![](https://seccdn.libravatar.org/avatar/c9d905e4f6baa2d5fcdfde5598a10874.jpg?s=120&d=mm&r=g)
From while ago, I have been getting the following console message (also in /var/log/messages) almost everyday. When it happens, it shows on console in bursts.
==============================================================
Jan 9 21:58:29 bellini kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:20:a6:46:b3:cd:08:00 SRC=0.0.0.0
DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=15 ID=36934 PROTO=UDP
SPT=68 DPT=67 LEN=556
Jan 9 21:58:37 bellini kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:20:a6:46:b3:cd:08:00 SRC=0.0.0.0
DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=15 ID=36935 PROTO=UDP
SPT=68 DPT=67 LEN=556
Jan 9 21:58:44 bellini kernel: SuSE-FW-ACCEPT IN=eth0 OUT=
MAC=00:10:4b:c6:f4:46:00:06:52:4e:b1:8a:08:00 SRC=217.9.113.69
DST=18.62.3.197 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=36051 DF PROTO=TCP
SPT=3179 DPT=25 WINDOW=32120 RES=0x00 SYN URGP=0 OPT
(020405B40402080A503A5E290000000001030300)
Jan 9 21:58:52 bellini kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:60:97:7f:8e:53:08:00 SRC=18.62.0.228
DST=18.62.0.0 LEN=128 TOS=0x00 PREC=0x00 TTL=64 ID=8759 PROTO=UDP
SPT=1955 DPT=111 LEN=108
Jan 9 21:58:53 bellini kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:20:a6:46:b3:cd:08:00 SRC=0.0.0.0
DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=15 ID=36936 PROTO=UDP
SPT=68 DPT=67 LEN=556
====================================================================
What is going on? Is anybody from "SRC" site attacking my linux box
or what?
nslookup 18.62.0.228
shows a normally-looking output as follows:
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 18.70.0.160
Address: 18.70.0.160#53
228.0.62.18.in-addr.arpa name =