What is this -> SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=128 ID
Hi Guys,
Firstly I apologize for not typing the correct subject since I myself dont know what would be the correct subject to put into. Anyhow, I have this output from my iptables log; Code:
SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 I would like very much to now how to shut the service down since I have checked my system and find that I dont run those services. Must have missed something. PS. I'm running Fedora 4. Thanks |
It is a broadcast message looking for some server which is serving boot by network.
Some devices may have its network card configured to get the initial boot from a server. With this you can have diskless devices, I mean, devices that doesn't have it own boot program/files. |
Thanks for answering, that kind of help.
So what are my options here. I dont want this traffic filling up my log file. Thanks |
I think you hou have two options:
1) Find the device and configure it to not boot by network. 2) Change your firewall configuration to not log broadcast packets. both are tricky...may be not easy to find the devices or the device does not have an option to not send that broadcast message. Depending your firewall front end and your skils with iptables could not be easy to change your firewall configuration either. |
Put a netfilter rule in your firewall to block this specific traffic, without logging it. That would have to go above the current rule that logs everything that is blocked.
|
Thanks for the suggestions guys.
I will of course, firstly look for the devide that broadcast it and try to shut it down. And if that fails, I will do option 2. Thanks. |
All times are GMT -5. The time now is 04:11 AM. |