Thanks, Brad
Yep the NT's address is 10.0.0.2, the printer it would connect to when it was outside of the firewall had the static ip 192.168.1.11. I don't recognize the .14 address. The only other thing with a 10.10.10. address should be eth1 on the firewall, which is 10.10.10.254.> > > Feb 4 17:29:52 Nimrod kernel: Packet log: input REJECT eth1 PROTO=17 > > > 10.10.10.2:4813 10.0.0.14:161 L=84 S=0x00 I=58236 F=0x0000 T=128 (#39) > >This is a machine broadcasting/requesting SNMP service. Are one of > >your boxes managing the ouside router or being polled for SNMP info? > The only thing currently behind the firewall is an NT4 box for testing > purposes. I checked it under control panel > services for SNMP but there > wasn't anything listed. This is a WAG, but sometimes M$ machines will spew SNMP requests to printers they have configured. I suspect the "SNMP service" is a daemon that listens for requests, not an agent which polls SNMP-enabled devices. Is 10.10.10.2 the NT server's address? Do you recognize the 10.0.0.14 address?
Okay, so I can safely ignore it then. The machines outside of the firewall should all be getting their DHCP leases from our ISP's router.> input DENY eth0 PROTO=17 0.0.0.0:68 255.255.255.255:67 L=338 S=0x00 I=0 > F=0x0000 T=128 (#5) A machine on the network hooked to eth0 (typically the external interface) is requesting a DHCP lease. It doesn't have an address yet, so it uses the address 0.0.0.0 and broadcasts the request to everyone who is listening (255.255.255.255).
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html