Date: Wed, 11 Feb 2004 11:49:38 +0300 From: Illia Baidakov <illich@newchem.ru> To: freebsd-security@freebsd.org Subject: Kernel log output meaning Message-ID: <1227359974.20040211114938@newchem.ru>
index | next in thread | raw e-mail
Hello security, This output I've received from conventional cron daily job: [...] gw.nbh.ru kernel log messages: > Limiting closed port RST response from 201 to 200 packets per second [...] where fxp0 is an external interface. What could involve such a messages? In /var/log/messages the above strings was prepended by string: Feb 10 13:24:29 gw /kernel: ipfw: limit 100 reached on entry 10800 current ipfw #10800 entry says: 10800 1204 52976 deny log logamount 100 ip from any to 172.16.0.0/12 via fxp0 /var/log/security at this time shows many strings looking like this: Feb 10 13:24:29 gw /kernel: ipfw: 10800 Deny TCP 11.22.33.44:1376 172.29.249.249:7 out via fxp0 11.22.33.44 is my fxp0 iface address. I do not think I have tried to initiate such a connections purposely. Possibly by playing whith spamassassin?.. Remember, I had failed attempt to download its source from its website somewhere at that time. (The second downloading attempt has successed.) -- Thanks in advance, Illia Baidakov.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1227359974.20040211114938>