Very Strange Apache 2.1.8-beta related traffic

Hi
On friday I compiled and installed the httpd-2.1.8-beta on my server, and as a module for it, php-4.4.0 (though I don't think it's php-related). Anyway since then I started seeing strange traffic on my server's lo interface.
The traffic looks like this:
Oct 24 08:44:40 szift kernel: Lo INPUT(80)!:IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=24030 DF PROTO=TCP SPT=4185 DPT=80 WINDOW=16396 RES=0x00 SYN URGP=0 Oct 24 08:44:40 szift kernel: Lo INPUT(80)!:IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=24032 DF PROTO=TCP SPT=4185 DPT=80 WINDOW=8198 RES=0x00 ACK URGP=0 Oct 24 08:44:40 szift kernel: Lo INPUT(80)!:IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=118 TOS=0x00 PREC=0x00 TTL=64 ID=24034 DF PROTO=TCP SPT=4185 DPT=80 WINDOW=8198 RES=0x00 ACK PSH URGP=0 Oct 24 08:44:40 szift kernel: Lo INPUT(80)!:IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=24036 DF PROTO=TCP SPT=4185 DPT=80 WINDOW=8198 RES=0x00 ACK FIN URGP=0

Oct 24 08:44:40 szift kernel: Lo INPUT(80)!:IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=15243 DF PROTO=TCP SPT=4185 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 Oct 24 08:44:40 szift kernel: Lo INPUT(80)!:IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=15244 DF PROTO=TCP SPT=4185 DPT=80 WINDOW=0 RES=0x00 RST URGP=0

and in the apache logs:
127.0.0.1 - - [24/Oct/2005:08:44:40 +0200] "GET / HTTP/1.0" 200 13701 and
[Mon Oct 24 08:44:40 2005] [info] [client 127.0.0.1] (32)Broken pipe:
core_output_filter: writing data to the network

This is strange, as I don't run any cron-jobs or other inner apps that could access the serwer from inside, also I don't host ssh accounts, nor did I found anyone breaking, or trying to break in :\

Did anyone with similar config (apache+php) had anything like this in their logs? Is it weird/normal?
The connections appear to be totaly random, they don't form a pattern of anykind.. ussually they arrived in a group of x2, but there were as well single ones, and today I had about 30 in say 4 to 5 seconds.. My system (though I don't think this matters here) is a HLFS, with a 2.6.11.9-grsec

Another thing, though in the logs unrelated, is that for some time I started getting connections like this:
x.x.x.134 - - [24/Oct/2005:05:57:43 +0200] "CONNECT y.y.y.194:25 HTTP/1.0" 200 13706
and related
[Mon Oct 24 05:57:46 2005] [info] [client x.x.x.134] (104)Connection
reset by peer: core_output_filter: writing data to the network Just like someone would be trying to use my server as a proxy, though I never ever offered such service, and lately the CONNECT attempts have suddenly gone from low to hi :\

The last thing I wanted to say, is that I think You should update the http://httpd.apache.org/lists.html file, as it can be read:

Mailing list for HTTP server testers of release candidates ...

Subscription address:  	testers-subscribe@apache.org
Digest subscription address: 	None.
Unsubscription addresses: 	testers-unsubscribe@apache.org
Getting help with the list: 	testers-help@apache.org

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related httpd.apache.org Links announce bugs cvs dev docs gui-dev modproxy-dev packagers testers Request more information about Pantek

and as I soon found out, the address is invalid ;]

Please reply as soon as You can.

--
Best wishes
£ukasz Hejnak
szift@szift.org

---------------------------------------------------------------------
To unsubscribe, e-mail: testers-unsubscribe@httpd.apache.org
For additional commands, e-mail: testers-help@httpd.apache.org