Chris, On Wed, 05 Feb 2003 13:38:32 PST Chris Low wrote:
> > > > Feb 4 17:29:52 Nimrod kernel: Packet log: input REJECT eth1 PROTO=17 > > > 10.10.10.2:4813 10.0.0.14:161 L=84 S=0x00 I=58236 F=0x0000 T=128 (#39) > >This is a machine broadcasting/requesting SNMP service. Are one of > >your boxes managing the ouside router or being polled for SNMP info? > > The only thing currently behind the firewall is an NT4 box for testing > purposes. I checked it under control panel > services for SNMP but there > wasn't anything listed. This is a WAG, but sometimes M$ machines will spew SNMP requests to printers they have configured. I suspect the "SNMP service" is a daemon that listens for requests, not an agent which polls SNMP-enabled devices. Is 10.10.10.2 the NT server's address? Do you recognize the 10.0.0.14 address? [RIP SILENT_DENY question snipped since I don't know the answer.] > Also, I'm now getting the following message in my logs that I wasn't > getting before (at least I didn't notice them before): > > input DENY eth0 PROTO=17 0.0.0.0:68 255.255.255.255:67 L=338 S=0x00 I=0 > F=0x0000 T=128 (#5) A machine on the network hooked to eth0 (typically the external interface) is requesting a DHCP lease. It doesn't have an address yet, so it uses the address 0.0.0.0 and broadcasts the request to everyone who is listening (255.255.255.255). HTH, Brad ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
