I want to make sure a machine has the minimum ports/services open. I have a server which uses IPSec over IPv6. I've only allowed certain ports to be open (in this case just TCP/22 and UDP/500 for IPSec - I always allow ICMP).
When I try and establish a connection I get the following in the syslog (excuse the making it multi-line):
IPv6-input IN=eth0 OUT= SRC=26xx:xxxx:xxxx:0000:0000:0000:0000:xxxx DST=26xx:xxxx:xxxx:0000:0000:0000:0000:xxxx LEN=192 TC=0 HOPLIMIT=57 FLOWLBL=0
Now there's no protocol in that log entry, so how do I work out exactly what's being attempted by the client and how to create a rule that JUST allows these types of connections?
I guess perhaps they are related to mtu-discovery or something like this (although I don't know for sure).
~ Mike