On 08/15/2012 04:07 AM, Timothy Murphy wrote: > > Please forgive what is almost certainly an ignorant question > from one who has little understanding of the subject. > > I'm running CentOS-6.3 with shorewall (and fail2ban), > accessing the internet through a Billion router/modem. > > I've noticed recently a large number of logwatch entries like > ------------------------------------ > Dropped 4177 packets on interface eth0 > From 1.0.159.111 - 2 packets to udp(51001) > ------------------------------------ > all targeting port 51001 (from many different IP addresses). > > I haven't explicitly opened this port on the router, > nor is it mentioned in my shorewall rules. > > I would have thought this packet would be unable > to get through the router? > Or are UDP packets usually treated differently to TCP packets?
Assuming that logwatch is running on your Shorewall router, this simply indicates that the packets are being dropped and logged. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
