On 29 May 2002 at 8:40, Florian Kessler wrote:
> from time to time one of my netbsd-machines is trying to establish a
> connection to port 6544, but blocked by the firewall. How can i
> discover the process, which is trying to connect?

You may be able to use tcpwrappers, or tcpserver to do most
of what you want.  Both are easily configured, and allow you
to run commands to authenticate, debug, or log whenever a
host attempts to connect.  It doesn't work for UDP though...

  /usr/pkgsrc/security/tcp_wrappers
  /usr/pkgsrc/net/ucspi-tcp

You could, for example,  set up tcpwrappers to get lsof output
from the other machine by using ssh when the packet arrives.

Good luck...

Richard.