Thank you Brian,
It seems to be fixed now.
Marius, YO2LOJ
-----Original Message----- From: Brian Kantor Sent: Saturday, April 02, 2016 03:23 To: AMPRNet working group Subject: Re: [44net] UCSD gateway filters
(Please trim inclusions from previous messages) _______________________________________________ I guess you could call it a bug; the gateway was running with an old list of valid addresses. I've flushed and reloaded it and that traffic should now be filtered out. Please let me know if that fixed it. - Brian
On Sat, Apr 02, 2016 at 02:07:20AM +0300, Marius Petrescu wrote:
Lately I have a lot of domain response traffic from china, probably a dns amplification attack targeting the host 42.202.148.15. The used address which gets that traffic is mainly 44.182.20.27. Other hosts of this subnet also receive traffic via the ucsd tunnel (44.182.20.*, 44.182.230.*).
These addresses have no registered host name and thus should be dropped by the gateway, but this is not happening.
Anyone knows an explanation or is it a gateway bug?
Marius, YO2LOJ
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net