Hi, Chris. (btw, nice name ;D ) I've a client that uses a Netopia 4622-XL router/firewall, and it's configured to send ruleset violations to a syslog server. My guess is that your "server" is probably running the up2date daemon and that it's this daemon that is performing the DNS queries. Either that or maybe you have some other daemon running??? Cheers! - Christopher -----Original Message----- From: Chris W. Parker [mailto:cparker@xxxxxxxxxxxx] Sent: Tuesday, December 02, 2003 3:58 PM To: redhat-list@xxxxxxxxxx Subject: someone help interpret log messages please Hello, At the bottom of this message I've pasted verbatim some lines from a log on one of my servers. Currently this server is not doing anything and is not setup to do anything. I used it to test out our new DSL connection here at work to make sure I could configure the router properly. I have our router (a Netopia DSL router/modem) sending it's logs via syslog to the linux server. The linux server is currently the only thing plugged into that network. This may be totally normal but it just seems like a waste. I want to decide whether or not I should continue to have the router send it's log data to this server. My point for turning on the syslog function on the router was to hopefully gauge the bandwidth being used by the entire network once it goes online, but so far it doesn't look promising. I know that a lot of these messages are regarding DNS, but since nothing should be happening on the server (afaik there is no activity on the server, it's just sitting there plugged in) why are the messages being repeated 100's of times? Does DNS traffic always occur that much? Thanks for your help. Chris. Dec 02 12:47:57 192.168.1.1 dslrouter 2003 protocol:TCP srcIP: 66.15.70.32 dstIP: 66.15.5.176 srcPort: 3645 dstPort: 135 attempt Dec 02 12:47:57 192.168.1.1 dslrouter 2003 protocol:UDP srcIP: 192.168.1.2 dstIP: 4.2.2.1 srcPort:46599 dstPort: 53 attempt Dec 02 12:48:00 192.168.1.1 last message repeated 78 times Dec 02 12:48:06 192.168.1.1 dslrouter 2003 protocol:UDP srcIP: 192.168.1.2 dstIP: 4.2.2.1 srcPort:46600 dstPort: 53 attempt Dec 02 12:48:10 192.168.1.1 last message repeated 124 times Dec 02 12:48:15 192.168.1.1 dslrouter 2003 protocol:UDP srcIP: 192.168.1.2 dstIP: 4.2.2.1 srcPort:46601 dstPort: 53 attempt Dec 02 12:48:29 192.168.1.1 last message repeated 432 times Dec 02 12:48:34 192.168.1.1 dslrouter 2003 protocol:UDP srcIP: 192.168.1.2 dstIP: 4.2.2.1 srcPort:46602 dstPort: 53 attempt Dec 02 12:48:47 192.168.1.1 last message repeated 187 times Dec 02 12:48:47 192.168.1.1 dslrouter 2003 protocol:TCP srcIP: 192.168.1.2 dstIP: 64.215.248.238 srcPort: 22 dstPort:53394 attempt Dec 02 12:48:47 192.168.1.1 dslrouter 2003 protocol:UDP srcIP: 192.168.1.2 dstIP: 4.2.2.1 srcPort:46602 dstPort: 53 attempt -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
