Message from syslogd@ at Thu Jun 23 08:42:20 2011 ...
server kernel: nf_ct_ftp: dropping packetIN= OUT=lo SRC=1.2.3.4 DST=1.2.3.4 LEN=106 TOS=0x00 PREC=0x00 TTL=64 ID=55794 DF PROTO=TCP SPT=21 DPT=45124 SEQ=611356370 ACK=604964020 WINDOW=65535 RES=0x00 ACK PSH URGP=0 OPT (0101050A240F04AE240F04B4) UID=0 GID=0
Odd syslogd message
Odd syslogd message
Was in SSH and got this message several times (wasn't identical every time but close enough). This was not looking through a log file, btw, but was output by the console.
"Its not a mac. I run linux... I'm actually cool." - scott
-
mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Odd syslogd message
Thats generated by the netfilter FTP "helper" module that handles the complex mess that is FTP. It means the helper decided to drop a packet, which usually is caused by partial FTP command matches, which the module can't handle. So, you can ignore it if otherwise FTP is working. If its not, then something is likely wrong with the client doing something non-standard with the protocol.
If you dont use iptables logging, you can unload he ipt_LOG module and you wont see these anymore.
If you dont use iptables logging, you can unload he ipt_LOG module and you wont see these anymore.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone