[Mageia-discuss] Odd entry in log file
imnotpc
imnotpc at Rock3d.net
Sun May 6 21:12:14 CEST 2012
On 05/06/2012 02:49 PM, Doug Lytle wrote:
> imnotpc wrote:
>> but wireless device access is more lenient.
>
> My thoughts would be someone connecting via the wireless with another
> interface connected as well. We have users that don't understand that
> they don't need to do both wireless and wired. Some times we see
> wireless, wired and vpn.
>
> Just a guess.
>
> Doug
>
>
The problem with that is that the firewall rules on these boxes
immediately log and drop any packet that doesn't come from the subnet
assigned to that interface. I'm not an expert on iptables but I believe
that anything coming in on those interfaces would hit iptables and be
dropped before the kernel log. Even if the kernel saw them first I
should still see corresponding iptables log entries. The router boxes
don't have any wireless cards so they aren't generating these entries
that way. I don't know how a wireless host connecting to a wireless
router, which has a wired LAN IP on LAN facing interface and uses DHCP
for the wireless interface, is able to propagate a different IP address
all the way to the firewall without being translated or dropped. Very
curious.
Jeff
More information about the Mageia-discuss
mailing list