gb-users mailing list archive
<-- Chronological -->
Extended
<-- Thread -->

RE: strange logs - revisited

More messages from [ Jon Thiele]
To: "'Paul Emerson'" <paul_at_gta_dot_com>
Subject: RE: strange logs - revisited
From: "Jon Thiele" <jthiele_at_plexnet_dot_com>
Date: Wed, 15 Mar 2000 07:32:43 -0500
Cc: <gb-users_at_gta_dot_com>
In-reply-to: <> 
Yep, that did it.  I was confused as to what I was to block.

Thanx.


-----Original Message-----
From: Paul Emerson [mailto:paul_at_gta_dot_com]
Sent: Tuesday, 14 March, 2000 11:42 PM
To: Jon Thiele
Cc: gb-users_at_gta_dot_com
Subject: Re: strange logs - revisited


Jon,

Does your filter have the "Broadcast" item checked?  Also this 
message indicates the UDP broadcast has a source port of 1015 and 
destination port of 1015, so the filter you've listed will not match 
the packet.

Paul

>Send postings to: gb-users_at_gta_dot_com
>Access the list archives at:
>http://www.gnatbox.com/gb-users/
>----------------------------------
>
>I have the same problem that "michael" mentioned in a mail message to this
>list on Wed, 5 Jan 2000 - he was receiving multiple messages that looked
>like:
>
>Jan 5 22:32:43  FILTER: remote access filter blocks: UDP bcast fxp0
>[199.245.180.13/1015] ->[255.255.255.255/1015] l=148
>
>I currently average about 40 to 50 per minute of exactly the same type of
>message.
>
>I modified the rule to say "Deny ANY UDP nolog from "ANY_IP" to "ANY_IP" 9
>67 68 137 138 139 148 161 513" and saved my configuration but I still get
>these messages.
>
>In a reply to Michael's message, Joe Biniskiewicz suggested that "The
>solution is to set your alarm thresholds high enough that you don't get
>email and pager messages regarding these broadcasts, and then otherwise
>ignore them."  However, I'd really don't want to see them and I thought my
>rule would solve this problem.
>
>Anyone see the reason I'm still logging these broadcast messages???
>
>
>Thanx.
>
>----------------------------------------------
>To Unsubscribe: send mail to majordomo_at_gta_dot_com
>with "unsubscribe gb-users your_email_address
>in the body of the message

-- 
-------------------------------------------------------------------------
Paul Emerson                               Tel: +1.407.380.0220 x106
Global Technology Associates, Inc.         Fax: +1.407.380.6080
3505 Lake Lynda Drive                   Mobile: +1.407.310.8564
Suite 109                                Pager: +1.888.440.8232
Orlando, Florida 32817                   Email: paul_at_gta_dot_com
USA                                        Web: http://www.gta.com
                       Mobile Email: 407.310.8563_at_messaging.sprintpcs_dot_com
-------------------------------------------------------------------------
[ Search for messages with a similar subject]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: strange logs - revisited, Paul Emerson
Next by Date:  Re: duplex problem on the gnatbox, Joe Matuscak
Previous by Thread:  Re: strange logs - revisited, Paul Emerson
Next by Thread:  IP Pass Through setup problems, Jason Antonacci
Indexes:  [Date] [Thread] [All Lists] [Home]
Global Technology Associates, Inc