Šifrovací nástroj VeraCrypt v menším vydání 1.26.7 nejen opravuje chyby a aktualizuje podporované algoritmy (podrobnosti v poznámkách vydání), ale také přestává podporovat původní svazky TrueCrypt.
V sobotu 7. října proběhne Maker Faire Liberec, festival plný workshopů, interaktivních činností a především nadšených a zvídavých lidí.
Mastodon vydal výroční zprávu za rok 2022 (pdf).
Ubuntu Summit 2023 proběhne od 3. do 5. listopadu v Rize.
Programovací jazyk Python byl vydán v nové major verzi 3.12.0. Podrobný přehled novinek v Changelogu.
Linux ve Scratchi. Ne Linux v linuxové distribuci Linux From Scratch, ale Linux bežící v emulátoru procesoru RISC-V ve vizuálním programovacím jazyce Scratch.
Dnes ve 12 hodin začal další ročník CTF (Capture the Flag) soutěže The Catch: "Tentokrát nás kolegové z Forenzní laboratoře zavedou na loď plnou sofistikovaných síťových technologiích, kde soutěžící budou muset zvládnout náročné úkoly. Loď nese jméno našeho skvělého kolegy Josefa Vericha – síťového guru. Tradičně se soutěž koná v říjnu – měsíci kybernetické bezpečnosti."
Konference LinuxDays 2023 proběhne již tento víkend 7. a 8. října v prostorách Fakulty informačních technologií Českého vysokého učení v Praze (FIT ČVUT). Na programu je spousta zajímavých přednášek a workshopů.
Netflix v pátek 29. září odeslal poslední film na DVD (YouTube). Společnost dnes známá jako streamovací služba začala před 25 lety jako půjčovna filmů na DVD. Zákazník si DVD objednal na webových stránkách, odesláno mu ale bylo klasickou poštou. Po zhlédnutí jej vložil do obálky a poslal zpět.
Zero Day Initiative zveřejnila informace o 6 bezpečnostních chybách (1, 2, 3, 4, 5, 6) v MTA Exim. Nejvážnější z nich CVE-2023-42115 má CVSS 9.8. Na opravě chyb se pracuje.
#!/bin/bash
IPT="/usr/sbin/iptables"
IFC="/sbin/ifconfig"
G="/bin/grep"
SED="/bin/sed"
AWK="/usr/bin/awk"
ECHO="/bin/echo"
# External interface
EXTIF="eth1"
EXTIP="192.168.3.2"
EXTBC="255.255.255.255"
EXTMSK="255.255.255.0"
EXTNET="192.168.3.2/$EXTMSK"
# Wifi siet
WIFI="eth0"
WIFINET="192.168.1.0"
WIFIIP="192.168.1.254"
WIFIMASK="255.255.255.0"
WIFINETMASK="$WIFINET/$WIFIMASK"
WIFIENABLE="yes"
# Loop device/localhost
LPDIF="lo"
LPDIP="127.0.0.1"
LPDMSK="255.0.0.0"
LPDNET="$LPDIP/$LPDMSK"
# services ENABLED from wifi network openvpn sa povoluje iba v cykle pre tap iface
WIFI_SERVICE_TCP=(http domain ssh 67 10000 pop3 1194);
WIFI_SERVICE_UDP=(http domain ssh 67 1194);
# services ENABLED from external network
EXTERNAL_SERVICE_TCP=(ssh http domain 445 139 2049 111 831 761 946 1629 1194);
EXTERNAL_SERVICE_UDP=(ssh http domain 445 139 2049 111 831 761 946 1629 1194);
# services ENABLED from localhost
TCPSERV=(smtp http ftp ftps ftp-data ftps-data https mysql imap imaps pop3 pop3s domain ssh 445 139 2049 111 831 761 946 1629 1194)
UDPSERV=(smtp http ftp ftps ftp-data ftps-data https mysql imap imaps pop3 pop3s domain ssh 445 139 2049 111 831 761 946 1629 1194)
start() {
trap "" 2 3
echo "Setting default policy:"
$IPT -P INPUT DROP;
$IPT -P OUTPUT ACCEPT;
$IPT -P FORWARD DROP;
CHAINS=`cat /proc/net/ip_tables_names 2>/dev/null`
for i in $CHAINS
do
$IPT -t $i -F
done
for i in $CHAINS
do
$IPT -t $i -X
done
echo " INPUT -> DROP";
echo " OUTPUT -> ACCEPT";
echo "FORWARD -> DROP";
echo 1 > /proc/sys/net/ipv4/ip_forward
# DROP invalid packets
$IPT -A INPUT -i $EXTIF -m state --state INVALID -j DROP
# Block IP with bad destination
$IPT -A INPUT -i $EXTIF -d ! $EXTIP -j DROP
# allow localhost (local connections)
$IPT -A INPUT -i tap0 -j ACCEPT
$IPT -A INPUT -i $LPDIF -s $LPDIP -j ACCEPT
$IPT -A INPUT -i $LPDIF -s $EXTIP -j ACCEPT
# MASQUERADING internal network, if requested
echo "MASQuerading outgoing connections"
$IPT -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
# input
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# forward
$IPT -A FORWARD -p TCP -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPT -A FORWARD -p UDP -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPT -A FORWARD -i tap0 -o eth1 -j ACCEPT
## INPUT Z VONKU TCP
############################################################################
echo -n "FW: ACCEPTing external TCP services... ";
let a=0;
for port in ${EXTERNAL_SERVICE_TCP[@]} ; do
$IPT -A INPUT -p tcp -d $EXTIP -i $EXTIF --dport $port -j ACCEPT ;
let a=$a+1;
done;
echo "($a)";
## INPUT Z VONKU UDP
############################################################################
echo -n "FW: ACCEPTing external UDP services... ";
let a=0;
for port in ${EXTERNAL_SERVICE_UDP[@]} ; do
$IPT -A INPUT -p udp -d $EXTIP -i $EXTIF --dport $port -j ACCEPT ;
let a=$a+1;
done;
echo "($a)";
## INPUT Z WIFI TCP
############################################################################
echo -n "FW: ACCEPTing wifi TCP services... ";
let a=0;
for port in ${WIFI_SERVICE_TCP[@]} ; do
$IPT -A INPUT -i $WIFI -p tcp --dport $port -j ACCEPT ;
let a=$a+1;
done;
echo "($a)";
## INPUT Z WIFI UDP
############################################################################
echo -n "FW: ACCEPTing wifi UDP services... ";
let a=0;
for port in ${WIFI_SERVICE_UDP[@]} ; do
$IPT -A INPUT -i $WIFI -p udp --dport $port -j ACCEPT ;
let a=$a+1;
done;
echo "($a)";
echo "Firewall rules applied!"
trap - 2 3
}
stop() {
trap "" 2 3
echo "Stopping $prog: "
CHAINS=`cat /proc/net/ip_tables_names 2>/dev/null`
for i in $CHAINS
do
$IPT -t $i -F
done
for i in $CHAINS
do
$IPT -t $i -X
done
echo "Setting default policies to ACCEPT"
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
trap - 2 3
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $?
Strilim od boku, ale tipnul bych si, ze ta vpn by potrebovala jeste prohnat natem. Jake v ni mas adresy? Mozna to tam nekde mas, ale ja to nenasel. Jestli ve vpn mas jiny rozsah adres, (coz asi ano), tak k nemu jsem v tom skriptu nic nenasel, takze fw potom sice akceptuje vse, co prislo z tap0
, ale ty pakety se pak asi routuji na vychozi branu a ne na mistni rozhrani.
No, tak jsem se tu ted pred zkusenejsima asi pekne ztrapnil, ze jo , tak ty moje blaboly prosim nekdo uvedte na pravou miru
Diky
> iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT
> iptables -t nat -A POSTROUTING -s 10.0.1.0/255.255.255.0 -o tap0 -j MASQUERADE
> iptables -t nat -A POSTROUTING -s 10.0.1.0/255.255.255.0 -o eth0 -j MASQUERADE
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> iptables -A FORWARD -i tap0 -j ACCEPT
> iptables -A INPUT -i tap0 -j ACCEPT
> iptables -A FORWARD -i eth0 -o tap0 -j ACCEPT
$IPT -A INPUT -i tap0 -j ACCEPT
by melo povolit vsechno z VPN, nehlede na ostatni pravidla. Jesli ti ostatni sluzby skrz VPN chodej, neni mozne ze je ssh omezeno akorat na nejake rozhrani? Pokud mas dobre routovani, zadnej NAT na VPN nepotrebujes, a pokud jde o pristup na SSH serveru, pravidla pro forward se na tebe nevztahuji.ip a
, ip r
a iptables -L INPUT
.
> ip a
1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:10:b5:df:87:1a brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth0
3: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 08:00:09:a9:2e:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.3.2/24 brd 192.168.3.255 scope global eth1
4: tap0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:ff:ae:4d:75:92 brd ff:ff:ff:ff:ff:ff
inet 10.0.1.100/24 brd 10.0.1.255 scope global tap0
> ip r
192.168.3.0/24 dev eth1 proto kernel scope link src 192.168.3.2
10.0.1.0/24 dev tap0 proto kernel scope link src 10.0.1.100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.254
127.0.0.0/8 dev lo scope link
default via 192.168.3.1 dev eth1
default via 192.168.1.1 dev eth0 metric 1
> iptables -L INPUT
Chain INPUT (policy DROP)
target prot opt source destination
acct_int all -- anywhere anywhere
acct_ext all -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
DROP all -- anywhere !192.168.3.2
ACCEPT all -- anywhere anywhere
ACCEPT all -- localhost anywhere
ACCEPT all -- 192.168.3.2 anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:ssh
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:http
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:domain
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:microsoft-ds
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:netbios-ssn
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:nfsd
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:sunrpc
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:831
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:kpasswd
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:946
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:1629
ACCEPT tcp -- anywhere 192.168.3.2 tcp dpt:1194
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:ssh
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:http
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:domain
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:microsoft-ds
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:netbios-ssn
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:nfsd
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:sunrpc
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:831
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:rxe
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:946
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:1629
ACCEPT udp -- anywhere 192.168.3.2 udp dpt:1194
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:10000
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:1194
ACCEPT udp -- anywhere anywhere udp dpt:http
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT udp -- anywhere anywhere udp dpt:1194
ACCEPT all -- anywhere anywhere
> netstat -nta | grep LIST
tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN
tcp 0 0 10.0.1.100:53 0.0.0.0:* LISTEN
tcp 0 0 192.168.3.2:53 0.0.0.0:* LISTEN
tcp 0 0 192.168.1.254:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
> iptables -nvL acct_int
Chain acct_int (4 references)
pkts bytes target prot opt in out source destination
2237 157K tcp -- * * 192.168.1.100 0.0.0.0/0
2279 332K tcp -- * * 0.0.0.0/0 192.168.1.100
14343 949K udp -- * * 192.168.1.100 0.0.0.0/0
434 119K udp -- * * 0.0.0.0/0 192.168.1.100
96 9120 icmp -- * * 192.168.1.100 0.0.0.0/0
60 4704 icmp -- * * 0.0.0.0/0 192.168.1.100
16676 1115K all -- * * 192.168.1.100 0.0.0.0/0
2773 456K all -- * * 0.0.0.0/0 192.168.1.100
2177 152K tcp -- * * 192.168.1.101 0.0.0.0/0
2218 328K tcp -- * * 0.0.0.0/0 192.168.1.101
55196 3555K udp -- * * 192.168.1.101 0.0.0.0/0
434 119K udp -- * * 0.0.0.0/0 192.168.1.101
96 9120 icmp -- * * 192.168.1.101 0.0.0.0/0
360 21504 icmp -- * * 0.0.0.0/0 192.168.1.101
57469 3717K all -- * * 192.168.1.101 0.0.0.0/0
3012 468K all -- * * 0.0.0.0/0 192.168.1.101
0 0 tcp -- * * 192.168.1.102 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.102
0 0 udp -- * * 192.168.1.102 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.102
0 0 icmp -- * * 192.168.1.102 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.102
0 0 all -- * * 192.168.1.102 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.102
0 0 tcp -- * * 192.168.1.103 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.103
0 0 udp -- * * 192.168.1.103 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.103
0 0 icmp -- * * 192.168.1.103 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.103
0 0 all -- * * 192.168.1.103 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.103
2186 153K tcp -- * * 192.168.1.104 0.0.0.0/0
2222 328K tcp -- * * 0.0.0.0/0 192.168.1.104
78248 5139K udp -- * * 192.168.1.104 0.0.0.0/0
434 119K udp -- * * 0.0.0.0/0 192.168.1.104
96 9120 icmp -- * * 192.168.1.104 0.0.0.0/0
163 10472 icmp -- * * 0.0.0.0/0 192.168.1.104
80530 5301K all -- * * 192.168.1.104 0.0.0.0/0
2819 458K all -- * * 0.0.0.0/0 192.168.1.104
0 0 tcp -- * * 192.168.1.117 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.117
0 0 udp -- * * 192.168.1.117 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.117
0 0 icmp -- * * 192.168.1.117 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.117
0 0 all -- * * 192.168.1.117 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.117
15034 2226K tcp -- * * 192.168.1.118 0.0.0.0/0
23042 27M tcp -- * * 0.0.0.0/0 192.168.1.118
814 84836 udp -- * * 192.168.1.118 0.0.0.0/0
385 90917 udp -- * * 0.0.0.0/0 192.168.1.118
2 168 icmp -- * * 192.168.1.118 0.0.0.0/0
63 6506 icmp -- * * 0.0.0.0/0 192.168.1.118
15850 2311K all -- * * 192.168.1.118 0.0.0.0/0
23490 28M all -- * * 0.0.0.0/0 192.168.1.118
0 0 tcp -- * * 192.168.1.119 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.119
0 0 udp -- * * 192.168.1.119 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.119
0 0 icmp -- * * 192.168.1.119 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.119
0 0 all -- * * 192.168.1.119 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.119
0 0 tcp -- * * 192.168.1.120 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.120
0 0 udp -- * * 192.168.1.120 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.120
0 0 icmp -- * * 192.168.1.120 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.120
0 0 all -- * * 192.168.1.120 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.120
0 0 tcp -- * * 192.168.1.121 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.121
0 0 udp -- * * 192.168.1.121 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.121
0 0 icmp -- * * 192.168.1.121 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.121
0 0 all -- * * 192.168.1.121 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.121
0 0 tcp -- * * 192.168.1.122 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.122
0 0 udp -- * * 192.168.1.122 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.122
0 0 icmp -- * * 192.168.1.122 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.122
0 0 all -- * * 192.168.1.122 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.122
87226 10M tcp -- * * 192.168.1.123 0.0.0.0/0
109K 101M tcp -- * * 0.0.0.0/0 192.168.1.123
1278 151K udp -- * * 192.168.1.123 0.0.0.0/0
726 279K udp -- * * 0.0.0.0/0 192.168.1.123
21 1708 icmp -- * * 192.168.1.123 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.123
88525 11M all -- * * 192.168.1.123 0.0.0.0/0
110K 101M all -- * * 0.0.0.0/0 192.168.1.123
0 0 tcp -- * * 192.168.1.124 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.124
0 0 udp -- * * 192.168.1.124 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.124
0 0 icmp -- * * 192.168.1.124 0.0.0.0/0
48 4032 icmp -- * * 0.0.0.0/0 192.168.1.124
0 0 all -- * * 192.168.1.124 0.0.0.0/0
48 4032 all -- * * 0.0.0.0/0 192.168.1.124
> iptables -nvL acct_ext
Chain acct_ext (4 references)
pkts bytes target prot opt in out source destination
> iptables -nvL
Chain INPUT (policy DROP 17098 packets, 1602K bytes)
pkts bytes target prot opt in out source destination
24672 2070K acct_int all -- eth0 * 0.0.0.0/0 0.0.0.0/0
46374 4396K acct_ext all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 0.0.0.0/0 state INVALID
2755 77140 DROP all -- eth1 * 0.0.0.0/0 !192.168.3.2
3908 823K ACCEPT all -- tap0 * 0.0.0.0/0 0.0.0.0/0
22651 1742K ACCEPT all -- lo * 127.0.0.1 0.0.0.0/0
0 0 ACCEPT all -- lo * 192.168.3.2 0.0.0.0/0
51610 9430K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
12 672 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:22
141 8156 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:80
1 48 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:53
1816 124K ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:445
362 16248 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:139
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:2049
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:111
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:831
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:761
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:946
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:1629
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 192.168.3.2 tcp dpt:1194
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:22
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:80
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:53
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:445
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:139
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:2049
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:111
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:831
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:761
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:946
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:1629
3 126 ACCEPT udp -- eth1 * 0.0.0.0/0 192.168.3.2 udp dpt:1194
81 3888 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
1 52 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1194
0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:80
2982 180K ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:22
0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
0 0 ACCEPT all -- tap0 * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 69285 packets, 4551K bytes)
pkts bytes target prot opt in out source destination
300K 299M acct_int all -- * eth0 0.0.0.0/0 0.0.0.0/0
495K 43M acct_int all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 acct_ext all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 acct_ext all -- lo * 0.0.0.0/0 0.0.0.0/0
509K 326M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
4000 513K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
188 11245 ACCEPT all -- tap0 eth1 0.0.0.0/0 0.0.0.0/0
776 46560 ACCEPT tcp -- eth0 eth1 192.168.1.100 0.0.0.0/0 multiport dports 80
0 0 ACCEPT udp -- eth0 eth1 192.168.1.100 0.0.0.0/0 multiport dports 80
775 46500 ACCEPT tcp -- eth0 eth1 192.168.1.101 0.0.0.0/0 multiport dports 80
0 0 ACCEPT udp -- eth0 eth1 192.168.1.101 0.0.0.0/0 multiport dports 80
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.102 0.0.0.0/0 multiport dports 80
0 0 ACCEPT udp -- eth0 eth1 192.168.1.102 0.0.0.0/0 multiport dports 80
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.103 0.0.0.0/0 multiport dports 80
0 0 ACCEPT udp -- eth0 eth1 192.168.1.103 0.0.0.0/0 multiport dports 80
770 46200 ACCEPT tcp -- eth0 eth1 192.168.1.104 0.0.0.0/0 multiport dports 80
0 0 ACCEPT udp -- eth0 eth1 192.168.1.104 0.0.0.0/0 multiport dports 80
210K 14M ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- eth0 tap0 0.0.0.0/0 0.0.0.0/0
59 3588 ACCEPT all -- tap0 eth0 0.0.0.0/0 0.0.0.0/0
7 588 ACCEPT all -- eth1 tap0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.118 0.0.0.0/0 multiport dports 80,443,5190,22,110,995,143,993,25,465,1194,139
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.118 0.0.0.0/0 multiport dports 6669,21,20,990,989,873,5060,1194
0 0 ACCEPT udp -- eth0 eth1 192.168.1.118 0.0.0.0/0 multiport dports 80,443,5190,22,110,995,143,993,25,465,1194,139
0 0 ACCEPT udp -- eth0 eth1 192.168.1.118 0.0.0.0/0 multiport dports 6669,21,20,990,989,873,5060,1194
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.118 0.0.0.0/0 multiport dports 5222,5223
0 0 ACCEPT udp -- eth0 eth1 192.168.1.118 0.0.0.0/0 multiport dports 5222,5223
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.123 0.0.0.0/0 multiport dports 80,443,5190,22,110,995,143,993,25,465,1194,139
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.123 0.0.0.0/0 multiport dports 6669,21,20,990,989,873,5060,1194
0 0 ACCEPT udp -- eth0 eth1 192.168.1.123 0.0.0.0/0 multiport dports 80,443,5190,22,110,995,143,993,25,465,1194,139
0 0 ACCEPT udp -- eth0 eth1 192.168.1.123 0.0.0.0/0 multiport dports 6669,21,20,990,989,873,5060,1194
0 0 ACCEPT tcp -- eth0 eth1 192.168.1.123 0.0.0.0/0 multiport dports 5222,5223
0 0 ACCEPT udp -- eth0 eth1 192.168.1.123 0.0.0.0/0 multiport dports 5222,5223
Chain OUTPUT (policy ACCEPT 111K packets, 20M bytes)
pkts bytes target prot opt in out source destination
35162 4740K acct_int all -- * eth0 0.0.0.0/0 0.0.0.0/0
46374 4396K acct_ext all -- * lo 0.0.0.0/0 0.0.0.0/0
Chain acct_ext (4 references)
pkts bytes target prot opt in out source destination
Chain acct_int (4 references)
pkts bytes target prot opt in out source destination
4448 311K tcp -- * * 192.168.1.100 0.0.0.0/0
4524 663K tcp -- * * 0.0.0.0/0 192.168.1.100
74635 4925K udp -- * * 192.168.1.100 0.0.0.0/0
864 327K udp -- * * 0.0.0.0/0 192.168.1.100
191 18134 icmp -- * * 192.168.1.100 0.0.0.0/0
207 14280 icmp -- * * 0.0.0.0/0 192.168.1.100
79274 5254K all -- * * 192.168.1.100 0.0.0.0/0
5595 1004K all -- * * 0.0.0.0/0 192.168.1.100
4345 304K tcp -- * * 192.168.1.101 0.0.0.0/0
4421 655K tcp -- * * 0.0.0.0/0 192.168.1.101
63342 4079K udp -- * * 192.168.1.101 0.0.0.0/0
864 327K udp -- * * 0.0.0.0/0 192.168.1.101
192 18240 icmp -- * * 192.168.1.101 0.0.0.0/0
444 27552 icmp -- * * 0.0.0.0/0 192.168.1.101
67879 4401K all -- * * 192.168.1.101 0.0.0.0/0
5729 1009K all -- * * 0.0.0.0/0 192.168.1.101
0 0 tcp -- * * 192.168.1.102 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.102
0 0 udp -- * * 192.168.1.102 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.102
0 0 icmp -- * * 192.168.1.102 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.102
0 0 all -- * * 192.168.1.102 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.102
0 0 tcp -- * * 192.168.1.103 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.103
0 0 udp -- * * 192.168.1.103 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.103
0 0 icmp -- * * 192.168.1.103 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.103
0 0 all -- * * 192.168.1.103 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.103
4341 304K tcp -- * * 192.168.1.104 0.0.0.0/0
4422 655K tcp -- * * 0.0.0.0/0 192.168.1.104
131K 8595K udp -- * * 192.168.1.104 0.0.0.0/0
864 327K udp -- * * 0.0.0.0/0 192.168.1.104
192 18240 icmp -- * * 192.168.1.104 0.0.0.0/0
450 27888 icmp -- * * 0.0.0.0/0 192.168.1.104
135K 8917K all -- * * 192.168.1.104 0.0.0.0/0
5736 1010K all -- * * 0.0.0.0/0 192.168.1.104
0 0 tcp -- * * 192.168.1.117 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.117
0 0 udp -- * * 192.168.1.117 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.117
0 0 icmp -- * * 192.168.1.117 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.117
0 0 all -- * * 192.168.1.117 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.117
25861 3831K tcp -- * * 192.168.1.118 0.0.0.0/0
40112 47M tcp -- * * 0.0.0.0/0 192.168.1.118
3723 448K udp -- * * 192.168.1.118 0.0.0.0/0
2571 412K udp -- * * 0.0.0.0/0 192.168.1.118
3 252 icmp -- * * 192.168.1.118 0.0.0.0/0
135 12534 icmp -- * * 0.0.0.0/0 192.168.1.118
29587 4280K all -- * * 192.168.1.118 0.0.0.0/0
42818 48M all -- * * 0.0.0.0/0 192.168.1.118
0 0 tcp -- * * 192.168.1.119 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.119
0 0 udp -- * * 192.168.1.119 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.119
0 0 icmp -- * * 192.168.1.119 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.119
0 0 all -- * * 192.168.1.119 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.119
0 0 tcp -- * * 192.168.1.120 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.120
0 0 udp -- * * 192.168.1.120 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.120
0 0 icmp -- * * 192.168.1.120 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.120
0 0 all -- * * 192.168.1.120 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.120
0 0 tcp -- * * 192.168.1.121 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.121
0 0 udp -- * * 192.168.1.121 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.121
0 0 icmp -- * * 192.168.1.121 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.121
0 0 all -- * * 192.168.1.121 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.121
0 0 tcp -- * * 192.168.1.122 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.122
0 0 udp -- * * 192.168.1.122 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.122
0 0 icmp -- * * 192.168.1.122 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.122
0 0 all -- * * 192.168.1.122 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.122
188K 20M tcp -- * * 192.168.1.123 0.0.0.0/0
245K 250M tcp -- * * 0.0.0.0/0 192.168.1.123
2924 354K udp -- * * 192.168.1.123 0.0.0.0/0
1614 671K udp -- * * 0.0.0.0/0 192.168.1.123
42 3444 icmp -- * * 192.168.1.123 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.123
191K 21M all -- * * 192.168.1.123 0.0.0.0/0
247K 251M all -- * * 0.0.0.0/0 192.168.1.123
0 0 tcp -- * * 192.168.1.124 0.0.0.0/0
0 0 tcp -- * * 0.0.0.0/0 192.168.1.124
0 0 udp -- * * 192.168.1.124 0.0.0.0/0
0 0 udp -- * * 0.0.0.0/0 192.168.1.124
0 0 icmp -- * * 192.168.1.124 0.0.0.0/0
96 8064 icmp -- * * 0.0.0.0/0 192.168.1.124
0 0 all -- * * 192.168.1.124 0.0.0.0/0
96 8064 all -- * * 0.0.0.0/0 192.168.1.124
a routrovacia tabulka
> route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.3.1 0.0.0.0 UG 0 0 0 eth1
0.0.0.0 192.168.1.1 0.0.0.0 UG 1 0 0 eth0
>route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
91.127.61.32 10.0.0.138 255.255.255.255 UGH 0 0 0 eth1
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 tap0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 tap0
este dodam,ze pripajam sa z internetu,tak preto ta divna destinacia ( O2
07:50:08.995586 IP (tos 0x0, ttl 64, id 16636, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.1.43004 > 192.168.1.254.10000: F, cksum 0x2b40 (correct), 13315:13315(0) ack 17233 win 1347 nop,nop,timestamp 8863345 48110677
07:50:08.995692 IP (tos 0x0, ttl 64, id 42488, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.1.254.10000 > 10.0.1.1.43004: ., cksum 0x9f80 (correct), ack 13316 win 37100 nop,nop,timestamp 48110699 8863345
07:50:25.096541 IP (tos 0x0, ttl 64, id 27071, offset 0, flags [DF], proto: TCP (6), length: 60) 10.0.1.1.37890 > 192.168.1.254.22: S, cksum 0x00da (correct), 1512908695:1512908695(0) win 5488 mss 1337,sackOK,timestamp 8867368 0,nop,wscale 5
07:50:25.096645 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: TCP (6), length: 60) 192.168.1.254.22 > 10.0.1.1.37890: S, cksum 0x92dc (correct), 1356723669:1356723669(0) ack 1512908696 win 5792 mss 1460,sackOK,timestamp 48112309 8867368,nop,wscale 0
07:50:25.185012 IP (tos 0x0, ttl 64, id 27072, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.1.37890 > 192.168.1.254.22: ., cksum 0xd77f (correct), ack 1 win 172 nop,nop,timestamp 8867390 48112309
07:50:30.661216 IP (tos 0x0, ttl 64, id 55144, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.1.254.22 > 10.0.1.1.37890: F, cksum 0xbf5d (correct), 1:1(0) ack 1 win 5792 nop,nop,timestamp 48112866 8867390
07:50:30.750848 IP (tos 0x0, ttl 64, id 27073, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.1.37890 > 192.168.1.254.22: F, cksum 0xcfe2 (correct), 1:1(0) ack 2 win 172 nop,nop,timestamp 8868780 48112866
07:50:30.750963 IP (tos 0x0, ttl 64, id 55145, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.1.254.22 > 10.0.1.1.37890: ., cksum 0xb9e5 (correct), ack 2 win 5792 nop,nop,timestamp 48112875 8868780
07:50:37.346161 IP (tos 0x0, ttl 64, id 7346, offset 0, flags [DF], proto: TCP (6), length: 60) 10.0.1.1.46011 > 192.168.3.2.22: S, cksum 0xa998 (correct), 1705395886:1705395886(0) win 5488 mss 1337,sackOK,timestamp 8870428 0,nop,wscale 5
07:50:37.346321 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: TCP (6), length: 60) 192.168.3.2.22 > 10.0.1.1.46011: S, cksum 0xa891 (correct), 1361937350:1361937350(0) ack 1705395887 win 5792 mss 1460,sackOK,timestamp 48113534 8870428,nop,wscale 0
07:50:37.435479 IP (tos 0x0, ttl 64, id 7347, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.1.46011 > 192.168.3.2.22: ., cksum 0xed33 (correct), ack 1 win 172 nop,nop,timestamp 8870451 48113534
07:50:42.471158 IP (tos 0x0, ttl 64, id 42048, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.3.2.22 > 10.0.1.1.46011: F, cksum 0xd53d (correct), 1:1(0) ack 1 win 5792 nop,nop,timestamp 48114047 8870451
07:50:42.563147 IP (tos 0x0, ttl 64, id 7348, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.1.46011 > 192.168.3.2.22: F, cksum 0xe62f (correct), 1:1(0) ack 2 win 172 nop,nop,timestamp 8871732 48114047
07:50:42.563230 IP (tos 0x0, ttl 64, id 42049, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.3.2.22 > 10.0.1.1.46011: ., cksum 0xd032 (correct), ack 2 win 5792 nop,nop,timestamp 48114056 8871732
07:50:48.033087 IP (tos 0x0, ttl 64, id 27329, offset 0, flags [DF], proto: TCP (6), length: 60) 10.0.1.1.38552 > 10.0.1.100.22: S, cksum 0xa3a7 (correct), 1861619275:1861619275(0) win 5488 mss 1337,sackOK,timestamp 8873098 0,nop,wscale 5
07:50:48.033232 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: TCP (6), length: 60) 10.0.1.100.22 > 10.0.1.1.38552: S, cksum 0xb49f (correct), 1371958529:1371958529(0) ack 1861619276 win 5792 mss 1460,sackOK,timestamp 48114603 8873098,nop,wscale 0
07:50:48.122791 IP (tos 0x0, ttl 64, id 27330, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.1.38552 > 10.0.1.100.22: ., cksum 0xf941 (correct), ack 1 win 172 nop,nop,timestamp 8873121 48114603
07:50:53.151075 IP (tos 0x0, ttl 64, id 18102, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.100.22 > 10.0.1.1.38552: F, cksum 0xe14c (correct), 1:1(0) ack 1 win 5792 nop,nop,timestamp 48115115 8873121
07:50:53.241263 IP (tos 0x0, ttl 64, id 27331, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.1.38552 > 10.0.1.100.22: F, cksum 0xf240 (correct), 1:1(0) ack 2 win 172 nop,nop,timestamp 8874400 48115115
07:50:53.241316 IP (tos 0x0, ttl 64, id 18103, offset 0, flags [DF], proto: TCP (6), length: 52) 10.0.1.100.22 > 10.0.1.1.38552: ., cksum 0xdc43 (correct), ack 2 win 5792 nop,nop,timestamp 48115124 8874400
07:51:06.637279 IP (tos 0x0, ttl 64, id 30388, offset 0, flags [DF], proto: UDP (17), length: 58) 10.0.1.1.36934 > 10.0.1.100.53: 394+ A? www.danet.sk. (30)
07:51:06.638095 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 108) 10.0.1.100.53 > 10.0.1.1.36934: 394* 2/1/0 www.danet.sk. CNAME horus.danet.sk., horus.danet.sk. (80)
07:51:06.726574 IP (tos 0x0, ttl 64, id 52135, offset 0, flags [DF], proto: TCP (6), length: 60) 10.0.1.1.43008 > 192.168.1.254.10000: S, cksum 0xe0c8 (correct), 2160967021:2160967021(0) win 5488 mss 1337,sackOK,timestamp 8877770 0,nop,wscale 5
07:51:06.726683 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: TCP (6), length: 60) 192.168.1.254.10000 > 10.0.1.1.43008: S, cksum 0x3df1 (correct), 1414600441:1414600441(0) ack 2160967022 win 5792 mss 1460,sackOK,timestamp 48116472 8877770,nop,wscale 0
a nakoniec log z firewallu
Aug 17 07:49:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19198 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:50:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19199 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:50:25 horus sshd[8927]: refused connect from 10.0.1.1 (10.0.1.1)
Aug 17 07:50:37 horus sshd[8952]: refused connect from 10.0.1.1 (10.0.1.1)
Aug 17 07:50:37 horus kernel: FWD DROP: IN=eth1 OUT=eth0 SRC=87.197.246.186 DST=192.168.1.104 LEN=56 TOS=0x00 PREC=0xC0 TTL=249 ID=2696 PROTO=ICMP TYPE=3 CODE=3 [SRC=192.168.1.104 DST=172.16.1.1 LEN=72 TOS=0x00 PREC=0x00 TTL=57 ID=52077 DF PROTO=UDP SPT=3111 DPT=28007 LEN=52 ]
Aug 17 07:50:48 horus sshd[8971]: refused connect from 10.0.1.1 (10.0.1.1)
Aug 17 07:50:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19200 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:51:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19201 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:51:27 horus kernel: IN DROP: IN=eth1 OUT= MAC=08:00:09:a9:2e:76:00:0e:f4:05:c4:9c:08:00 SRC=125.76.244.134 DST=192.168.3.2 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=1011 PROTO=TCP SPT=5222 DPT=16174 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 17 07:51:34 horus kernel: IN DROP: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=192.168.1.254 DST=192.168.1.254 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=27683 SEQ=1
Aug 17 07:51:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19202 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:51:58 horus kernel: IN DROP: IN=eth1 OUT= MAC=08:00:09:a9:2e:76:00:0e:f4:05:c4:9c:08:00 SRC=125.76.244.134 DST=192.168.3.2 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=39024 PROTO=TCP SPT=5222 DPT=16174 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 17 07:51:58 horus kernel: IN DROP: IN=eth1 OUT= MAC=08:00:09:a9:2e:76:00:0e:f4:05:c4:9c:08:00 SRC=125.76.244.134 DST=192.168.3.2 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=50677 PROTO=TCP SPT=5222 DPT=16174 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 17 07:52:22 horus kernel: IN DROP: IN=eth1 OUT= MAC=08:00:09:a9:2e:76:00:0e:f4:05:c4:9c:08:00 SRC=125.76.244.134 DST=192.168.3.2 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=7767 PROTO=TCP SPT=5222 DPT=16174 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 17 07:52:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19203 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:52:34 horus kernel: FWD DROP: IN=eth1 OUT=eth0 SRC=87.197.246.186 DST=192.168.1.101 LEN=56 TOS=0x00 PREC=0xC0 TTL=249 ID=2931 PROTO=ICMP TYPE=3 CODE=3 [SRC=192.168.1.101 DST=172.16.1.1 LEN=77 TOS=0x00 PREC=0x00 TTL=57 ID=44894 DF PROTO=UDP SPT=3075 DPT=28007 LEN=57 ]
Aug 17 07:52:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19204 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:53:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19205 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:53:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19206 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:54:20 horus kernel: IN DROP: IN=eth0 OUT= MAC= SRC=192.168.1.254 DST=192.168.1.255 LEN=242 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=222
Aug 17 07:54:20 horus kernel: IN DROP: IN=eth0 OUT= MAC= SRC=192.168.1.254 DST=192.168.1.255 LEN=234 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=214
Aug 17 07:54:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19207 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:54:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19208 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:55:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19209 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:55:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19210 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:56:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19211 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:56:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19212 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:57:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19213 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:57:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19214 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:58:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19215 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:58:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19216 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:59:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19217 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 07:59:54 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19218 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 08:00:24 horus kernel: IN DROP: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:a0:c5:72:60:5e:08:00 SRC=192.168.1.3 DST=192.168.1.255 LEN=72 TOS=0x00 PREC=0x00 TTL=1 ID=19219 PROTO=UDP SPT=520 DPT=520 LEN=52
Aug 17 08:00:48 horus kernel: FWD DROP: IN=eth1 OUT=eth0 SRC=87.197.246.186 DST=192.168.1.104 LEN=56 TOS=0x00 PREC=0xC0 TTL=249 ID=3924 PROTO=ICMP TYPE=3 CODE=3 [SRC=192.168.1.104 DST=172.16.1.1 LEN=65 TOS=0x00 PREC=0x00 TTL=57 ID=52506 DF PROTO=UDP SPT=3111 DPT=28007 LEN=45 ]
Tiskni
Sdílej: