unwanted packets on terminal
Hi all,
Recently I installed a PentiumII in the living room as a mp3 server. I used Debian unstable with a new kernel version 2.6.5. Together with my workstation and NFS everything works like a dream. But if I connect a monitor to the PII it soon gets flooded with messages like: Code:
IN=eth0 OUT= MAC= SRC=192.168.2.6 DST=192.168.2.255 LEN=263 TOS=0x00 PREC=0x00 TTL=64 ID=49 DF PROTO=UDP SPT=138 DPT=138 LEN=243 Can someone tell me how to get rid of those messages? They make mp3blaster unreadable. |
I can offer a couple of pointers:
1) The log entries look to be from the netfilter package. i.e. iptables 2) The packets referenced are microsoft datagram broadcast packets. i.e. local master browser announcement, master broswer announcement, one smb host broadcasting for another smb host, etc... What I can't tell from the log message is wether or not these packets were rejected or were they accepted and just simply logged. The iptable rules you run on this system should answer that If you simply want to stop these messages from being logged to the console, look at: man dmesg in particular, the -n option Otherwise, take a look at your iptable rules and fix the rule thats causing the problem. |
That samba part made sense. I'll look into it. Thanks.
|
btw, how do you see these packets are microsoft datagrams?
|
SPT=138 DPT=138
port numbers specify 138 which is for netbios datagram You could also disable netbios over tcpip on all your windows machines too. Also check in your /etc/syslog.conf file for a line like this kern.* /dev/console or kern.* * and just comment it out like this by putting a # sign in front of it #kern.* /dev/console |
I indeed checked the /etc/syslog.conf but found nothing out of the ordinary there. What I _did_ find where some iptables with weird LOG messages, those where no longer necessary and after deleting them my problem was solved! Thank you all for the fast responses and for putting me on track.
|
Helloo,
I'm having the same problem, but I've found no weird log stuff in the /etc/syslog.conf file to remove (not that I would know what to remove, as I am a newbie) Here's what I have 3 computers behind a linksys router computer #1 - wired, fedora core 3 which I am trying to configure using "Setting up LAMP" by two guys named Eric computer #2 - wired, winxp sp2 sending broadcasts that are being picked up by computer #1 and displayed on the console computer #3 - wireless, running winxp sp2 also sending broadcasts The console keeps poping up something like: IN-eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:06.. SCR=192.168.1.101 (or 102) DST=192.168.1.255 LEN=243 TOS=0x00 PREC=0x00 TTL=128 ID=31118 (changes) PROTO=UDP SPT=137 (or 138) DPT=138 (or 137) LEN=58 Otherthan replacing the winXP OS's with Fedora, does anyone have any suggestions???? This happened after I setup the firewall iptables. Thanks, |
Yeah those log messages aren't alway it. It's been awhile now, but if i remember correctly you should check you NAT pre-routing table with: $:iptables -t nat -L
I believe I found some weirdness there and after removing it things where fine. Hope this helps! |
All times are GMT -5. The time now is 12:08 AM. |