Our BorderManager is being used only as a caching device. It resides
behind our hardware firewall. Every now and then I notice that the
firewall logs indicate that the BM ip address is trying to access
blocked ports. It almost appears that BM is port scanning. It tries to
connect to an ip address on port 2112, trying from several source ports
(in the 42800-42900 range). After several attempts it decrements the ip
address number and tries to connect again.

I'm sure this activity is something that BM is trying to do on behalf of
a workstation.

Is there a way to find out what workstation ip address made the request
to BM? Also is there a way to cancel this activity without unloading
PROXY.NLM and clearing the cache with PROXY -cc?

Steve Reich