That's FireHOL, which is converted to iptables rules by a bash shell script. On the plus side, it's easier to read, write, and all the malformed packet attacks are handled automatically. On the minus side, the table rules aren't editted directly. I've been using iptables -vL to follow what rules it's set, but they all look sensible.
Your idea about weird NAT may have something to it, vis.
ppp0 Link encap:Point-to-Point Protocol
inet addr:213.78.120.250 P-t-P:172.26.131.160 Mask:255.255.255.255
which appears to imply the remote end has NAT weirdness going on, even though my actual IP address is a public IP. TBH, I have no idea what the ISP are up to there.
FireHOL logs packets that don't match any of its rules by default. However, I may be able to set up even more logging, but then I suspect I'll be swamped by info and unable to find the specific bit I need.
no subject
Your idea about weird NAT may have something to it, vis.
ppp0 Link encap:Point-to-Point Protocol inet addr:213.78.120.250 P-t-P:172.26.131.160 Mask:255.255.255.255which appears to imply the remote end has NAT weirdness going on, even though my actual IP address is a public IP. TBH, I have no idea what the ISP are up to there.
FireHOL logs packets that don't match any of its rules by default. However, I may be able to set up even more logging, but then I suspect I'll be swamped by info and unable to find the specific bit I need.