|
||||||||
On Thu, 26 Aug 2004, Michael Scheer wrote: > 1) > I've made my m0n0 accessible on wan interface, the rule is this: > > | @4 pass in log quick proto tcp from x.x.0.0/16 to 192.168.x.x/32 port = 443 keep state group 200 > > So access from a x.x/16 network is allowed. But this is not the point. > The point is, why does it log incoming and outgoing traffic? --> > > | Aug 26 16:29:21 m0n0wall ipmon[72]: 16:29:20.227855 ng0 @200:4 p <wan adress> -> 192.168.x.x,443 PR tcp len 20 52 -S K-S IN > | Aug 26 16:29:21 m0n0wall ipmon[72]: 16:29:20.228287 ng0 @200:4 p x.x.55.132,443 -> <wan adress>,28480 PR tcp len 20 48 -AS K-S OUT Does this just happen occasionally, or all the time? It looks like the SYN/ACK packet is getting rejected by the stateful filter and is thus showing up in the log. I wonder if the short time delta has something to do with it. > 2) The msntp does not appear to leave any logs? It should IMHO. Or did > I just not find it? Msntp doesn't write logs, except in some fatal error cases. It can write various levels of debugging output to its *console*, but that's different. Perhaps you're confusing it with "real" NTP. Fred Wright |