Modify

Opened 6 years ago

Last modified 3 years ago

#10681 reopened defect

firewall logs too much in case of MSSFIX is active

Reported by: pb@… Owned by: developers
Priority: normal Milestone: Chaos Calmer 15.05
Component: packages Version: Trunk
Keywords: firewall Cc:

Description

Seen at least on firewall - 2-42

if logging is active (e.g. for WAN interface), many packages are logged as MSSFIX, even if this do not apply at all.

Patch below reduce the log to related packages only.

--- /lib/firewall/core_init.sh.orig	Wed Dec 28 16:31:13 2011
+++ /lib/firewall/core_init.sh	Wed Dec 28 16:33:14 2011
@@ -244,7 +244,7 @@
 
 		[ $zone_mtu_fix == 1 ] && \
 			fw add $mode m ${chain}_MSSFIX LOG ^ \
-				{ -m limit --limit $zone_log_limit --log-prefix "MSSFIX($zone_name): " }
+				{ -p tcp --tcp-flags SYN,RST SYN -m limit --limit $zone_log_limit --log-prefix "MSSFIX($zone_name): " }
 	}
 
 	# NB: if MASQUERADING for IPv6 becomes available we'll need a family check here

Attachments (0)

Change History (7)

comment:1 Changed 6 years ago by rocketraman@…

I am seeing this too. Even with the patch applied, I get a lot of MSSFIX messages in the log.

comment:2 Changed 5 years ago by anonymous

Comment out the lines from '[ $zone...' to '{ -m limit ...'
then MSSFIX logs are suppressed.

comment:3 Changed 5 years ago by anonymous

After upgrading from an earlier AA build from mid 2011 to current r35362, I have the same issue.

The patch makes the logs alot more quiet. Thanks!

@ devs: please apply

comment:4 Changed 5 years ago by jow

  • Resolution set to fixed
  • Status changed from new to closed

Should be fixed with r35484.

comment:5 Changed 4 years ago by jow

  • Milestone changed from Backfire 10.03.2 to Chaos Calmer (trunk)

Milestone Backfire 10.03.2 deleted

comment:6 Changed 3 years ago by atxt@…

  • Resolution fixed deleted
  • Status changed from closed to reopened

It appears this symptom is back on current 14.07, if I log my WAN interface a large number of MSSFIX(wan) fill up the system log. I can't seem to find the core_init.sh file either for a workaround.

comment:7 Changed 3 years ago by rterzi

I'm see many of the MSSFIX when trying to log wan rejects on Barrier Breaker 14.07 as well.

Is this regression due to the change to fw3 from the previous firewall?

Is there anyway to patch this on Barrier Breaker 14.07?

Add Comment

Modify Ticket

Action
as reopened .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.