Paul: Heya. This looks to me like a DHCP reply as well (checkout http://www.echogent.com/cgi-bin/fwlog.pl to see). I think RFC-1542 indicates that port-68 is where DHCP (aka, BOOTP) replies must sent *to*, and DHCP servers send them from port 67. Though I bet elsewhere in your logs, you are seeing your neighbor's initial DHCP requests as well (they'll originate from port-68, destined for port-67). Anyhow. To get these to stop, try the echowall.lrp firewall scripts for Dachstein. You can find it on the LEAF site, or via Freshmeat.net. When I first wrote them, I was on an AT&T@Home cable-modem system that used DHCP.
cheers, Scott > I have a curious and annoying problem. I am on a cable modem system for > which the DHCP server apparently sits at a private IP address 10.0.48.1 > although the system address is 68.2.x.x . The annoyance is that my logs > fill up with the following message: > > Apr 4 21:04:55 gwrouter kernel: Packet log: input DENY eth0 PROTO=17 > 10.48.0.1:67 255.255.255.255:68 L=334 S=0x00 I=42391 F=0x0000 T=255 (#50) > > What would be the best way to handle this in the firewall rules (I'm running > Dachstein v1.02)? > > thanks! > > paul > > Paul M. Wright, Jr. > McKay Technologies > "making technology play nice..." _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user