Hi,
can someone give me any reason why a nameserver would make a request to 2049 which is nfs
Packet log: input DENY ppp0 PROTO=17 212.156.4.20:53 212.156.196.114:2049 L=137 S=0x00 I=5423 F=0x0000 T=27 (#39) Packet log: input DENY ppp0 PROTO=17 212.156.4.20:53 212.156.196.114:2049 L=137 S=0x00 I=5574 F=0x0000 T=27 (#39) Packet log: input DENY ppp0 PROTO=17 212.156.4.20:53 212.156.196.114:2049 L=137 S=0x00 I=5738 F=0x0000 T=27 (#39)
not a request. an answer. You ---> isp's dns (ist-dnssrv.ttnet.tr) 1024: ---> 53 / udp 1024: <--- 53 / udp only block 53/tcp. open 1024:5000 for client requests and receiving answers. These are usually the most used ports for communication from client to servers to client if you use masquerading on your linux box. Since you've got a dial up "router" you do use masquerading. But if you like I can give you some real reasons for being afraid :-)) HTH Philipp