What does this mean?
Jul 31 14:41:05 voyager kernel: gShield (default drop) IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:02:XX:XX:XX:XX:XX:XX SRC=24.54.XX.XX DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=1237 PROTO=2
I have thousands of these messages in my logs and they appear to be coming from different source addresses (MAC's are different too). The only things that is the same is the Destination address...
That address is throwing me for a loop. Why is it being logged by my system? Is that a broadcast address? Also, why are there no ports being listed? (If it is a broadcast message, that would explain it...)
Last but not least, how to I get an iptables firewall to NOT log these messages?
Thanks!
Andy
|