[Shorewall-users] Unknown protocol

Tom Eastep teastep@shorewall.net
Wed, 3 Jul 2002 15:32:10 -0700 (Pacific Daylight Time)


On Tue, 2 Jul 2002, David Smead wrote:

> No.
>
> > > > Jul  2 01:12:09 wvsvr01 kernel: Shorewall:net2all:DROP:IN=ppp0 OUT=
> > > > MAC= SRC=203.39.66.210 DST=x.x.x.x LEN=136 TOS=0x00 PREC=0x00 TTL=55
> > > > ID=54590 PROTO=ESP SPI=0x66c78e16

Well, 203.39.66.210 is sending you IPSEC VPN frames.

And you must be very patient -- I would have blacklisted that IP after the
first 5 minutes...

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net