Date: Thu, 10 Apr 2008 14:38:57 -0400 From: Rob <bitabyss@gmail.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: ipfw denial log - what's this mean? Message-ID: <47FE5EC1.7000809@gmail.com>
next in thread | raw e-mail | index | archive | help
Hi Everyone, My 6.2-Release system coughed up a report of denied packets from ipfw in its daily security run: ipfw denied packets: +++ /tmp/security.gnkQg5CA Thu Apr 10 03:04:15 2008 +00200 12 795 deny ip from any to 127.0.0.0/8 What does this mean? I understand that's the loopback interface, but I'm not terribly knowledgeable on ipfw. Is this some crack attempt, or normal background noise? I don't understand how lo0 would ever see any IP addresses other than its own?! The whole rule set looks like this: # ipfw show 00100 4749394 1011660210 allow ip from any to any via lo0 00200 12 795 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 01005 17272713 2535346056 fwd 12.219.128.1 tcp from 12.219.128.39 to any out 65000 174044808 81045388703 allow ip from any to any 65535 1 328 deny ip from any to any -Thanks, Rob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47FE5EC1.7000809>