I know this is an old thread but I've a question about Protowall if anyone can help
since installing it i have a massive log file of mainly granted packets from a wide range of IP's using many ports on UDP and TCP protocols. I have BitDefender firewall running, and a firewall built into my Router yet none of these connections were picked up by them. Since Protowall isn't blocking them (the IP's of the connections must not be in the blocked list) I have to wonder why my firewalls don't pick them up??
Any suggestion would be appreciated - here's a small portion of a Protowall log:
2005/01/27 10:39:40 [->] non-hostile source (192.168.26.90), access granted [Protocol: UDP - src: 68 / dst: 67]
2005/01/27 10:39:41 [<-] non-hostile destination (207.46.110.12), access granted [Protocol: TCP - src: 1125 / dst: 80]
2005/01/27 10:39:41 [->] non-hostile source (192.168.25.142), access granted [Protocol: UDP - src: 138 / dst: 138]
2005/01/27 10:39:42 [->] non-hostile source (62.75.150.101), access granted [Protocol: TCP - src: 6697 / dst: 1163]
2005/01/27 10:39:42 [->] non-hostile source (192.168.25.143), access granted [Protocol: UDP - src: 138 / dst: 138]
2005/01/27 10:39:44 [->] non-hostile source (192.168.25.169), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:39:44 [->] non-hostile source (192.168.26.29), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:39:44 [->] non-hostile source (192.168.25.108), access granted [Protocol: UDP - src: 138 / dst: 138]
2005/01/27 10:39:45 [->] non-hostile source (192.168.27.61), access granted [Protocol: UDP - src: 138 / dst: 138]
2005/01/27 10:39:46 [->] non-hostile source (192.168.25.107), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:39:49 [<-] non-hostile destination (207.46.110.19), access granted [Protocol: TCP - src: 1352 / dst: 80]
2005/01/27 10:39:50 [->] non-hostile source (192.168.25.153), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:39:50 [->] non-hostile source (192.168.25.177), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:39:50 [->] non-hostile source (192.168.26.158), access granted [Protocol: UDP - src: 138 / dst: 138]
2005/01/27 10:39:50 [->] non-hostile source (192.168.25.119), access granted [Protocol: UDP - src: 68 / dst: 67]
2005/01/27 10:39:53 [->] non-hostile source (192.168.25.168), access granted [Protocol: UDP - src: 138 / dst: 138]
2005/01/27 10:39:55 [<-] non-hostile destination (82.165.31.190), access granted [Protocol: TCP - src: 1353 / dst: 9933]
2005/01/27 10:39:56 [<-] non-hostile destination (66.75.81.8), access granted [Protocol: TCP - src: 1354 / dst: 55301]
2005/01/27 10:39:56 [<-] non-hostile destination (24.121.81.200), access granted [Protocol: TCP - src: 1355 / dst: 6890]
2005/01/27 10:39:57 [->] non-hostile source (192.168.25.163), access granted [Protocol: UDP - src: 138 / dst: 138]
2005/01/27 10:39:57 [<-] non-hostile destination (200.104.29.53), access granted [Protocol: TCP - src: 1356 / dst: 11920]
2005/01/27 10:39:57 [<-] non-hostile destination (61.177.56.254), access granted [Protocol: UDP - src: 8334 / dst: 8080]
2005/01/27 10:39:57 [<-] non-hostile destination (212.204.133.150), access granted [Protocol: TCP - src: 1357 / dst: 17400]
2005/01/27 10:39:58 [<-] non-hostile destination (217.120.240.86), access granted [Protocol: TCP - src: 1358 / dst: 6884]
2005/01/27 10:39:58 [<-] non-hostile destination (217.43.63.46), access granted [Protocol: TCP - src: 1359 / dst: 49999]
2005/01/27 10:39:58 [->] non-hostile source (192.168.25.184), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:39:58 [<-] non-hostile destination (82.38.98.185), access granted [Protocol: TCP - src: 1360 / dst: 55555]
2005/01/27 10:39:59 [<-] non-hostile destination (213.67.222.75), access granted [Protocol: TCP - src: 1361 / dst: 49152]
2005/01/27 10:39:59 [<-] non-hostile destination (24.3.234.53), access granted [Protocol: TCP - src: 1362 / dst: 59992]
2005/01/27 10:39:59 [<-] non-hostile destination (193.77.124.28), access granted [Protocol: TCP - src: 1363 / dst: 1001]
2005/01/27 10:40:00 [->] non-hostile source (192.168.27.179), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:40:00 [<-] non-hostile destination (82.102.59.136), access granted [Protocol: TCP - src: 1364 / dst: 23812]
2005/01/27 10:40:00 [->] non-hostile source (192.168.24.230), access granted [Protocol: UDP - src: 137 / dst: 137]
2005/01/27 10:40:00 [<-] non-hostile destination (82.41.192.117), access granted [Protocol: TCP - src: 1365 / dst: 8729]
2005/01/27 10:40:00 [<-] non-hostile destination (64.53.9.127), access granted [Protocol: TCP - src: 1366 / dst: 49152]
as you can see that log covers just 20 seconds - 20 seconds with that many connects!! What the...!?!?