APF Question and General Question

I recently enabled egress filtering in APF, but now in logwatch i always see dropped packets to specific ports like from the report below:


Dropped 38 packets on interface eth0
From my IP - 38 packets
To 12.38.215.2 - 18 packets
Service: 24227 (tcp/24227) (** OUT_TCP DROP **,none,eth0) - 4 packets
Service: 24234 (tcp/24234) (** OUT_TCP DROP **,none,eth0) - 3 packets
Service: 24239 (tcp/24239) (** OUT_TCP DROP **,none,eth0) - 4 packets
Service: 24243 (tcp/24243) (** OUT_TCP DROP **,none,eth0) - 4 packets
Service: 24253 (tcp/24253) (** OUT_TCP DROP **,none,eth0) - 3 packets
To 24.128.55.78 - 1 packet
Service: 1147 (tcp/1147) (** OUT_TCP DROP **,none,eth0) - 1 packet
To 24.128.122.210 - 1 packet
Service: 51637 (tcp/51637) (** OUT_TCP DROP **,none,eth0) - 1 packet
To 68.125.82.35 - 1 packet
Service: 4462 (tcp/4462) (** OUT_TCP DROP **,none,eth0) - 1 packet
To 202.75.160.174 - 13 packets
Service: 42228 (tcp/42228) (** OUT_TCP DROP **,none,eth0) - 13 packets
To 212.138.47.12 - 4 packets
Service: 61276 (tcp/61276) (** OUT_TCP DROP **,none,eth0) - 4 packets


Why is my server using those ports to send out information, and does it mean that traffic performance is being degrading because some of it is being blocked from reaching the client?


- Also from time to time, i receive this in logwatch and was wondering is theres anything i should do about it.. or its nothing to worry about:

--------------------- SSHD Begin ------------------------


Didn't receive an ident from these IPs:
dime.dizinc.com (66.195.124.221): 2 Time(s)
---------------------- SSHD End -------------------------


Thank you in advance for your replies.

 

 

 

 

Top