On Thu, 4 Jan 2001, Bret Hughes wrote: > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= > Jan 4 10:31:17 tulfw1 kernel: Packet log: input DENY eth1 PROTO=1 > 151.164.62.11:8 xxx.xxx.xxx.xxx:0 L=56 S=0x00 I=3899 F=0x4000 T=250 (#6) > Jan 4 10:31:17 tulfw1 kernel: Packet log: input DENY eth1 PROTO=1 > 151.164.62.11:8 xxx.xxx.xxx.xxx:0 L=56 S=0x00 I=3900 F=0x4000 T=250 (#6) > Jan 4 10:31:18 tulfw1 kernel: Packet log: input DENY eth1 PROTO=1 > 151.164.62.11:8 xxx.xxx.xxx.xxx:0 L=56 S=0x00 I=3901 F=0x4000 T=250 (#6) > > Any insight appreciated. I think you're being pinged... PROTO=1 - that's ICMP. In icmp ipchains uses the port fields for type and code. ICMP type 8 is an echo request. Pings don't use the code field (ony unreach and redirect do i think) so that explains the 0 port number. M. -- WebCentral Pty Ltd Australia's #1 Internet Web Hosting Company Level 1, 96 Lytton Road. Network Operations - Systems Engineer PO Box 4169, East Brisbane. phone: +61 7 3249 2583 Queensland, Australia. pgp key id: 0x900E515F _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
