From owner-freebsd-questions Wed Nov 3 7:36:10 1999 Delivered-To: freebsd-questions@freebsd.org Received: from federation.addy.com (federation.addy.com [207.239.68.2]) by hub.freebsd.org (Postfix) with ESMTP id A90B314DBD for ; Wed, 3 Nov 1999 07:36:07 -0800 (PST) (envelope-from fbsdlist@federation.addy.com) Received: from localhost (fbsdlist@localhost) by federation.addy.com (8.8.5/8.6.12) with SMTP id KAA10656 for ; Wed, 3 Nov 1999 10:36:03 -0500 (EST) Date: Wed, 3 Nov 1999 10:36:03 -0500 (EST) From: Cliff Addy To: questions@FreeBSD.ORG Subject: help reading tcpdump output In-Reply-To: <199909241425.AA052523114@broccoli.graphics.cornell.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG We're swapping nameservice to a new machine and I ran tcpdump to watch what's still going to port 25 on the old machine. I'm seeing a lot of strange packets I don't understand, such as 10:31:26.360261 207.115.59.220.53 > 207.239.68.2.53: 16144 (30) 10:31:28.991805 209.180.245.130.53 > 207.239.68.2.53: 757 (37) 10:31:29.846414 131.15.136.2.8673 > 207.239.68.2.53: 61184 (32) 10:31:30.520673 194.22.190.5.3693 > 207.239.68.2.53: 48437 (35) 10:31:33.071580 152.163.189.173.4393 > 207.239.68.2.53: 49123 (35) 10:31:33.160418 152.163.189.107.33509 > 207.239.68.2.53: 46930 (35) 10:31:34.737555 193.40.41.2.53 > 207.239.68.2.53: 17396 (44) 10:31:34.855451 152.163.189.107.33509 > 207.239.68.2.53: 46988 (42) 10:31:41.150033 152.163.189.173.4393 > 207.239.68.2.53: 49415 (42) 10:31:41.546107 12.29.36.138.3596 > 207.239.68.2.53: 48366+ (28) 10:31:44.712519 198.6.1.2.53 > 207.239.68.2.53: 45754 (30) (DF) What is this stuff? Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message