Strange NAT Behavior

Support for security such as Firewalls and securing linux
Post Reply
Posts: 3
Joined: 2006/07/17 18:28:38

Strange NAT Behavior

Post by whynot311 » 2006/07/17 18:33:51

To all;
I've got a CentOS 4.2 box configured as your standard nat firewall.
Nothing fancy, nothing new. Of course logwatch is on and configured to
report about the day's previous activities. After looking at these emails
from logwatch I noticed something funny. There were entries from where the
firewall was blocking my LAN pc's. Huh? That's right. I went thru
/var/log/messages to confirm. Sure enough, there are logged events from when
one of the LAN pc's was blocked from going to say yahoo, adobe or google.
Weird thing is, it's random. Ports are random to.I can't make heads or tales
out of a pattern or reason why. So why on earth would a nat firewall with no
outgoing drop rules all of a sudden block these lan pc's? Oh one more thing
of note. This same nat firewall (text file with the rules) was used on a
fedora core 1 box about a month ago. No issues with random outgoing blocks.

Anthony R. Vallario

Post Reply

Return to “CentOS 4 - Security Support”