On 02/06/2017 08:44 AM, Manuel Wolfshant wrote:
On 02/06/2017 03:16 PM, Robert Moskowitz wrote:
My server hung yesterday. I did not notice it; at this stage in the game, I should be much more aware...
I looked into /var/log/messages and my last entry was:
Feb 5 15:03:46 medon kernel: conntrack: generic helper won't handle protocol 47 . Please consider loading the specific helper module.
So I don't know if someone knocked me over with a GRE based attack, if the drive is bad, if the board is bad, or the OS has a problem.
So simple things to start with. I see an earlier GRE warning in messages:
Feb 5 03:29:49 medon kernel: conntrack: generic helper won't handle protocol 47. Please consider loading the specific helper module.
So it is probably not a stack problem with attacking GRE bots. BTW, is there some 'easy' way to just block these?
$IPTABLES -A INPUT -i $EXTERNAL_INTERFACE -p gre -j REJECT
Thanks, but how do I do that in firewall-cmd?
# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: dhcpv6-client http https ports: 1234/tcp protocols: masquerade: no forward-ports: sourceports: icmp-blocks: rich rules: