> I just got a lot of log entries on my firewall telling me about rejected > packages on port 65535. The protocol is 50 (aka esp). Does anyone know what > this is? The machine in question is a potato box. There is no VPN installed.
Port 65535 are fragments. Turn on ip defragmentation via /proc !! (if a fragment is recieved, only the first can be filtered; the later ones do not contain port information, so they will get port -1) Greetings, Erich
