daily security run output messages

Lowell Gilbert freebsd-questions-local at be-well.ilk.org
Sun Dec 5 08:33:25 PST 2004


Kjell Midtseter <junkmail at sensewave.com> writes:

> List members!
> 
> My daily security run output contains lots of kernel log messages like the following:
> > Connection attempt to UDP 10.0.0.10:1099 from 217.13.4.21:53
> > Connection attempt to UDP 10.0.0.10:3204 from 193.75.75.193:53
> ------
> What are the significanse of these messages?
> 
> My ipf firewall contains:
> # domain name servers (dns)
> pass in quick on rl0 proto udp from 217.13.4.21/32 to any port = 53 keep state
> ------
> Should I make any changes to my firewall settings?

Looks like a NAT problem; is your 10.0.0.10 address supposed to be
visible to the ISP's DNS server?

-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
		http://be-well.ilk.org/~lowell/


More information about the freebsd-questions mailing list