Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 18 Sep 2007 16:38:13 +0200
From:      =?iso-8859-1?Q?M=E4chler_Philippe?= <pmaechler@glattwerk.ch>
To:        <freebsd-questions@freebsd.org>
Subject:   RE: IPFW entries in /var/log/messages
Message-ID:  <000d01c7fa01$8aac2fc0$3202a8c0@glattwerk.local>
In-Reply-To: <200709181651.06590.nvass@teledomenet.gr>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi Nikos

Thanks for your reply.

> On Tuesday 18 September 2007 16:05, M=E4chler Philippe wrote:
> > Since a few weeks/months we have the following entries in the

> > /var/log/messages logfile.
> []
> > [/var/log/messages]
> > Sep 18 10:23:03 ns2 kernel: .11:2438 out via bge0
> > Sep 18 10:31:35 ns2 kernel:
> > Sep 18 10:58:05 ns2 kernel: 80
> > Sep 18 10:58:14 ns2 kernel: <<110>ipfw: 7600 Accept UDP=20
> > 80.242.206.245:55041 80.242.192.81:53 in via bge0 Sep 18=20
> 10:58:14 ns2=20
> > kernel: 110>ipfw: 7700 Accept UDP 80.242.192.81:53=20
> 80.242.204.85:65510=20
> > out via bge0
>=20
> I can think of two things.
>=20
> 1) Is anybody playing with logger(1)?
> e.g.
> logger -t kernel "Let's play with the administrator..."
> tail /var/log/messages

I fear ist neither of the two things you mentioned

[1] /var/log/auth.log does not show an external nor an abnormal
login. And I belive that my workmates wont fool me with stuff
like this :)

> 2) Are these entries new? Are you sure that they refer
> to 2007-09? It can happen. Seeing a message from a year back.=20
> Especially on a low maintenance box.

[2] These are actual entries. In the meantime i got a few new
ones...=20
Sep 18 16:08:18 ns2 kernel: <11<110>ipfw: 7600 Accept UDP
80.242.205.104:50114 80.242.192.81:53 in via bge0
Sep 18 16:08:18 ns2 kernel: 0>ipfw: 7700 Accept UDP
80.242.192.81:53 80.242.205.104:50111 out via bge0
Sep 18 16:09:42 ns2 kernel: b
Sep 18 16:13:42 ns2 kernel:=20
Sep 18 16:23:14 ns2 kernel:=20
Sep 18 16:23:24 ns2 kernel: 8
Sep 18 16:30:49 ns2 kernel:
=20
> Nikos

Philippe

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000d01c7fa01$8aac2fc0$3202a8c0>