[accidentally sent this message from the wrong address, my apologies to the moderator]
Hey folks, I'm running Bering a firewall, three interfaces: eth0 is 209.98.2.1 eth1 is 192.168.1.254 (LAN) eth2 is 10.0.0.254 (DMZ) This evening, I noticed the following in my log files: Oct 14 23:00:14 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:77:c1:00:02:ff:ff:02:01:77:c1:10:07 SRC=209.98.2.1 DST=209.101.210.198 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=42724 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=4323 Oct 14 23:00:24 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=71:10:c0:00:00:00:00:11:00:00:00:00:00:00:00:00:00:00:00:02:00:00:00:00:00:00:00:d2:05:00:00:00:00:00:00:d2:05:00:00:49:12:00:00:00:00:00:00:00:00:20:c1:00:00:20:c1:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:ec:45:00:00:5c SRC=209.98.2.1 DST=209.101.210.198 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=23174 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=5091 it continues on like this: Oct 14 23:02:57 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.98.111.101 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=38485 PROTO=ICMP TYPE=0 CODE=0 ID=256 SEQ=43473 Oct 14 23:03:07 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.98.111.101 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=57193 PROTO=ICMP TYPE=0 CODE=0 ID=256 SEQ=44241 Oct 14 23:06:53 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.101.254.160 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=21489 PROTO=ICMP TYPE=0 CODE=0 ID=768 SEQ=32753 Oct 14 23:07:03 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.101.254.160 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=34477 PROTO=ICMP TYPE=0 CODE=0 ID=768 SEQ=33521 Oct 14 23:07:22 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.97.104.30 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=6621 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=39885 Oct 14 23:07:32 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.97.104.30 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=32430 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=40653 Oct 14 23:07:36 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.97.104.65 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=43425 PROTO=ICMP TYPE=0 CODE=0 ID=768 SEQ=19193 Oct 14 23:07:46 firewall Shorewall:all2all:REJECT: IN= OUT=eth0 MAC=00:50:fc:59:16:5b:00:20:ea:1f:0f:fc:08:00 SRC=209.98.2.1 DST=209.97.104.65 LEN=92 TOS=00 PREC=0x00 TTL=64 ID=32216 PROTO=ICMP TYPE=0 CODE=0 ID=768 SEQ=19961 I don't have foggiest idea what's going on here, and this certainly hasn't happened before, so any help would be appreciated. thanks, arif ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
