[CentOS] repeated local ephemeral to 80

Fri Apr 1 20:10:58 UTC 2011
Markus Falb <markus.falb at fasel.at>

On 1.4.2011 17:20, Michael D. Berger wrote:
> On my CentOS box that I use mainly as a web server, I have iptables
> set to log and reject anything that I don't expect.  So lately,
> I have getting things like this:
> 
> 
> Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 
> DST=192.168.9.20 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=46910 DF PROTO=TCP 
> SPT=56624 DPT=80 WINDOW=32792 RES=0x00 SYN URGP=0 OPT 
> (0204400C0402080A4A26F7A50000000001030307) UID=0
> 
> that on at least one occasion repeated for every few seconds for
> more than three hours.  The ephemeral source port keeps changing in an 
> irregular manner.
> 
> Any suggestions?

Too restrictive
OUT=lo
This is the loopback device!
Add a rule that allows traffic from and to lo

-- 
Kind Regards, Markus Falb

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 307 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20110401/0ff1ffc6/attachment-0005.sig>