Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 5 Apr 2001 11:25:30 -0700 (PDT)
From:      Rick Duvall <maillist@coastsight.com>
To:        freebsd-questions@freebsd.org
Subject:   IPFW 127.0.0.1:2301 255.255.255.255
Message-ID:  <Pine.BSF.4.21.0104051123480.6295-100000@ns1.coastsight.com>
next in thread | raw e-mail | index | archive | help 
What is this all about?  Is it a DoS attack, or is there something on the
system trying to do something?

Here is ipfw show:
root@ns1:/var/log/custom# ipfw show
00100 11326  1326686 allow ip from any to any via lo0
00200     0        0 deny log ip from any to 127.0.0.0/8
00300 89854 10873871 allow ip from any to any via rl0
00400 79902 19336464 allow tcp from any to any established
00500     0        0 allow ip from any to any frag
00600   243    11872 allow tcp from any to 208.46.230.13 25 setup
00700  1837    84284 allow tcp from any to 208.46.230.13 80 setup
00800   307    13584 allow tcp from any to 208.46.230.13 443 setup
00900     0        0 allow tcp from any to 208.46.230.14 443 setup
00950     3      132 allow tcp from 208.46.170.13 to 208.46.230.13 53
setup
01000  1268    55792 allow tcp from 208.46.230.13 to any setup
01100   161     8308 deny log tcp from any to any setup
01200  2565   165221 allow udp from any to 208.46.230.13 53
01300  2515   411164 allow udp from 208.46.230.13 53 to any
01400  5337   993045 allow udp from any 53 to 208.46.230.13
01500  6478   435861 allow udp from 208.46.230.13 to any 53
01600   132    10032 allow udp from any 123 to 208.46.230.13
01700   132    10032 allow udp from 208.46.230.13 to any 123
65000   939    60147 deny log ip from any to any
65535     2      135 deny ip from any to any


Here is the log:

Apr  5 11:00:41 ns1 /kernel: ipfw: 65000 Deny UDP 127.0.0.1:2301
255.255.255.255:2301 in via rl1
Apr  5 11:01:41 ns1 /kernel: ipfw: 65000 Deny UDP 127.0.0.1:2301
255.255.255.255:2301 in via rl1
Apr  5 11:02:41 ns1 /kernel: ipfw: 65000 Deny UDP 127.0.0.1:2301
255.255.255.255:2301 in via rl1
Apr  5 11:02:55 ns1 /kernel: ipfw: 65000 Deny ICMP:3.1 204.152.184.5
208.46.230.13 in via rl1
Apr  5 11:03:41 ns1 /kernel: ipfw: 65000 Deny UDP 127.0.0.1:2301
255.255.255.255:2301 in via rl1
Apr  5 11:04:41 ns1 /kernel: ipfw: 65000 Deny UDP 127.0.0.1:2301
255.255.255.255:2301 in via rl1
Apr  5 11:06:41 ns1 last message repeated 2 times
Apr  5 11:15:46 ns1 last message repeated 9 times


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0104051123480.6295-100000>