Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(ASCEND) syslogd messages from Secure Access Firewall
I'm running the PL50 router w/ the Secure Access Firewall enabled. I've been capturing the syslogd output - see a lot of icmp messages (below). Is this normal or a sign of someone trying to snoop through the firewall? Anyone have information on interpretting the syslogd messages (i.e. the meaning of: !pass (reject), 3/4/icmp, syn !pass (totcp-1), etc.)?
Thanks,
David Tsao
Feb 13 13:06:15 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:06:27 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:06:52 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:07:42 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:09:24 1998 pl50 ASCEND: wan7 tcp 38.208.251.2;113 <- 160.10.4.2;36339 58 syn !pass (totcp-1)
Feb 13 13:09:24 1998 pl50 ASCEND: wan6 3/13/icmp 38.208.251.1 -> 160.10.4.2 56 !pass (reject)
Feb 13 13:09:36 1998 pl50 ASCEND: wan6 3/13/icmp 38.208.251.1 -> 160.10.4.2 56 !pass (reject)
Feb 13 13:09:58 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 131.144.107.42 70 !pass (reject)
Feb 13 13:10:01 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 131.144.107.42 70 !pass (reject)
Feb 13 13:10:08 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 131.144.107.42 70 !pass (reject)
Feb 13 13:10:21 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 131.144.107.42 70 !pass (reject)
Feb 13 13:10:48 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 131.144.107.42 70 !pass (reject)
Feb 13 13:11:41 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 131.144.107.42 70 !pass (reject)
Feb 13 13:12:13 1998 pl50 ASCEND: wan7 tcp 38.208.251.2;113 <- 204.94.52.2;65448 58 syn !pass (totcp-1)
Feb 13 13:12:13 1998 pl50 ASCEND: wan6 3/13/icmp 38.208.251.1 -> 204.94.52.2 56 !pass (reject)
Feb 13 13:12:23 1998 pl50 ASCEND: wan6 3/13/icmp 38.208.251.1 -> 204.94.52.2 56 !pass (reject)
Feb 13 13:12:32 1998 pl50 ASCEND: wan6 3/13/icmp 38.208.251.1 -> 204.94.52.2 56 !pass (reject)
Feb 13 13:12:42 1998 pl50 ASCEND: wan6 3/13/icmp 38.208.251.1 -> 204.94.52.2 56 !pass (reject)
Feb 13 13:30:57 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 205.150.206.206 70 !pass (reject)
Feb 13 13:30:57 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 205.150.206.206 70 !pass (reject)
Feb 13 13:31:09 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 205.150.206.206 70 !pass (reject)
Feb 13 13:31:33 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 205.150.206.206 70 !pass (reject)
Feb 13 13:32:21 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 205.150.206.206 70 !pass (reject)
Feb 13 13:33:57 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 205.150.206.206 70 !pass (reject)
Feb 13 13:36:17 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:36:20 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:36:27 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:36:40 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:37:06 1998 pl50 ASCEND: wan6 3/4/icmp 38.208.251.2 <- 199.45.150.11 70 !pass (reject)
Feb 13 13:37:09 1998 pl50 ASCEND: wan7 3/4/icmp 38.208.251.2 <- 205.150.206.206 70 !pass (reject)
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>