Odd tcp error in syslog
-
I have my syslog for pfsense routed to papertrailapp and I keep getting a notification on this error and was wondering if anyone can help me decipher it:
Mar 26 19:15:42 173.239.240.71 filterlog: 5,,,1000000103,em0,match,block,in,4,0x0,,238,3891,0,DF,6,tcp,40,5.149.244.237,65.25.203.12,51727,8291,-4,S,errormsg='[bad hdr length 24 - too long, > 20]',
-
Could be something to do with this:
https://forum.mikrotik.com/viewtopic.php?t=132368
Telnet to 5.149.244.237 gives a Mikrotik RouterOS login prompt.
Might also be related to vt44's thread
-
[2.4.2-RELEASE][admin@pfSense.geek.local]/root: pfctl -vvsr | grep -A3 1000000103
@5(1000000103) block drop in log inet all label "Default deny rule IPv4"
[ Evaluations: 666223 Packets: 6750 Bytes: 588103 States: 0 ]
[ Inserted: pid 15505 State Creations: 0 ]
@6(1000000104) block drop out log inet all label "Default deny rule IPv4"