/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
>Sep 10 01:05:07 wormhole kernel: IP fw-in deny eth1 UDP 10.0.0.1:1999
>255.255.255.255:1999 L=188 S=0x00 I=64272 F=0x0040 T=1
Port 1999 is:
tcp-id-port 1999/tcp cisco identification port
tcp-id-port 1999/udp cisco identification port
I bet this is cdp traffic from some Cisco router. Do you run this
router or someone else? If it isn't yours, try tracerouting to it
and see where it is.
CDP is usually enabled by default on Cisco routers. Its not a
bad thing I suppose. I would just setup an explict firewall ruleset
that rejects but DOESN'T log it.
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
