Hi, I downloaded and installed the SYSLOGD update from your site. Your warning is that there was a Denial of Attack in the old SYSLOGD. Now what happens: Since then my /var/log/messages says: Jan 27 21:14:06 sparrow kernel: Packet log: input DENY eth0 PROTO=17 213.136.0.22:5151 239.192.74$ Jan 27 21:14:06 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:06 sparrow kernel: Packet log: input DENY eth0 PROTO=17 213.136.0.22:5151 239.192.74$ Jan 27 21:14:07 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:07 sparrow kernel: Packet log: input DENY eth0 PROTO=17 213.136.0.22:5151 239.192.74$ Jan 27 21:14:09 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:138 195.81.40.2$ Jan 27 21:14:10 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:10 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:10 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.65:138 195.81.40.2$ Jan 27 21:14:11 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:11 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:12 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:12 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:137 195.81.40.2$ Jan 27 21:14:14 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.61:138 195.81.40.2$ Jan 27 21:14:14 sparrow kernel: Packet log: input DENY eth0 PROTO=17 195.81.40.228:138 195.81.40.$ etc. etc. It looks like it is trying to get in all computers in the domain on port 137 and 138. How to get back the old SYSLOGD ??? Jan Koenegras, The Netherlands.
Ports 137 & 138 are netbios stuff; perhaps you have a samba server that's trying to talk to itself? (NMBD will do this periodically...)
The kernel firewalling code generates these messages when you have turned on logging for a specific firewall rule. This is unrelated to your sysklogd update.