Once a minute, at 8 seconds past the minute, gateway 77.138.34.39 sends an encapped UDP packet to the amprgw router that has a zero inner source address and an all-ones inner destination address. The payload length is 94 bytes and the source and destination ports are both 5678.
The periodicity suggests that it's some process that runs every minute (out of crontab?) and takes about 8 seconds to complete.
There is a list of things port 5678 may be used for at http://www.speedguide.net/port.php?port=5678 This may be Mikrotik Neighbor Discovery protocol.
Here's a log record of one such packet:
Apr 27 17:02:08 <local0.info> amprgw ipipd[22702]: ISRC0: len 122, os 77.138.34.39, od 169.228.66.251, is 0.0.0.0, id 255.255.255.255, ttl 64, proto 17
And here's a tcpdump of one:
17:06:08.419945 IP (tos 0x0, ttl 242, id 36314, offset 0, flags [none], proto IPIP (4), length 142) 77.138.34.39 > 169.228.66.251: IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 122) 0.0.0.0.5678 > 255.255.255.255.5678: UDP, length 94
The portal record shows that this gateway belongs to Ronen Pinchuk [4Z4ZQ]. Ronen, when you have a few spare minutes, could you look at your gateway and see if you can stop this from happening? - Brian
...in the archive's past, I was referring to this tunnel sending packets I had to block, or saw firewall hits (after looking at netflow I had on tunl0 for IPENCAP). I did not want to cause alarm by identifying the operator (and I noted, at the time I was not collecting netflow on IPENCAP packets that arrived at my WAN, I did see some pcap). I'm not sure if the IP is dynamic, but the callsign for the AMPR-OP is the same.
I do not recall if I communicated (due to the nature of the packets)...
Many packets were double encapsulated, and had various valid sources and destination IPs.
73,
- KB3VWG
That is the Mirkotik discovery protocol indeed. I struggled with this too at first until I found that you can enable/disable it on select interfaces. By default it sends and listens on all interfaces. I'll post a small tutorial on where to find and disable it per interface when I arrive at work (unless someone beats me to it) I also firewalled in&outbound that on all but my internal interfaces just to be extra certain. I would recomend everyone doing so too unless you need it for some reason on an external interface. Like with Cisco's CDP or Juniper's LLDP, you normally don't need it on external interfaces.
Ruben - ON3RVH
On 28 Apr 2017, at 02:23, Brian Kantor Brian@UCSD.Edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ Once a minute, at 8 seconds past the minute, gateway 77.138.34.39 sends an encapped UDP packet to the amprgw router that has a zero inner source address and an all-ones inner destination address. The payload length is 94 bytes and the source and destination ports are both 5678.
The periodicity suggests that it's some process that runs every minute (out of crontab?) and takes about 8 seconds to complete.
There is a list of things port 5678 may be used for at http://www.speedguide.net/port.php?port=5678 This may be Mikrotik Neighbor Discovery protocol.
Here's a log record of one such packet:
Apr 27 17:02:08 <local0.info> amprgw ipipd[22702]: ISRC0: len 122, os 77.138.34.39, od 169.228.66.251, is 0.0.0.0, id 255.255.255.255, ttl 64, proto 17
And here's a tcpdump of one:
17:06:08.419945 IP (tos 0x0, ttl 242, id 36314, offset 0, flags [none], proto IPIP (4), length 142) 77.138.34.39 > 169.228.66.251: IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 122) 0.0.0.0.5678 > 255.255.255.255.5678: UDP, length 94
The portal record shows that this gateway belongs to Ronen Pinchuk [4Z4ZQ]. Ronen, when you have a few spare minutes, could you look at your gateway and see if you can stop this from happening?
- Brian
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
There is really no reason to have this running on the ampr-gw tunnel interface.
I will add it to the setup instruction of the MT routers.
Tnx Brian and Ronen for pointing it out.
@Brian: Wouldn't it be wise to drop any broadcasts at the ampr gateway level (packets with destination 255.255.255.255 and 44.255.255.255)?
Marius, YO2LOJ
On 2017-04-28 07:32, Ruben ON3RVH wrote:
(Please trim inclusions from previous messages) _______________________________________________ That is the Mirkotik discovery protocol indeed. I struggled with this too at first until I found that you can enable/disable it on select interfaces. By default it sends and listens on all interfaces. I'll post a small tutorial on where to find and disable it per interface when I arrive at work (unless someone beats me to it) I also firewalled in&outbound that on all but my internal interfaces just to be extra certain. I would recomend everyone doing so too unless you need it for some reason on an external interface. Like with Cisco's CDP or Juniper's LLDP, you normally don't need it on external interfaces.
Ruben - ON3RVH
On 28 Apr 2017, at 02:23, Brian Kantor Brian@UCSD.Edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ Once a minute, at 8 seconds past the minute, gateway 77.138.34.39 sends an encapped UDP packet to the amprgw router that has a zero inner source address and an all-ones inner destination address. The payload length is 94 bytes and the source and destination ports are both 5678.
The periodicity suggests that it's some process that runs every minute (out of crontab?) and takes about 8 seconds to complete.
There is a list of things port 5678 may be used for at http://www.speedguide.net/port.php?port=5678 This may be Mikrotik Neighbor Discovery protocol.
Here's a log record of one such packet:
Apr 27 17:02:08 <local0.info> amprgw ipipd[22702]: ISRC0: len 122, os 77.138.34.39, od 169.228.66.251, is 0.0.0.0, id 255.255.255.255, ttl 64, proto 17
And here's a tcpdump of one:
17:06:08.419945 IP (tos 0x0, ttl 242, id 36314, offset 0, flags [none], proto IPIP (4), length 142) 77.138.34.39 > 169.228.66.251: IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 122) 0.0.0.0.5678 > 255.255.255.255.5678: UDP, length 94
The portal record shows that this gateway belongs to Ronen Pinchuk [4Z4ZQ]. Ronen, when you have a few spare minutes, could you look at your gateway and see if you can stop this from happening? - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
We do. In fact, we're dropping so many of them that I turned off logging for them. - Brian
On Fri, Apr 28, 2017 at 08:34:39AM +0300, Marius Petrescu wrote:
@Brian: Wouldn't it be wise to drop any broadcasts at the ampr gateway level (packets with destination 255.255.255.255 and 44.255.255.255)? Marius, YO2LOJ
Marius,
There is, indeed, no reason to run this on the ampr-gw. It is however, unfortunately, default to run it on all interfaces.
73,
Ruben - ON3RVH
-----Original Message----- From: 44Net [mailto:44net-bounces+on3rvh=on3rvh.be@hamradio.ucsd.edu] On Behalf Of Marius Petrescu Sent: vrijdag 28 april 2017 7:35 To: AMPRNet working group 44net@hamradio.ucsd.edu Subject: Re: [44net] Gateway 77.138.34.39
(Please trim inclusions from previous messages) _______________________________________________ There is really no reason to have this running on the ampr-gw tunnel interface.
I will add it to the setup instruction of the MT routers.
Tnx Brian and Ronen for pointing it out.
@Brian: Wouldn't it be wise to drop any broadcasts at the ampr gateway level (packets with destination 255.255.255.255 and 44.255.255.255)?
Marius, YO2LOJ
On 2017-04-28 07:32, Ruben ON3RVH wrote:
(Please trim inclusions from previous messages) _______________________________________________ That is the Mirkotik discovery protocol indeed. I struggled with this too at first until I found that you can enable/disable it on select interfaces. By default it sends and listens on all interfaces. I'll post a small tutorial on where to find and disable it per interface when I arrive at work (unless someone beats me to it) I also firewalled in&outbound that on all but my internal interfaces just to be extra certain. I would recomend everyone doing so too unless you need it for some reason on an external interface. Like with Cisco's CDP or Juniper's LLDP, you normally don't need it on external interfaces.
Ruben - ON3RVH
On 28 Apr 2017, at 02:23, Brian Kantor Brian@UCSD.Edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ Once a minute, at 8 seconds past the minute, gateway 77.138.34.39 sends an encapped UDP packet to the amprgw router that has a zero inner source address and an all-ones inner destination address. The payload length is 94 bytes and the source and destination ports are both 5678.
The periodicity suggests that it's some process that runs every minute (out of crontab?) and takes about 8 seconds to complete.
There is a list of things port 5678 may be used for at http://www.speedguide.net/port.php?port=5678 This may be Mikrotik Neighbor Discovery protocol.
Here's a log record of one such packet:
Apr 27 17:02:08 <local0.info> amprgw ipipd[22702]: ISRC0: len 122, os 77.138.34.39, od 169.228.66.251, is 0.0.0.0, id 255.255.255.255, ttl 64, proto 17
And here's a tcpdump of one:
17:06:08.419945 IP (tos 0x0, ttl 242, id 36314, offset 0, flags [none], proto IPIP (4), length 142) 77.138.34.39 > 169.228.66.251: IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 122) 0.0.0.0.5678 > 255.255.255.255.5678: UDP, length 94
The portal record shows that this gateway belongs to Ronen Pinchuk [4Z4ZQ]. Ronen, when you have a few spare minutes, could you look at your gateway and see if you can stop this from happening? - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
I see that im again on the "news"
I saw this from the logs of Brian few days ago for the first time
Indeed I have a MikroTik router that handle my AMPR network but i couldn't guess what is it or how to stop it
in the beginning i thought it is an answer to a kind of probing (and i have many of them )
If someone can tell me what i need to do to stop it i will be thankful
if needed i may provide password to the web interface telnet ssh ot winbox interface
Regards
Ronen - 4Z4ZQ
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
________________________________ From: 44Net 44net-bounces+ronenp=hotmail.com@hamradio.ucsd.edu on behalf of Ruben ON3RVH on3rvh@on3rvh.be Sent: Thursday, April 27, 2017 11:11 PM To: AMPRNet working group Subject: Re: [44net] Gateway 77.138.34.39
(Please trim inclusions from previous messages) _______________________________________________ Marius,
There is, indeed, no reason to run this on the ampr-gw. It is however, unfortunately, default to run it on all interfaces.
73,
Ruben - ON3RVH
-----Original Message----- From: 44Net [mailto:44net-bounces+on3rvh=on3rvh.be@hamradio.ucsd.edu] On Behalf Of Marius Petrescu Sent: vrijdag 28 april 2017 7:35 To: AMPRNet working group 44net@hamradio.ucsd.edu Subject: Re: [44net] Gateway 77.138.34.39
(Please trim inclusions from previous messages) _______________________________________________ There is really no reason to have this running on the ampr-gw tunnel interface.
I will add it to the setup instruction of the MT routers.
Tnx Brian and Ronen for pointing it out.
@Brian: Wouldn't it be wise to drop any broadcasts at the ampr gateway level (packets with destination 255.255.255.255 and 44.255.255.255)?
Marius, YO2LOJ
On 2017-04-28 07:32, Ruben ON3RVH wrote:
(Please trim inclusions from previous messages) _______________________________________________ That is the Mirkotik discovery protocol indeed. I struggled with this too at first until I found that you can enable/disable it on select interfaces. By default it sends and listens on all interfaces. I'll post a small tutorial on where to find and disable it per interface when I arrive at work (unless someone beats me to it) I also firewalled in&outbound that on all but my internal interfaces just to be extra certain. I would recomend everyone doing so too unless you need it for some reason on an external interface. Like with Cisco's CDP or Juniper's LLDP, you normally don't need it on external interfaces.
Ruben - ON3RVH
On 28 Apr 2017, at 02:23, Brian Kantor Brian@UCSD.Edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ Once a minute, at 8 seconds past the minute, gateway 77.138.34.39 sends an encapped UDP packet to the amprgw router that has a zero inner source address and an all-ones inner destination address. The payload length is 94 bytes and the source and destination ports are both 5678.
The periodicity suggests that it's some process that runs every minute (out of crontab?) and takes about 8 seconds to complete.
There is a list of things port 5678 may be used for at http://www.speedguide.net/port.php?port=5678 This may be Mikrotik Neighbor Discovery protocol.
Here's a log record of one such packet:
Apr 27 17:02:08 <local0.info> amprgw ipipd[22702]: ISRC0: len 122, os 77.138.34.39, od 169.228.66.251, is 0.0.0.0, id 255.255.255.255, ttl 64, proto 17
And here's a tcpdump of one:
17:06:08.419945 IP (tos 0x0, ttl 242, id 36314, offset 0, flags [none], proto IPIP (4), length 142) 77.138.34.39 > 169.228.66.251: IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 122) 0.0.0.0.5678 > 255.255.255.255.5678: UDP, length 94
The portal record shows that this gateway belongs to Ronen Pinchuk [4Z4ZQ]. Ronen, when you have a few spare minutes, could you look at your gateway and see if you can stop this from happening? - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
Hey Ronen,
This link might help you: https://aacable.wordpress.com/2011/12/09/mikrotik-howto-block-winbox-discove...
if it does not help/work , contact me offlist and I can assist you further
73,
Ruben - ON3RVH
-----Original Message----- From: 44Net [mailto:44net-bounces+on3rvh=on3rvh.be@hamradio.ucsd.edu] On Behalf Of R P Sent: vrijdag 28 april 2017 8:50 To: AMPRNet working group 44net@hamradio.ucsd.edu Subject: Re: [44net] Gateway 77.138.34.39
(Please trim inclusions from previous messages) _______________________________________________ I see that im again on the "news"
I saw this from the logs of Brian few days ago for the first time
Indeed I have a MikroTik router that handle my AMPR network but i couldn't guess what is it or how to stop it
in the beginning i thought it is an answer to a kind of probing (and i have many of them )
If someone can tell me what i need to do to stop it i will be thankful
if needed i may provide password to the web interface telnet ssh ot winbox interface
Regards
Ronen - 4Z4ZQ
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
________________________________ From: 44Net 44net-bounces+ronenp=hotmail.com@hamradio.ucsd.edu on behalf of Ruben ON3RVH on3rvh@on3rvh.be Sent: Thursday, April 27, 2017 11:11 PM To: AMPRNet working group Subject: Re: [44net] Gateway 77.138.34.39
(Please trim inclusions from previous messages) _______________________________________________ Marius,
There is, indeed, no reason to run this on the ampr-gw. It is however, unfortunately, default to run it on all interfaces.
73,
Ruben - ON3RVH
-----Original Message----- From: 44Net [mailto:44net-bounces+on3rvh=on3rvh.be@hamradio.ucsd.edu] On Behalf Of Marius Petrescu Sent: vrijdag 28 april 2017 7:35 To: AMPRNet working group 44net@hamradio.ucsd.edu Subject: Re: [44net] Gateway 77.138.34.39
(Please trim inclusions from previous messages) _______________________________________________ There is really no reason to have this running on the ampr-gw tunnel interface.
I will add it to the setup instruction of the MT routers.
Tnx Brian and Ronen for pointing it out.
@Brian: Wouldn't it be wise to drop any broadcasts at the ampr gateway level (packets with destination 255.255.255.255 and 44.255.255.255)?
Marius, YO2LOJ
On 2017-04-28 07:32, Ruben ON3RVH wrote:
(Please trim inclusions from previous messages) _______________________________________________ That is the Mirkotik discovery protocol indeed. I struggled with this too at first until I found that you can enable/disable it on select interfaces. By default it sends and listens on all interfaces. I'll post a small tutorial on where to find and disable it per interface when I arrive at work (unless someone beats me to it) I also firewalled in&outbound that on all but my internal interfaces just to be extra certain. I would recomend everyone doing so too unless you need it for some reason on an external interface. Like with Cisco's CDP or Juniper's LLDP, you normally don't need it on external interfaces.
Ruben - ON3RVH
On 28 Apr 2017, at 02:23, Brian Kantor Brian@UCSD.Edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ Once a minute, at 8 seconds past the minute, gateway 77.138.34.39 sends an encapped UDP packet to the amprgw router that has a zero inner source address and an all-ones inner destination address. The payload length is 94 bytes and the source and destination ports are both 5678.
The periodicity suggests that it's some process that runs every minute (out of crontab?) and takes about 8 seconds to complete.
There is a list of things port 5678 may be used for at http://www.speedguide.net/port.php?port=5678 This may be Mikrotik Neighbor Discovery protocol.
Here's a log record of one such packet:
Apr 27 17:02:08 <local0.info> amprgw ipipd[22702]: ISRC0: len 122, os 77.138.34.39, od 169.228.66.251, is 0.0.0.0, id 255.255.255.255, ttl 64, proto 17
And here's a tcpdump of one:
17:06:08.419945 IP (tos 0x0, ttl 242, id 36314, offset 0, flags [none], proto IPIP (4), length 142) 77.138.34.39 > 169.228.66.251: IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 122) 0.0.0.0.5678 > 255.255.255.255.5678: UDP, length 94
The portal record shows that this gateway belongs to Ronen Pinchuk [4Z4ZQ]. Ronen, when you have a few spare minutes, could you look at your gateway and see if you can stop this from happening? - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
In Winbox go to IP->Neighbors, select the Discovery Interfaces tab and disable the ucsd-gw interface using the 'X' on top.
Marius, YO2LOJ
(Please trim inclusions from previous messages) _______________________________________________ I see that im again on the "news"
I saw this from the logs of Brian few days ago for the first time
Indeed I have a MikroTik router that handle my AMPR network but i couldn't guess what is it or how to stop it
in the beginning i thought it is an answer to a kind of probing (and i have many of them )
If someone can tell me what i need to do to stop it i will be thankful
if needed i may provide password to the web interface telnet ssh ot winbox interface
Regards
Ronen - 4Z4ZQ
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
Marius (and others)
Thank U
I couldn't think of finding it ....
Brian may you be kind and check if this stooped ?
and this lead me to a issue i have wrote here before and it is leak of information
We have here peoples from the first line of technology and networking
but not all who build gateway is an expert
I worked 20 years ago in the largest ISP In Israel dealt with (mainly) Cisco routers and configuration of them was in the edge of the technology but is retired from the networking 20 years ago and nowadays to me making a policy routing on a router (even in my MikroTik) is almost mission impossible ...
In Israel currently there are only 4 gateways which the most Active is my one
Most of the local hams dont know (dont have the knowledge) how to gain access the amprnet the info in the wiki is far from being K(eep) I(t) S(imple) S(tupid) for fellows that dont understand in networking and sometimes even in Scripts ..
I have updated the two paragraphs in the wiki of setting gateways with CISCO and With MikroTik with the knowledge i have but there are other issues that need update
I call you please or make an understandable (KISS) document on how to setup a gateway for Idiots ...
Or update the wiki paragraphs of the various gateways there in order that everyone will have all the info to set up a gateway ...
If the info about the mikrotik protocol was documented anywhere in the wiki this thread would not be exist ...
Im willing to help in all way i can
one more thing i see peoples dont like to help by access other systems even when they get the password i dont know if it is from legality reasons or other but think of it that to solve e problem by remote connection of an expert is much more quicker then by trying to give directions for person to do something locally ..
73's
Ronen - 4Z4ZQ
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
________________________________ From: 44Net 44net-bounces+ronenp=hotmail.com@hamradio.ucsd.edu on behalf of marius@yo2loj.ro marius@yo2loj.ro Sent: Friday, April 28, 2017 12:31 AM To: AMPRNet working group Subject: Re: [44net] Gateway 77.138.34.39
(Please trim inclusions from previous messages) _______________________________________________ In Winbox go to IP->Neighbors, select the Discovery Interfaces tab and disable the ucsd-gw interface using the 'X' on top.
Marius, YO2LOJ
(Please trim inclusions from previous messages) _______________________________________________ I see that im again on the "news"
I saw this from the logs of Brian few days ago for the first time
Indeed I have a MikroTik router that handle my AMPR network but i couldn't guess what is it or how to stop it
in the beginning i thought it is an answer to a kind of probing (and i have many of them )
If someone can tell me what i need to do to stop it i will be thankful
if needed i may provide password to the web interface telnet ssh ot winbox interface
Regards
Ronen - 4Z4ZQ
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
www.ronen.orghttp://www.ronen.org
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com
_________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
On Fri, Apr 28, 2017 at 08:17:23AM +0000, R P wrote:
Brian may you be kind and check if this stooped ?
Yes, it looks like you have it fixed; the last such packet was about 5 hours ago. Thank you.
one more thing i see peoples dont like to help by access other systems even when they get the password i dont know if it is from legality reasons or other but think of it that to solve e problem by remote connection of an expert is much more quicker then by trying to give directions for person to do something locally ..
Well, we're generally not in a big hurry on problems like this so quicker is valuable but not all-important. I personally would rather take the time to have the person having the gateway problem learn what the problem is and how to fix it in the hope that he will then be able to help others, just as Marius did for you. - Brian
-
Brian Kantor -
lleachii@aol.com -
Marius Petrescu -
marius@yo2loj.ro
-
R P -
Ruben ON3RVH