我很难诊断为什么这些奇怪的原始以太网 II 数据包会出现在我的防火墙的 LAN 端。目标 MAC 地址似乎在增加,而源 MAC 地址似乎是随机的。可能是 IPv6?Netgear SRX5308 防火墙连接到 netgear GSM7224 交换机。在此先感谢您的帮助。
No. Time Delta Source Destination Protocol Info
120 18:19:33.611085 -0.526987 18:c5:19:e1:d8:7f 33:3a:00:00:7b:43 0x17f9 Ethernet II
133 18:19:35.984456 0.204837 ee:a9:42:09:93:19 b0:26:00:00:07:72 0x42a0 Ethernet II
139 18:19:35.984581 -0.142283 16:32:e7:db:5d:92 b0:26:00:00:07:73 0x5fcb Ethernet II
200 18:19:43.755275 0.671324 30:7c:db:b6:52:96 33:3a:00:00:7b:4f 0x7e09 Ethernet II
204 18:19:43.776927 -0.607388 89:2d:e1:70:94:13 33:3a:00:00:7b:50 0xe609 Ethernet II
207 18:19:43.127271 -1.269810 ac:00:2b:5b:bf:c2 33:3a:00:00:7b:51 0x2223 Ethernet II
210 18:19:44.421248 0.000363 f2:4e:57:63:25:c5 33:3a:00:00:7b:52 0xaf94 Ethernet II
213 18:19:42.707117 -1.737552 78:b3:db:1a:07:05 33:3a:00:00:7b:53 0x9122 Ethernet II
221 18:19:44.432864 -0.083291 bf:14:41:d2:f4:06 33:3a:00:00:7b:55 0xf2cb Ethernet II
225 18:19:44.445154 -0.106758 a1:79:17:c6:36:1e 33:3a:00:00:7b:56 0x0f91 Ethernet II
229 18:19:44.516192 -0.071335 ff:cc:0a:be:e3:78 33:3a:00:00:7b:57 0xc4be Ethernet II
234 18:19:44.539938 -0.083353 b7:b1:f7:df:87:64 33:3a:00:00:7b:58 0x886a Ethernet II
239 18:19:44.587565 -0.071385 7e:b6:dd:ec:d2:50 33:3a:00:00:7b:59 0xae7e Ethernet II
243 18:19:44.611372 -0.083332 09:4c:a3:ee:37:c0 33:3a:00:00:7b:5a 0x1db8 Ethernet II
247 18:19:44.633725 -0.096678 8a:8b:af:9a:ab:0d 33:3a:00:00:7b:5b 0x1632 Ethernet II
250 18:19:44.682779 -0.071206 ed:68:36:53:39:f7 33:3a:00:00:7b:5c 0x7792 Ethernet II
275 18:19:45.179043 -0.952591 aa:e9:11:66:3e:6b b0:26:00:00:07:75 0x64cc Ethernet II
289 18:19:46.184147 -0.126486 85:78:29:67:e4:09 b0:26:00:00:07:77 0x3801 Ethernet II
363 18:19:49.230270 -0.988196 08:3f:8d:ca:51:f3 b0:26:00:00:07:7d 0x7bd4 Ethernet II
478 18:19:54.613266 -0.001937 b1:98:8a:e9:7a:73 33:3a:00:00:7b:69 0x
答案1
如果不是因为目标 MAC 地址非常一致,我会倾向于认为这是一种疯狂的噪音——随机的以太网类型就是让我头疼的东西。追踪数据包的源端口(如果您在安静的网络上,您可能能够将其与每个端口的数据包计数器相关联;在生产网络上,您可能只需要镜像每个端口,直到找到正确的端口)并让我们知道设备是什么,也许有人会更详细地了解问题的原因。