On 02/06/2017 08:44 AM, Manuel Wolfshant wrote: > On 02/06/2017 03:16 PM, Robert Moskowitz wrote: >> My server hung yesterday. I did not notice it; at this stage in the >> game, I should be much more aware... >> >> I looked into /var/log/messages and my last entry was: >> >> Feb 5 15:03:46 medon kernel: conntrack: generic helper won't handle >> protocol 47 >> . Please consider loading the specific helper module. >> >> So I don't know if someone knocked me over with a GRE based attack, >> if the drive is bad, if the board is bad, or the OS has a problem. >> >> So simple things to start with. I see an earlier GRE warning in >> messages: >> >> Feb 5 03:29:49 medon kernel: conntrack: generic helper won't handle >> protocol 47. Please consider loading the specific helper module. >> >> So it is probably not a stack problem with attacking GRE bots. BTW, >> is there some 'easy' way to just block these? > $IPTABLES -A INPUT -i $EXTERNAL_INTERFACE -p gre -j REJECT Thanks, but how do I do that in firewall-cmd? # firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: dhcpv6-client http https ports: 1234/tcp protocols: masquerade: no forward-ports: sourceports: icmp-blocks: rich rules: