[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

packets hitting my public NIC



Hello,
I have a sarge box with iptables completely locked up.
I have all policies set to drop and I only allow the ports
that I want.

But I'm curious as to what is happening here when I run this tcpdump command.
Can anyone help me understand whats happening here:
Thanks

# tcpdump -i eth0 -q port ! 53 and port ! 510 and ! www

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
14:10:54.689178 IP pcp08858971pcs.nstnig01.ct.comcast.net.gnutella-svc > 
hpms.sd57.bc.ca.2939: tcp 134
14:10:54.831023 IP hpms.sd57.bc.ca.2939 > 
pcp08858971pcs.nstnig01.ct.comcast.net.gnutella-svc: tcp 0
14:10:55.698672 IP p548FD390.dip.t-dialin.net.gnutella-svc > 
hpms.sd57.bc.ca.2936: tcp 499
14:10:55.834274 IP hpms.sd57.bc.ca.2936 > p548FD390.dip.t-dialin.net.gnutella-
svc: tcp 0
14:10:56.440126 IP p548FD390.dip.t-dialin.net.gnutella-svc > 
hpms.sd57.bc.ca.2936: tcp 118
14:10:56.636872 IP hpms.sd57.bc.ca.2936 > p548FD390.dip.t-dialin.net.gnutella-
svc: tcp 0
14:10:57.579087 IP p548FD390.dip.t-dialin.net.gnutella-svc > 
hpms.sd57.bc.ca.2936: tcp 59
14:10:57.740449 IP hpms.sd57.bc.ca.2936 > p548FD390.dip.t-dialin.net.gnutella-
svc: tcp 0
14:10:58.693657 IP p548FD390.dip.t-dialin.net.gnutella-svc > 
hpms.sd57.bc.ca.2936: tcp 55



Reply to: