"FORWARD packet died" just started appearing
someone installed something on their pc that is causing a bunch of FORWARD packet died' messages to their ip in syslog on the router pc, questioned them and they're not sure what it might be, what can i do to track down whatever it might be?
sample message follows
Jun 5 14:29:47 computer kernel: FORWARD packet died: IN=eth0 OUT=eth1 SRC=64.9.216.1 DST=xxx.xxx.x.xxx LEN=1424 TOS=0x00 PREC=0x20 TTL=113 ID=31595 PROTO=UDP SPT=5004 DPT=2212 LEN=1404
whois 64.9.216.1 says "OrgName:Online Technologies Corp." some place in Ann Arbor, MI that says they're "Leading Provider of IT Disaster Recovery and Internet Infrastructure"
i can post additional information as necessary, tia
|