On Mon, 2003-01-20 at 05:39, Brian York wrote:
Here is an error that is building up log files at a rate of about 2 every second.
Jan 19 23:09:33 mordor kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:08:00:46:1d:e6:11:08:00 SRC=172.25.31.136 DST=172.25.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=26157 PROTO=UDP SPT=137 DPT=137 LEN=58
These other machines on your lan are probably Windows machines. It looks
like win95 or 98 and their highly scientific method of finding other
machines on the LAN by simply screaming to the entire world "HERE I AM,
COME AND GET ME!" :)
Or perhaps some script kiddie trying to find open windows shares.
The point is that if you're not running windows or samba, the above is
nothing to worry about. You might want to reduce the logging a bit.
iptables -I INPUT --protocol tcp --dport 137 -j DROP
will make your firewall silently drop them without cluttering up your
logs.
--
Anders Johansson