[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] prob with log
Hi I recorded some strange log entries, seems like source an destination port are changed. Have the same from various servers short after somebody is intitializing a connection from the inside. I'm running vpn-1 and do nat(hide) from an privat 192.168.111.0 IP range to the outside allowing ftp, http and ssh as well as other services. I also have no trouble to connect to the servers and the services, just the log entries are confusing. here is some of the entries >13:56:43 drop firewall >eth0 proto tcp src snort dst internet_hide service 12944 s_port SSH len 40 rule 15 >14:07:00 drop firewall >eth0 proto tcp src XXX.net dst internet_hide service 12970 s_port http len 1500 rule 15 or >13:51:30 drop firewall >eth0 proto tcp src somewherein_the.uk dst internet_hide service 56467 s_port ftp len 40 rule 15 can somebody explain it to me ? I appriciate your help rob ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|