The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

INVALID packets

Discussion in 'General Discussion' started by Divino, May 21, 2007.

  1. Divino

    Divino Member

    Joined:
    Jan 6, 2006
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Hello
    Can anybody help myself? :D

    I receive that warning of INVALID packets.

    How to block "DROP" type:

    My Server when receiving more than 5 INVALID packets, IP is DROP in CSF or IPTables.

    Thank you


    LogWatch

    --------------------- Kernel Begin ------------------------
    From 24.48.58.201 - 6 packets
    To xx.xxx.xxx.x - 6 packets
    Service: 57263 (tcp/57263) (Firewall: *INVALID*,eth1,none) - 6 packets
    From 24.48.58.202 - 11 packets
    To xx.xxx.xxx.x - 11 packets
    From 62.166.156.251 - 77 packets
    To xx.xxx.xxx.x - 77 packets
    Service: 16538 (tcp/16538) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 16565 (tcp/16565) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 16571 (tcp/16571) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 16684 (tcp/16684) (Firewall: *INVALID*,eth1,none) - 2 packets
    Service: 16838 (tcp/16838) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 16965 (tcp/16965) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 17152 (tcp/17152) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 17346 (tcp/17346) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 17513 (tcp/17513) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 17669 (tcp/17669) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 17870 (tcp/17870) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 18031 (tcp/18031) (Firewall: *INVALID*,eth1,none) - 2 packets
    Service: 18208 (tcp/18208) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 18426 (tcp/18426) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 18605 (tcp/18605) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 18793 (tcp/18793) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 18963 (tcp/18963) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 19087 (tcp/19087) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 19331 (tcp/19331) (Firewall: *INVALID*,eth1,none) - 2 packets
    Service: 19544 (tcp/19544) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 19721 (tcp/19721) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 19900 (tcp/19900) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 20075 (tcp/20075) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 20265 (tcp/20265) (Firewall: *INVALID*,eth1,none) - 2 packets
    Service: 20403 (tcp/20403) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 20598 (tcp/20598) (Firewall: *INVALID*,eth1,none) - 3 packets
    Service: 20879 (tcp/20879) (Firewall: *INVALID*,eth1,none) - 3 packets
     
  2. Divino

    Divino Member

    Joined:
    Jan 6, 2006
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Can I use these rules in IpTables?

    :confused:

    # Protecoes contra ataques diversos.
    iptables -A INPUT -m state --state INVALID -j DROP

    # Descarte de pacotes nao-identificado ICMP (ping)
    iptables -A OUTPUT -m state -p icmp --state INVALID -j DROP
     
  3. Divino

    Divino Member

    Joined:
    Jan 6, 2006
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Does anybody know as blocking? :confused:
    INVALID packets

    It would like DROP in IPtables for 600/min

    Can they help me?
    Thank you
     
  4. Divino

    Divino Member

    Joined:
    Jan 6, 2006
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Help for INVALID packets

    Friends as DROP "INVALID packets" for 600/min in IPtables? :confused:


    Can they help me?
    Thank you
     
    #4 Divino, May 25, 2007
    Last edited: May 25, 2007
  5. Divino

    Divino Member

    Joined:
    Jan 6, 2006
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    DROP INVALID packets in IPtables?

    :confused: Somebody

    Thanks
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Please don't keep bumping a thread.

    The information in Logwatch means that the INVALID packets are already being DROPped, otherwise they wouldn't appear there.
     
  7. Divino

    Divino Member

    Joined:
    Jan 6, 2006
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Excuse

    Excuse
    I didn't express myself correctly
    If I change the time of 30/min for 600/min.
    Can it harm my server?

    Thanks
     
Loading...

Share This Page