Hi, Can anybody tell me what this traffic is? I've been altering on our router's access list and I noticed this in the syslog. Access list 120 is on one of 2 ethernet interfaces and is inbound to the router from our internal net. Both machines run DNS, 1.2.3.4 does transfers to our provider and 1.3.3.4 is a primary DNS for our internal net. As you can see these happen about every second and the port number increments on the sender, 1.2.3.4 every time. Jul 25 20:19:59 gateway.xyz.org 15667: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3509) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Jul 25 20:20:00 gateway.xyz.org 15668: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3510) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Jul 25 20:20:01 gateway.xyz.org 15669: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3511) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Jul 25 20:20:02 gateway.xyz.org 15670: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3512) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Jul 25 20:20:03 gateway.xyz.org 15671: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3513) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Jul 25 20:20:04 gateway.xyz.org 15672: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3514) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Jul 25 20:20:05 gateway.xyz.org 15673: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3515) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Jul 25 20:20:07 gateway.xyz.org 15674: %SEC-6-IPACCESSLOGP: list 120 permitted udp 1.2.3.4(3516) (Ethernet1 0000.929b.7532) -> 1.3.3.4(53), 1 packet Thanks from a puzzled net newbie Bill Luckett [EMAIL PROTECTED] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
