Closed redbaron-gt closed 4 years ago
That is the IP spoof at work. Because roneo spoofs the reporter IP (original NetFlow source), the packets roneo sends to the target collectors need promiscuous mode. You can filter these messages out, depending on your syslog daemon. Here's an example for rsyslog: http://www.rsyslog.com/doc-rsyslog_conf_filter.html
My syslog is full of this:
Why software behaves like this and is there any solution?