On Tue, 3 Jul 2001, Joss Winn wrote:
Jul 3 00:38:17 linux kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=211.104.247.142 DST=211.2.96.188 LEN=6
What this means is a packet came in ppp0 (your modem) destined for 211.2.96.188 (your ip address) from 211.104.247.142 (or where ever)
This may have been a legitimate packet arriving out of sequence, or may have been somebody doing a malicious probe of your machine. What I would really need to tell you more what was going on would be the source port and destination port addresses, they would look something like SPT=80 DPT=50347 for example in my firewall.
The main thing about these messages is that they are a good thing in that at least your firewall appears to be doing something (whether the right thing or not I can't tell you). If you can give me some more output (maybe the output of dmesg) would help me tell you a little more.
While I am here does anybody know how to get iptables to increase the time it holds onto an out of sequence packet? I am getting loads of dropped packets when web browsing and wanted to have a look at this... although I must admit I havn't RTFM yet.
Adam