|
Bastille and PUB_IN DROP 4 In=etho error
This is just information, not a question. I want anyone else who has this problem to be able to fix it.
After installing Bastille-2.1.1-1.0.i386.rpm and not the perl-Tk they recommend (that would be Too easy and it would mean reading directions ;p) I installed perl-Tk-800.024-2.i386.rpm.
After I installed and rebooted my machine I got this error:
PUB_IN DROP 4 IN=eth0 OUT= MAC=00:20:e0:6f:1c:57:00:0a:e6:85:ef:91:08:00 SRC=192.168.1.100 DST=192.168.1.101 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=64719 DF PROTO=TCP SPT=3113 DPT=1214 WINDOW=64240 RES=0x00 SYN URGP=0
And not just once but it filled the console screen every couple of seconds.
To fix it all you have to do is open /etc/Bastille/bastille-firewall.cfg
change TRUSTED_IFACES="lo"
to TRUSTED_IFACES="lo eth0" - cause I am using a cable connection, wops.
then
/etc/rc.d/init.d/bastille-firewall start
Also I couldn't get psad to start because I wasn't quick enough to install the correct perl-Tk so I had to do this:
/etc/rc.d/init.d/psad start
- won't work cause it couldn't find Psad.pm so....
find /usr/lib -name Psad.pm
ln -s /usr/lib/perl5/site_perl/5.6.0/Psad.pm /usr/lib/perl5/site_perl/5.8.0/Psad.pm
/etc/rc.d/init.d/psad start
-wouldn't work cause couldn't find Unix/Syslog.pm so.....
find /usr/lib -name Syslog.pm
cd /usr/lib/perl5/5.8.0/i386-linux-thread-multi/
ls
mkdir Unix
ln -s /usr/lib/perl5/5.8.0/i386-linux-thread-multi/Sys/Syslog.pm /usr/lib/perl5/5.8.0/i386-linux-thread-multi/Unix/Syslog.pm
/etc/rc.d/init.d/psad start
-Finally worked! Yeah!
Just install the right perl-Tk OK?! Save yourself some heardache.
Anyway I hope this helps anyone.
|
