Every so often, a message like this comes across our log:
Mar 23 20:08:06 er6fw1 ipmon[14766]: 20:08:06.013918 2x fxp1 @0:71 b \
10.10.10.9,3947 -> 10.10.10.255,138 PR udp len 20 229 IN
I'm pretty sure I narrowed this down to a printer which has yet to have a
proper IP address assigned to it. That much is understandable. Almost
immediately thereafter, though, the following kind of message is logged:
Mar 23 20:08:06 er6fw1 ipmon[14766]: 20:08:06.018640 fxp1 @0:82 b \
<sys-ip> -> 10.10.10.9 PR icmp len 20 56 icmp 3/0 for \
10.10.10.9,3947 - 10.10.10.255,138 PR udp len 20 63744 IN
"<sys-ip>" is a "real" IP address on our subnet. Could someone "translate"
this second log record? More importantly, can anyone guess if/how the two
messages might be related? In particular, I'm concerned that the system
identified with "<sys-ip>" might be mis-configured. (It's an ancient HP
9000/375 running HP-UX 7.0 B. Because it was supplied with a HP gas
chromatograph largely as a turnkey system, most of the HP-UX documentation
isn't available.)
Thanks,
Mike
--
Michael T. Davis | Systems Specialist: ChE,MSE
E-mail: [EMAIL PROTECTED] | Departmental Networking/Computing
-or- [EMAIL PROTECTED] | The Ohio State University
http://www.er6.eng.ohio-state.edu/~davism/ | 197 Watts, (614) 292-6928
