classic.ISPforum.cz

Fórum československých telekomunikací
https://classic.ispforum.cz/

drop v logu neviem co to znamena

https://classic.ispforum.cz/viewtopic.php?f=5&t=11047

Stránka 1 z 1

drop v logu neviem co to znamena

Napsal: 08 Jan 2013 08:18
od BLACK_ANGEL1
Jan/08/2013 07:48:26 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 59.1.13.253:2459->xxx.xxx.xxx.xxx:6881, len 48
Jan/08/2013 07:48:26 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 59.1.13.253:2459->xxx.xxx.xxx.xxx:6881, len 48
Jan/08/2013 07:48:27 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 211.204.115.18:61775->xxx.xxx.xxx.xxx:6881, len 52
Jan/08/2013 07:48:29 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 211.204.115.18:61775->xxx.xxx.xxx.xxx:6881, len 52
Jan/08/2013 07:48:30 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 211.204.115.18:61775->xxx.xxx.xxx.xxx:6881, len 48
Jan/08/2013 07:48:31 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 112.170.247.213:1747->xxx.xxx.xxx.xxx:6881, len 48
Jan/08/2013 07:48:32 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 112.170.247.213:1747->xxx.xxx.xxx.xxx:6881, len 48
Jan/08/2013 07:48:33 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 1.212.233.234:49997->xxx.xxx.xxx.xxx:6881, len 52
Jan/08/2013 07:48:33 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 112.170.247.213:1747->xxx.xxx.xxx.xxx:6881, len 48
Jan/08/2013 07:48:33 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 1.212.233.234:49997->xxx.xxx.xxx.xxx:6881, len 52
Jan/08/2013 07:48:34 firewall,info firewall: DROP input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (SYN), 1.212.233.234:49997->xxx.xxx.xxx.xxx:6881, len 48


neviem co to znamena co je to za mac adresu ale asi nieje z mojej siete
moze mi to niekto objasnit ?

Re: drop v logu neviem co to znamena

Napsal: 08 Jan 2013 08:26
od losos
mas zapnute v IP-Firewall nejake pravidlo, s action LOG ktore ti zapisuje do logu co urobilo nejake DROP pravidlo hned pod nim.
podla logu to je drop asi bruteforce utoku na tvoj wan

Re: drop v logu neviem co to znamena

Napsal: 08 Jan 2013 08:32
od BLACK_ANGEL1
no to ze to zapisuje pravidlo v firewalle tak to je jasne len som nechapal ze co to je a teraz som sa pozel ze ssh_blacklist mam tiez pekny zoznam ip adries

vo firewalle mam este lgo na invalid connection co s invalid connection ?

Re: drop v logu neviem co to znamena

Napsal: 08 Jan 2013 08:40
od losos
dat zlavu na pripojenie do internetu

Re: drop v logu neviem co to znamena

Napsal: 08 Jan 2013 08:43
od BLACK_ANGEL1
ja niesom ISP

Re: drop v logu neviem co to znamena

Napsal: 08 Jan 2013 09:31
od BLACK_ANGEL1
a co napr toto

Jan/08/2013 09:22:32 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51382->98.139.225.42:80, len 40
Jan/08/2013 09:22:32 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51383->98.139.225.42:80, len 40
Jan/08/2013 09:22:36 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 64:31:50:1e:32:1f, proto TCP (ACK,RST), 10.10.11.103:50332->23.14.92.184:80, len 40
Jan/08/2013 09:22:36 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 64:31:50:1e:32:1f, proto TCP (ACK,RST), 10.10.11.103:50088->69.171.246.17:80, len 40
Jan/08/2013 09:22:36 firewall,info firewall: INVALID input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (ACK,RST), 31.13.64.7:80->213.81.132.154:50345, len 40
Jan/08/2013 09:22:36 firewall,info firewall: INVALID input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (ACK,RST), 31.13.64.7:80->213.81.132.154:50313, len 40
Jan/08/2013 09:22:37 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51382->98.139.225.42:80, len 40
Jan/08/2013 09:22:38 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51383->98.139.225.42:80, len 40
Jan/08/2013 09:22:38 firewall,info firewall: INVALID input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (ACK,RST), 31.13.64.7:80->213.81.132.154:50314, len 40
Jan/08/2013 09:22:40 firewall,info firewall: INVALID input: in:WAN1 out:(none), src-mac 00:1e:4a:8c:ca:73, proto TCP (ACK,RST), 31.13.64.7:80->213.81.132.154:50344, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51372->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51369->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51370->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51371->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51373->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51368->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51368->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51371->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51370->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51369->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51373->62.168.93.50:80, len 40
Jan/08/2013 09:22:42 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51372->62.168.93.50:80, len 40
Jan/08/2013 09:22:43 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 00:1c:25:07:bb:f4, proto TCP (ACK,FIN), 10.10.11.43:2155->213.81.185.34:80, len 40
Jan/08/2013 09:22:43 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51370->62.168.93.50:80, len 40
Jan/08/2013 09:22:43 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51371->62.168.93.50:80, len 40
Jan/08/2013 09:22:43 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51368->62.168.93.50:80, len 40
Jan/08/2013 09:22:43 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51369->62.168.93.50:80, len 40
Jan/08/2013 09:22:43 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51372->62.168.93.50:80, len 40
Jan/08/2013 09:22:43 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51373->62.168.93.50:80, len 40
Jan/08/2013 09:22:44 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51371->62.168.93.50:80, len 40
Jan/08/2013 09:22:44 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51368->62.168.93.50:80, len 40
Jan/08/2013 09:22:44 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51369->62.168.93.50:80, len 40
Jan/08/2013 09:22:44 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51370->62.168.93.50:80, len 40
Jan/08/2013 09:22:44 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51372->62.168.93.50:80, len 40
Jan/08/2013 09:22:44 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51373->62.168.93.50:80, len 40
Jan/08/2013 09:22:47 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51369->62.168.93.50:80, len 40
Jan/08/2013 09:22:47 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51373->62.168.93.50:80, len 40
Jan/08/2013 09:22:47 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51371->62.168.93.50:80, len 40
Jan/08/2013 09:22:47 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51370->62.168.93.50:80, len 40
Jan/08/2013 09:22:47 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51368->62.168.93.50:80, len 40
Jan/08/2013 09:22:47 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,FIN), 10.10.11.161:51372->62.168.93.50:80, len 40
Jan/08/2013 09:22:47 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,RST), 10.10.11.161:51382->98.139.225.42:80, len 40
Jan/08/2013 09:22:48 firewall,info firewall: INVALID forward: in:LANbridge out:WAN1, src-mac 2c:27:d7:0c:c1:79, proto TCP (ACK,RST), 10.10.11.161:51383->98.139.225.42:80, len 40
Všechny časy jsou v UTC+02:00
Stránka 1 z 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/