Greg, The packets in question aren't bootpc looking for bootps, but rather the BootP Server telling the BootP Client what IP it should get. (bootps = 67/UDP). Most likely it is your ISP assigning IP's via dhcp to its cable modem users. It is also possible that another cable modem user has misconfigured his machine, so can't jump to any conclusions. I would open a ticket with your ISP to confirm if this is their server, and if this is so, put in an ipchains rule to stop logging this particular deny, if not, they should be able to track down the user responsible via his MAC address (which you can get by pinging his machine, and then doing an arp -a |grep <IP>). Hope this helps, -igor :: Apr 12 08:58:54 faran kernel: Packet log: eth1i DENY eth1 PROTO=17 :: 10.0.44.1:67 255.255.255.255:68 L=372 S=0x00 I=9522 F=0x0000 T=255 :: (#41) :: packets are getting dropped. The packets are UDP, and appear to be :: bootstrap protocol clients (bootpc) looking for a server (bootps). --- Igor Gashinsky, CISSP Sr. Network Engineer HotJobs.com, Ltd.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 10:01:03 PDT