Date: Fri, 1 Feb 2002 06:49:57 +0100 From: Mark Rowlands <fuc952d@tninet.se> To: <darryl@osborne-ind.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: Firewall log question Message-ID: <20020201054945.D527A37B41D@hub.freebsd.org> In-Reply-To: <002801c1aaa8$9018da20$0701a8c0@darryl> References: <002801c1aaa8$9018da20$0701a8c0@darryl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 31 January 2002 11:42 pm, Darryl Hoar wrote: > Greetings, > I have 4.4-Stable running as a firewall with IPFILTER. > > We recently had to replace our aDSL router/modem with a > different make/model. > > I have started seeing a ton of the following in the firewall_log > file. > > ipmon[104]: 15:36:52.779531 xl0 @0:3 b 10.0.0.1, router -> 10.0.0.255, > router PR udp len 20 72 IN > Can someone help me decipher this, so I can figure out the cause and > fix it? at 15:36:52.779531 rule 3 blocked an inbound broadcast packet (udp protocol 520 (routed possibly?) ) from 10.0.0.1 and kindly logged it for you ipfstat -in will tell exactly what rule 3 (the offending rule in this case) looks like perhaps it is @3 block in log quick on xl0 from 10.0.0.0/8 to any > Can someone help me decipher this, so I can figure out the cause and > fix it? > > thanks, > Darryl > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Sign seen on door: C I T Y P L A N N ING To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020201054945.D527A37B41D>