Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: /var/log/messages
« previous next »
Pages: [1]   Go Down

/var/log/messages

  • 1 Replies
  • 635 Views

Dean Mumby

/var/log/messages
« on: June 26, 2001, 12:40:21 PM »
HI could someone please tell me what is being blocked here


Packet Log: denylog Deny eth1 PROTO=17 192.168.1.1:520 192.168.1.255:520 L=72 S=0x00 I=2806 F=0x0000 T=1



It occurs every 30 seconds.The I=xxxx chagnes everytime

192.168.1.0 is the network range between my e-smith box and my ISDN Modem/Router , it is a dircet crossover connection

Any ideas ?

Regards
Dean
Logged

Mike Sensney

Re: /var/log/messages
« Reply #1 on: June 28, 2001, 07:40:06 AM »
If I am not mistaken, 192.168.1.1 is looking for other routers.

Get my handy packet log decoder from:
http://users.owt.com/msensney/lrp/packetlog.pdf

Deny          <=Packet Denied
eth1          <=NIC packet was logged on
PROTO=17      <=UDP packet
192.168.1.1   <=Source address
:520          <=Source Port = route
192.168.1.255 <=Dest address = broadcast
:520          <=Dest Port = route

To (sometimes) find what a port is do:
cat /etc/services | grep

or in our case:
cat /etc/services | grep 520
efs             520/tcp
route           520/udp         router routed
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: /var/log/messages