I've been going crazy trying to find out the format of these lines.
I know they're written by inetd/tcp wrappers, but none of the man pages
seem to have the format of the output.
Sep 21 23:23:51 kramer kernel: IP fw-in deny eth0 UDP 192.168.1.100:520
192.168.1.255:520 L=52 S=0x00
I=64 F=0x0000 T=31
Sep 21 23:24:21 kramer kernel: IP fw-in deny eth0 UDP 192.168.1.100:520
192.168.1.255:520 L=52 S=0x00
I=65 F=0x0000 T=31
Sep 21 23:24:51 kramer kernel: IP fw-in deny eth0 UDP 192.168.1.100:520
192.168.1.255:520 L=52 S=0x00
I=66 F=0x0000 T=31
Sep 21 23:25:21 kramer kernel: IP fw-in deny eth0 UDP 192.168.1.100:520
192.168.1.255:520 L=52 S=0x00
I=71 F=0x0000 T=31
I have a bunch of these linse, with the I= incrementing, usually by one,
with each hit. The firewall properly denied them, but I would like to
know what's going on. The scary part is that I have no .100 machine
(although I am using 192.168.1.x for my internal machines), so these are
prolly being broadcasted from someone else's box which is set up wrong.
Can that be? Doesn't M1X block those ranges?
So Can someone tell me where I can find the format of the above lines
documented?
RedHat 5.1 firewall connected to MediaOne Express cablemodem on eth0,
hub on eth1, with internal machines hooked up to the hub.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
