On Tue, Mar 27, 2001 at 02:16:38AM -0500, David Priban wrote: > I have been seeing a lot of these entries in my logs lately. > Could this be some sort of legitimate traffic triggering this ipchains rule? > Or is it just plain spoofing attempt by someone? > > Thanks David > > kernel: Packet log: input DENY eth1 PROTO=17 127.0.0.1:2301 > 255.255.255.255:2301 L=240 S=0x00 I=674 F=0x0000 T=128 (#2) > kernel: Packet log: input DENY eth1 PROTO=17 127.0.0.1:2301 > 255.255.255.255:2301 L=40 S=0x00 I=801 F=0x0000 T=128 (#2) from localhost to broadcast, you should allow traffic from localhost anyway, use the rp_filter option to deny spoofers
this is prolly some legitimate traffic, adapt your ipchains rules :) -- ,-------------------------------------------. > Name: Alson van der Meulen < > Personal: [EMAIL PROTECTED] < > School: [EMAIL PROTECTED] < `-------------------------------------------' Do you really need your home directory to do any work? ---------------------------------------------
