635 0 0 hmmh-fw-e0.1011 204.240.242.2.1642 CONNECTING
then
673 0 0 hmmh-fw-e0.1011 lardavb.com.1642 CONNECTING
then
681 0 0 hmmh-fw-e0.1011 lardavb.com.1642 CONNECTING
then
682 0 0 hmmh-fw-e0.1011 lardavb.com.1642 CONNECTING
then
682 0 0 hmmh-fw-e0.1011 lardavb.com.1642 TIME WAIT
then
683 0 0 hmmh-fw-e0.1011 lardavb.com.1642 CONNECTING
and so on...
These connection attempts pop up every few seconds. I have been unable to
locate where in the IRX it was set to use these addresses. I have confirmed
that the IRX is initiating these connection attempts by hanging a packet
sniffer on the line and taking a good long breath.
Is there a way to get an ascii configuration file of the IRX?
I have found that running pmreadconf (portmaster_3.5.3) dumps some sort of
binary junk but strings of it I track down an IP number that I never set.
The IRX was once used to connect to PSI.net ( the current owners of the IP's in
question) but I have since then completely wiped the box (or so I thought) and
re-installed the ComOS 3.7R
This noise is getting to be a real pain as each attempt out returns with an
ICMP message I has set up a DENY rule but they still keep on going.:
Nov 7 20:46:40 IRX-Ether0 1 deny: icmp from 204.6.117.5 to IRX-Ether0
Nov 7 20:47:10 IRX-Ether0 1 deny: icmp from 204.6.117.5 to IRX-Ether0
Any suggestions???
-miket
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.