00 TTL=64 ID=8370 DF PROTO=UDP
> SPT=17500 DPT=17500 LEN=123
SS.SS.SS.SS is the public IP address of the server that runs the remote
OpenVPN endpoint.
DD.DD.DD.DD is the IP address of the local end-point for the OpenVPN link.
The source port identifies the traffic as from the Dropbox Lansync
protocol. I know this to be run on the remote server - and I am not in
a position to influence the configuration of the remote server. The
local server does not support/use the Dropbox Lansync protocol. I am
very happy that these packets are dropped... but I'd prefer not to fill
my syslog with notifications about this benign dropped packet.
Please can someone point me towards some minimal change I can make to my
Shorewall configuration that will eliminate this recurring syslog
message - but otherwise leave Shorewall behaviour as is?
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/