[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] SuSEfirewall2 Anti SPOOFING


I've got myself a little confused over some issues I'm having on this and 
despite reading Togan's primer don't seem to be winning.

                          ADSL router -
                                     | DHCP , DNS
                                    |   ssh
                                    | squid, squidguard, internal http
                                 rest of Lan



Logs I get the following when the firewall has been started and the browsers 
hang - squid trying for dns resolution I suspect

Feb 24 17:57:37 localhost kernel: SuSE-FW-DROP-ANTI-SPOOF IN=eth1 OUT= 
MAC=00:80:ad:8e:f9:64:00:d0:41:0e:92:1f:08:00 SRC= DST= 
LEN=148 TOS=0x00 PREC=0x00 TTL=64 ID=51956 PROTO=UDP SPT=53 DPT=1052 LEN=128

Squid is setup to use the nameserver from resolv.conf as as 
provided by dhcp.

Does this indicate I should provide a local dns rather than pass through the 
firewall ?

Cheers, all help warmly appreciated.

Stephen Prendergast
SP Software Ltd
07 570 1452
021 466 247

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here