tcp and udp are transport layer protocols. If someone is sending raw IP
packets that aren't using a particular transport protocol, maybe they could
get through (?)
--Adam
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Could be other protocols such as IPX, SPX, NetBEUI and AppleTalk.
Henry R. Linneweh
- -----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2
iQA/AwUBNm3+seBkoZ0XTT12EQLDpQCg8YS/niBpz/0rW19iMMvKpKVUJC8AoIdL
0kLjVqfbSSxRLeNy2j4qubXY
=FmgT
- -----END PGP SIGNATURE-----
"Adam D. McKenna" wrote:
Depending on how your upstream is set up, it could be OSPF, for example.
To see a what it is you're capturing, set up logging to a syslog host,
and add "log" to the end of the drop line
deny ip any 20.0.0.0 0.255.255.255 log
and you'll see the protocol number reported in the logging output. To
see a list of the port numbers, you can look at any IANA mirror. The
document you want is located at
http://www.amaranthnetworks.com/ietf/iana/assignments/protocol-numbers
on my mirror.
There are presently assignments from zero to 119. There are lots of
possibilities. OSPF is one that sometimes wanders over lines from
upstream providers to downstream sites, for example.
Dan