On Wed, Mar 21, 2001 at 20:40 +0100, SlavaU wrote:
I have thousands(!!!) of such entries in logfile on my internet router linux box.
1. Packet log: output DENY ippp0 PROTO=1 [My ISDN Dynamic IP]:3 [ISP_DNS_IP]:3 L=56 S=0x00 I=11521 F=0x0000 T=127 (#3)
Port 3 means "compressnet". Could/should I allow this compressnet (and how?) or just to disable loggging?
Look at the protocol! ICMP doesn't have "ports" but has the notion of "code" instead. This is some kind of "unreachable" message.
2. Packet log: input DENY ippp0 PROTO=1 [Some Inet IP]:8 [My ISDN Dynamic IP]:0 L=15 00 S=0x00 I=45898 F=0x4000 T=252 (#161)
What is the Port 8, which is missing from /etc/services and what to do with that?
This is some "echo" thing (ping, traceroute, et al). Either you triggered them yourself, you inherited some other person's IP address and get late connections / attempts or someone is spoofing your address and you get the responses from the "victim". virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.