Adrian, -- Source 0.0.0.0 UDP 68, Dest 255.255.255.255 UDP 67 -- Is the standard DHCP Discovery in action.
http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol#DHCP_discovery You will commonly see these come and go in your "Firewall States". Though in your case it seems a DHCP client is not happy and is continuing to to do an inquiry and not getting an answer it likes. This could be a broken client, possibly DHCP not enabled on that LAN segment, etc. . My guess this is something on your LAN, and probably worth figuring out. Looking at the syslog (/var/log/messages) is a good start. Lonnie On Jul 22, 2014, at 3:32 PM, Adrian Hodgson wrote: > Since doing an update to latest I have a strange, supposed non existent IP > connected to me acording to the firewall, of 0.0.0.0, it has started from > doing the update. > > Here is part of the status page:- > > Firewall States: > Source > Port (#'s) > Destination > Port > Protocol > Packets > Bytes > TTL > 0.0.0.0 > 68 > 255.255.255.255 > 67 > UDP > 501 > 287832 > 0:44 > 192.168.1.67 > 5060 > 217.10.79.23 > 5060 > UDP > 635 > 154504 > 2:51 > 94.23.216.21 > 5070 > 192.168.1.67 > 5060 > UDP > 6 > 3576 > 0:46 > 192.168.1.66 > 33078 (6) > 192.168.1.67 > 443 > TCP > 10 > 1649 > 7199:59 > 192.168.1.67 > 58330 (2) > 54.230.10.190 > 80 > TCP > 10 > 1082 > 0:51 > > As you can also see I have 94.23.216.21 having a go > > At present I have adaptive ban active and also > a blocked hosts of: > > 95.0.0.0/8 > > 192.210.0.0/16 > > 37.0.0.0/8 > > 62.210.0.0/16 > > 62.75.0.0/16 > > 85.25.0.0/16 > > 192.227.225.0/24 > > 162.252.0.0/16 > > 82.205.0.0/17 > > 212.129.8.0/24 > > 23.94.0.0/15 > > 142.54.160.0/19 > > 107.150.32.0/19 > > 93.190.88.0/21 > > > Should the 0.0.0.0 be of concern, do I have an error in setup or have I found > something that should not be there? > > Adrian > > http://www.tamarisktechnicals.com > Sipgate: 2126009 ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
