On Thu, Jul 13, 2000 at 05:49:43PM +0200, L. Besselink wrote: > > on accounting rule is: > > ipchains -A output -d 193.101.57.0/24 -p udp -j ACCEPT > > > > "ipchains -L -v" tells me that there is a lot of traffic. > > (15M/day!)
That's not wholly surprising. It's not an accounting rule, though - how do you know what the packets are if you don't log them? > > But "netstat -u" tells me that there is no connection That's hardly surprising, as UDP is a connectionless protocol... > Do you have any broadcasts going around ? a lot of them are also UDP, a good > example is windows networking (also known as SMB). The larger the network > the more broadcasts you'll see, the more MB's it will generate per day. I'm > not sure what the frequenty is, but it be something like 1 small packet per > 60 seconds per machine. Possibly - although I'm not convinced that once per minute is all that well configured a machine, myself. The OP might find ipchains -l and `iptraf' useful for a further break-down of what port/services are most involved, I think. ~Tim -- | Geek Code: GCS dpu s-:+ a-- C++++ UBLUAVHSC++++ P+++ L++ E--- W+++(--) N++ | w--- O- M-- V-- PS PGP++ t--- X+(-) b D+ G e++(*) h++(*) r--- y- | So shine on, harvest moon, | http://piglet.is.dreaming.org/ | Cast your might on the ripening corn | [EMAIL PROTECTED]
