From mboxrd@z Thu Jan  1 00:00:00 1970
From: Saurabh Bathe <saurabh@beginbyte.org>
Subject: Re: UFW logging
Date: Thu, 22 Dec 2011 21:28:07 +0530
Message-ID: <4EF3538F.4050607@beginbyte.org>
References: <LB95C01C20EFD4ab49E771871DAC54AB0.1324389799.earth.sciencephoto.co.uk@MHS>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <linux-admin-owner@vger.kernel.org>
In-Reply-To: <LB95C01C20EFD4ab49E771871DAC54AB0.1324389799.earth.sciencephoto.co.uk@MHS>
Sender: linux-admin-owner@vger.kernel.org
List-ID: <linux-admin.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: linux-admin@vger.kernel.org

On Tuesday 20 December 2011 07:33 PM, Dermot Paikkos wrote:
> Chain ufw-user-limit (0 references)
>      pkts      bytes target     prot opt in     out     source
>       destination
>         0        0 LOG        all  --  *      *       0.0.0.0/0
>     0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 0 level 4
> prefix `[UFW LIMIT BLOCK] '

I would say the rule above *could* be suspect, which would log anything 
that it catches. Depending on where in the filter it is being 
referenced, it maybe catching those packets. I cannot say definitively 
without actually seeing whole iptables -nL output.

Thanks,
Saurabh