I've been getting tons of these mysterious packets. Eth0 is my external interface so it's unusual that these two private IPs are hitting it. I checked it against that ipchains log decoder (forgot the website) which mostly brushed it off as non-threatening. However, 216.231.46.238 was the result of a big nasty DOS attack last weekend so I'm suspicious of everything. Any insight is most helpfull.
The offending packets (they are constantly coming in): Dec 19 09:30:19 mail kernel: Packet log: input DENY eth0 PROTO=6 192.168.27.31:80 216.231.46.238:14641 L=41 S=0x00 I=35612 F=0x4000 T=51 (#10) Dec 19 09:30:26 mail kernel: Packet log: input DENY eth0 PROTO=6 172.16.0.110:80 216.231.46.238:32992 L=40 S=0x00 I=34533 F=0x4000 T=238 (#9) -Scott _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
