hi, with a running and working firehol firewall, I still get these messages in syslog:
May 28 17:51:06 diana50 kernel: IN-interface1:IN=eth0 OUT= MAC=00:50:fc:e4:e4:d4:00:90:69:cd:d4:1f:08:00 SRC=62.99.78.133 DST=62.75.129.11 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=46176 DF PROTO=TCP SPT=3372 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 May 28 17:51:07 diana50 kernel: IN-interface1:IN=eth0 OUT= MAC=00:50:fc:e4:e4:d4:00:90:69:cd:d4:1f:08:00 SRC=213.10.237.114 DST=62.75.129.11 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=22801 DF PROTO=TCP SPT=3934 DPT=5554 WINDOW=16384 RES=0x00 SYN URGP=0 May 28 17:51:08 diana50 kernel: IN-interface1:IN=eth0 OUT= MAC=00:50:fc:e4:e4:d4:00:90:69:cd:d4:1f:08:00 SRC=213.10.237.114 DST=62.75.129.11 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=23315 DF PROTO=TCP SPT=4192 DPT=9898 WINDOW=16384 RES=0x00 SYN URGP=29184 in my eyes this looks like some tiny people (62.99.78.133 and 213.10.237.114) requested something on my server diana50 (62.75.129.11) over TCP, but on which port? Why is this in syslog? If it's only about a connection that went through an open port, how can i turn this off? if it's a request trial that was rejected, why do I get this that often? bye jonas
