I have been watching data in the "live log" via packet filter and have seen an abundance of traffic that is NOT being sent via the syslog port 512.
What could cause this?
68.202.7.178:1399→10.244.124.143:402
97.101.188.45:33397→10.244.124.143:402
24.93.52.70:12166→10.249.5.117:2427
24.175.105.109:1820→10.244.124.143:402
76.187.79.238:1820→10.244.124.143:402
70.127.254.250:1214→10.244.124.143:402
71.43.80.168:4007→10.244.114.199:2967
76.186.161.76:1793→10.244.124.143:402
Port 402? Genie Protocol? TCP "syn"?
None of this traffic is being sent via syslog, why?
Is this cmts to modem traffic?
Is it current firewall developer policy to not log all cmts/modem traffic if that is what this traffic is? If so, what other traffic is not being logged?
Anyone?
This thread was automatically locked due to age.