Netgate SG-1000 microFirewall

Author Topic: Strange packets logs to my pfsense.. on a net i dont have?!?  (Read 1920 times)

0 Members and 1 Guest are viewing this topic.

Offline duck7207

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Strange packets logs to my pfsense.. on a net i dont have?!?
« on: February 07, 2006, 06:52:12 am »
I have 1 local net configured and thats is:
192.168.0.1 pf sense, local net.
192.168.0.210 main computer, has port 21 forwarded to only.
192.168.0.254 my test web / and my test mail server not shared outside the internal network

the xl0 is my wan network card i know that much but the rest is confusing.
And now i have found some strange packets in my firewall log:
2006-02-07 13:28:34   Local0.Info   192.168.0.1 Feb  7 13:28:42 pf: 1. 728786 rule 46/0(match): block in on xl0: (tos 0x0, ttl  50, id 64313, offset 0, flags [none], proto: ICMP (1), length: 97) 217.8.154.197 > 83.227.180.253: ICMP host 192.168.1.112 unreachable, length 77

2006-02-07 13:28:34   Local0.Info   192.168.0.1 Feb  7 13:28:42 pf: <009>(tos 0x0, ttl  48, id 37254, offset 0, flags [none], proto: UDP (17), length: 69) 83.227.180.253 > 192.168.1.112: [|udp]

2006-02-07 13:29:48   Local0.Info   192.168.0.1 Feb  7 13:29:56 pf: 6. 244058 rule 46/0(match): block in on xl0: (tos 0x0, ttl  43, id 14982, offset 0, flags [none], proto: ICMP (1), length: 118) 24.34.131.147 > 83.227.180.253: ICMP host 192.168.100.103 unreachable, length 98

2006-02-07 13:29:48   Local0.Info   192.168.0.1 Feb  7 13:29:56 pf: <009>(tos 0x20, ttl  43, id 44883, offset 0, flags [none], proto: UDP (17), length: 90) 83.227.180.253 > 192.168.100.103: [|udp]

2006-02-07 13:32:03   Local0.Info   192.168.0.1 Feb  7 13:32:11 pf: 1. 213978 rule 46/0(match): block in on xl0: (tos 0x0, ttl  46, id 13752, offset 0, flags [none], proto: ICMP (1), length: 118) 70.26.174.47 > 83.227.180.253: ICMP host 192.168.1.111 unreachable, length 98

2006-02-07 13:32:03   Local0.Info   192.168.0.1 Feb  7 13:32:11 pf: <009>(tos 0x0, ttl  46, id 50964, offset 0, flags [none], proto: UDP (17), length: 90) 83.227.180.253 > 192.168.1.111: [|udp]


i havent any net on 192.168.1.x or 192.168.100.x and i havent configured those net on my pf iether.
What can i do to get rid of these ? And how come they are linked to a network i dont have ?
They repet them self from differents ip adresses to differnes internal ip adresses every 1-5 mins.

btw im running: 1.0-BETA1-TESTING-SNAPSHOT-2-5-06

Offline sullrich

  • Hero Member
  • *****
  • Posts: 5110
  • Karma: +7/-2348
    • View Profile
    • pfSense
Re: Strange packets logs to my pfsense.. on a net i dont have?!?
« Reply #1 on: February 07, 2006, 09:59:53 am »
pfSense is doing its job.  Call your ISP and ask them why you are seeing someone elses traffic.

Offline duck7207

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Strange packets logs to my pfsense.. on a net i dont have?!?
« Reply #2 on: February 07, 2006, 11:21:00 am »
Ooh forgot to mention. 83.227.180.253 is my wan (static) ip adress.