Hi,
since short time I see following access:
| Uhrzeit | Verknüpfung | Iface | Proto | Quelle | Quellport | Ziel | Zielport |
|---|---|---|---|---|---|---|---|
| 15:27:35 | DROP_FORWARD | green0 | ICMP | 10.10.13.1 | 77.88.8.8 |
Can someone explain to me what’s going on? Is one off my system (only LINUX) corrupt? Can’t see any Ports!
Need any help for better understanding .
checkpoint
Hi,
welcome (again?) to the IPFire community. 
That’s because the protocol is ICMP, and there are no ports in ICMP.
I don’t think so, but without knowing what this system is supposed to do, and further information on your usual network traffic, that’s hard to tell for sure.
77.88.8.8 hosts a nameserver operated by Yandex. Giving it a quick look, I was unable to spot anything malicious on this IP address.
Also, I really don’t think treating IP space located in Russia as malicious per se provides any security benefit. Dropping traffic from and to hostile networks (“hostile” because of their reputation, not the country they are located in) would be a more precise approach in my opinion.
Thanks, and best regards,
Peter Müller
cant’t see any port - me too ???
Hi,
did you actually bother to read what I wrote above?!
Thanks, and best regards,
Peter Müller
Sorry, you are right