heywo
04-11-06, 05:10 PM
I have just recently started looking at my router's logs, since it started to freeze almost regularly.
INCOMING LOG:
In the incoming log I noticed something I can't understand.
I'm not sure, why this router (Linksys wrt54GC) displays the entries it does. It doesn't seem to log the actual data being sent through, but something else. I mean...I have a couple of computers browsing the internet through it, but all the logs show are a lot of TCP connections to a certain port 8330.
Is this a normal situation ?
Date & Time Source IP Destination IP Port
2006-04-11 21:04:08 83.152.255.49 LAN(TCP,port 8330) WAN
2006-04-11 21:04:55 82.54.105.181 LAN(TCP,port 8330) WAN
2006-04-11 21:05:11 82.241.86.118 LAN(TCP,port 8330) WAN
2006-04-11 21:05:12 213.77.177.146 LAN(TCP,port 8330) WAN
2006-04-11 21:05:29 87.6.82.9 LAN(TCP,port 8330) WAN
2006-04-11 21:06:05 85.27.22.62 LAN(TCP,port 8330) WAN
2006-04-11 21:06:21 85.10.65.6 LAN(TCP,port 8330) WAN
If I read this correctly, all the entries show, that some TCP packets were received on the WAN port and directed to LAN (no specified LAN IP) on port 8330 ? Are these log entries shown because they have no destination ? If no, why arent there other entries, since I know other traffic was going through at time ? Why does the ruter send these packets to port 8330, since NO computer on LAN has a port opened at that number...I checked 3 times to make sure.
___________________________________
I also installed Kiwi Syslog, but it displays a different log...it shows some traffic with a lot of "Blocked" entries on port 35360...continously.
____________________________________
Thanks for any help on clearing this up.
INCOMING LOG:
In the incoming log I noticed something I can't understand.
I'm not sure, why this router (Linksys wrt54GC) displays the entries it does. It doesn't seem to log the actual data being sent through, but something else. I mean...I have a couple of computers browsing the internet through it, but all the logs show are a lot of TCP connections to a certain port 8330.
Is this a normal situation ?
Date & Time Source IP Destination IP Port
2006-04-11 21:04:08 83.152.255.49 LAN(TCP,port 8330) WAN
2006-04-11 21:04:55 82.54.105.181 LAN(TCP,port 8330) WAN
2006-04-11 21:05:11 82.241.86.118 LAN(TCP,port 8330) WAN
2006-04-11 21:05:12 213.77.177.146 LAN(TCP,port 8330) WAN
2006-04-11 21:05:29 87.6.82.9 LAN(TCP,port 8330) WAN
2006-04-11 21:06:05 85.27.22.62 LAN(TCP,port 8330) WAN
2006-04-11 21:06:21 85.10.65.6 LAN(TCP,port 8330) WAN
If I read this correctly, all the entries show, that some TCP packets were received on the WAN port and directed to LAN (no specified LAN IP) on port 8330 ? Are these log entries shown because they have no destination ? If no, why arent there other entries, since I know other traffic was going through at time ? Why does the ruter send these packets to port 8330, since NO computer on LAN has a port opened at that number...I checked 3 times to make sure.
___________________________________
I also installed Kiwi Syslog, but it displays a different log...it shows some traffic with a lot of "Blocked" entries on port 35360...continously.
____________________________________
Thanks for any help on clearing this up.