[Arm-dev] System hung yesterday
Robert Moskowitz
rgm at htt-consult.com
Mon Feb 6 13:57:13 UTC 2017
On 02/06/2017 08:44 AM, Manuel Wolfshant wrote:
> On 02/06/2017 03:16 PM, Robert Moskowitz wrote:
>> My server hung yesterday. I did not notice it; at this stage in the
>> game, I should be much more aware...
>>
>> I looked into /var/log/messages and my last entry was:
>>
>> Feb 5 15:03:46 medon kernel: conntrack: generic helper won't handle
>> protocol 47
>> . Please consider loading the specific helper module.
>>
>> So I don't know if someone knocked me over with a GRE based attack,
>> if the drive is bad, if the board is bad, or the OS has a problem.
>>
>> So simple things to start with. I see an earlier GRE warning in
>> messages:
>>
>> Feb 5 03:29:49 medon kernel: conntrack: generic helper won't handle
>> protocol 47. Please consider loading the specific helper module.
>>
>> So it is probably not a stack problem with attacking GRE bots. BTW,
>> is there some 'easy' way to just block these?
> $IPTABLES -A INPUT -i $EXTERNAL_INTERFACE -p gre -j REJECT
Thanks, but how do I do that in firewall-cmd?
# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client http https
ports: 1234/tcp
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
More information about the Arm-dev
mailing list