I’m getting a gazillion of these probes in my firewall logs. I don’t understand what’s going on here,… These all look like bootp requests from 10.21.72.1, to 255.255.255.255.
there’s certainly no 10.x.x.x here on this network, and I don’t get the destination address… is it possible to send packets out onto the internet addressed like that?
whois doesn’t turn up anything on 10.21.72.1.
Anybody got suggestions on how I’d track this down?
Aug 16 21:13:59 kernel: DROP <4>DROPIN=eth0 OUT= MAC