Hi all, From my log files, I got the following messages. I know the below IP address is coming from the same network as I do. and I have checked the IP address (203.194.161.2 and 203.194.161.3) with my ISP, they told me the IP of 203.194.161.2 and 203.194.161.3 are routers. And they have confirmed that they didn't send me such packet. As the result, It may be spoof packet. So, how can I stop people sending me thoes packet or how to find out the sources (where are the packet come from). I got tones of those garbages in my log files. It's filling up my disk space. Feb 20 07:26:08 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.2:1985 224.0.0.2:1985 L=48 S=0xC0 I=0 F=0x0000 T=2 (#41) Feb 20 07:26:09 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.3:1985 224.0.0.2:1985 L=48 S=0xC0 I=0 F=0x0000 T=2 (#41) Feb 20 07:26:10 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.81:137 203.194.161.255:137 L=78 S=0x00 I=2823 F=0x0000 T=128 (#40) Feb 20 07:26:11 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.81:137 203.194.161.255:137 L=78 S=0x00 I=2830 F=0x0000 T=128 (#40) Feb 20 07:26:11 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.81:138 203.194.161.255:138 L=257 S=0x00 I=2831 F=0x0000 T=128 (#40) Feb 20 07:26:11 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.2:1985 224.0.0.2:1985 L=48 S=0xC0 I=0 F=0x0000 T=2 (#41) Feb 20 07:26:11 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.3:1985 224.0.0.2:1985 L=48 S=0xC0 I=0 F=0x0000 T=2 (#41) Feb 20 07:26:13 dns1 kernel: Packet log: input DENY eth0 PROTO=17 203.194.161.81:138 203.194.161.255:138 L=229 S=0x00 I=2835 F=0x0000 T=128 (#40) Thank You so much for your help, Mark _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list