Thank you @mrmarkuz. The port they were trying to get in on was one we had been using for RDP to a LAN workstation. That noise dropped once we closed the router port. Great, but then to switched SRC address and DPT but it was a whole lot quieter than it was.
Have added the printk adjustment and if anyone is curious what the numbers are
```
CUR DEF MIN BTDEF
0 - emergency x x
1 - alert x x x
2 - critical x x
3 - error x x
4 - warning x x x
5 - notice x x
6 - informational V V
7 - debug
```
Thank you for the hints.