|
||||||||
Am Montag, den 02.05.2005, 07:18 -0500 schrieb Zach Lowry: > Yes, I suspected this. I noticed this only on connections that maintain > a persistent connection, lke IMAP. Your log extract was from a tcp connection from inside to outside port 80, not 143 nor 993: > May 1 22:57:57 192.168.0.1 ipmon[130]: 22:57:57.289976 sis1 @0:31 b > 192.168.0.2,41262 -> 83.149.110.1,80 PR tcp len 20 52 -AF IN > Basically, it's an annoyance, because my log monitoring software reports > my IPs as the most actively blocked. Oh sure, I could block it, but then > what if there really was a problem with one of those IPs? If you can't narrow your problem down to your implementation of IMAP or the webbrowser, maybe you only want to hide blocked tcp connections with flags FIN and/or ACK set. This isn't possible with ipfilter, but maybe with your log monitoring software. Ciao ... ... PIT ... --------------------------------------------------------------------------- copyleft(c) by | _-_ I am NOT a kludge! I am a computer! -- tts Peter Allgeyer | 0(o_o)0 ---------------oOO--(_)--OOo----------------------------------------------- |