[ previous ] [ next ] [ threads ]
 
 From:  Sven Brill <madde at gmx dot net>
 To:  MykSto <myksto at libero dot it>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Port UDP 1574
 Date:  Mon, 22 Jan 2007 09:10:23 -0500
MykSto wrote:
> I'd like to post a part of my m0n0wall firewall log hoping someone can 
> help me finding the reason why I have my log full of the same data and 
> I don't know why.
> I searched google to find something about 1574 udp port but found 
> nothing except the fact it's mn-mlevel port.
> What does it mean? What is the mn-mlevel port? I guess it can be 
> concerned with my p2p programm because the source port is, most often 
> than not, the same: 4672.
> Those data is blocked by the firewall but I'd really like to know what 
> kind of data that is.
>
Since a lot of the requests come from hosts on the WAN with source port 
4672/udp, it is very likely that someone on your LAN has configured a 
p2p client, probably eMule/eDonkey with local port 1574. What you are 
seeing is the WAN hosts trying to send traffic back to that host, which, 
of course, fails. try a netstat -a on all your LAN hosts to see which 
one is listening on port 1574. If oyu simply don't want to see the 
messages, turn off logging for the default rule. :)

Sven