I have the standard cablemodem setup with two nics in my linux box.
eth0 goes to the cablemodem, eth1 goes to my hub/intranet.
I'm constantly getting bombarded with entries from 10.* and 192.168.1.*
at eth0, which shouldn't be. I know it's not another machine on my
intranet, because it happens when no other computer in the house is on.
Could it be my own server sending stuff out then coming back in?
Anyway, here are some sample entries.
Mar 23 13:36:30 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1034
255.255\
.255.255:56398 L=37 S=0x00 I=48896 F=0x0000 T=128
Mar 23 13:36:30 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1036
255.255\
.255.255:56398 L=37 S=0x00 I=49408 F=0x0000 T=128
Mar 23 14:30:52 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1178
255.255\
.255.255:56398 L=37 S=0x00 I=5642 F=0x0000 T=128
Mar 23 14:30:53 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1181
255.255\
.255.255:56398 L=37 S=0x00 I=6410 F=0x0000 T=128
Mar 23 15:27:27 kramer kernel: IP fw-in deny eth0 UDP 10.0.0.1:800
255.255.255\
.255:800 L=45 S=0x00 I=43264 F=0x0000 T=128
Mar 23 15:27:50 kramer kernel: IP fw-in deny eth0 UDP 10.0.0.1:1048
255.255.25\
5.255:6666 L=65 S=0x00 I=8449 F=0x0000 T=128
Mar 23 15:27:50 kramer kernel: IP fw-in deny eth0 UDP 10.0.0.1:1049
255.255.25\
5.255:6549 L=65 S=0x00 I=9217 F=0x0000 T=128
Mar 23 15:32:23 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1533
255.255\
.255.255:56398 L=37 S=0x00 I=10517 F=0x0000 T=128
Mar 23 15:32:23 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1554
255.255\
.255.255:56398 L=37 S=0x00 I=15893 F=0x0000 T=128
Mar 23 15:33:19 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1578
255.255\
.255.255:56398 L=37 S=0x00 I=30485 F=0x0000 T=128
Mar 23 15:33:19 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1581
255.255\
.255.255:56398 L=37 S=0x00 I=31253 F=0x0000 T=128
Mar 23 15:35:26 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1624
255.255\
.255.255:56398 L=37 S=0x00 I=8982 F=0x0000 T=128
Mar 23 15:35:26 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1643
255.255\
.255.255:56398 L=37 S=0x00 I=13846 F=0x0000 T=128
Mar 23 15:39:48 kramer kernel: IP fw-in deny eth0 UDP 10.0.0.1:800
255.255.255\
.255:800 L=45 S=0x00 I=43776 F=0x0000 T=128
Mar 23 15:40:06 kramer kernel: IP fw-in deny eth0 UDP 10.0.0.1:1044
255.255.25\
5.255:6549 L=65 S=0x00 I=65280 F=0x0000 T=128
Mar 23 15:40:06 kramer kernel: IP fw-in deny eth0 UDP 10.0.0.1:1045
255.255.25\
5.255:6666 L=65 S=0x00 I=1 F=0x0000 T=128
Mar 23 15:52:07 kramer kernel: IP fw-in deny eth0 UDP 192.168.0.1:1832
255.255\
Any clues? Is there anyway to find out who it is? Thanks in advance.
--
-------------------------------------------------------------------
DDDD David Kramer [EMAIL PROTECTED]
DK KD http://start.at/david.kramer
DKK D
DK KD It is harder to conceal ignorance than to acquire knowledge.
DDDD
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
