Page 1 of 1

firewall error logs

Posted: Thu Jul 28, 2011 9:02 pm
by kkymdell
Hello,

My router seems to be getting more than the 'normal' amount of external traffic lately (it has a visual indicator when it is passing WAN traffic, and lately I have seen it active almost all the time). I have powered down all the computers on the internal LAN and have examined the firewall event logs in the router when there should not be any outgoing traffic. The log contains (mostly) the following type of entries, repeating every 1-2 seconds:

Jul 28 20:53:11 firewall:info: 177402.320 Blocked Prot=1/8/0, 220.233.64.28 > 220.233.64.27 -Port Filter Defense
Jul 28 20:53:12 firewall:info: 177403.322 Blocked Prot=1/8/0, 220.233.64.28 > 220.233.64.27 -Port Filter Defense
Jul 28 20:53:15 firewall:info: 177406.821 Blocked Prot=1/8/0, 220.233.64.28 > 220.233.64.27 -Port Filter Defense
Jul 28 20:53:16 firewall:info: 177407.822 Blocked Prot=1/8/0, 220.233.64.28 > 220.233.64.27 -Port Filter Defense

The router is a Billion BiPAC 7404VNPX router configured for PPPOE. My WAN address is 220.233.64.27 so I am assuming that 220.233.64.28 is the opposite end of the PPP connection?

Is this to be expected? I do not remember seeing this before so to me, it is something new. I am not sure what protocol "1/8/0" is, perhaps, from the iana registry, icmp / egp /hopopt. Is something in the exetel network 'pinging' my router all the time?

Thanks.