weird log files messages

funkusmunkus

220
+0/-0

weird log files messages

« on: October 29, 2004, 05:04:16 PM »

Hi all,

well i've been getting hundreds of these messages in the log file

Quote

Oct 30 00:46:22 SERVERNAME kernel: denylog:IN=eth1 OUT= MAC=00:60:08:38:d6:e3:00:0a:42:6b:20:8c:08:00 SRC=200.157.189.2 DST=MYIPADDRESS LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=64598 DF PROTO=TCP SPT=4099 DPT=6881 WINDOW=64240 RES=0x00 SYN URGP=0

can someone give me a little insite to what's going on ?
I am using a torrent program, might that have anything to do with it?

cheers

Logged

.........

byte

2,183
+2/-0

weird log files messages

« Reply #1 on: October 29, 2004, 07:13:21 PM »

Did you attempt a search? this has been asked many times in the past...Search is ur best friend

Logged

--[byte]--

Have you filled in a Bug Report over @ http://bugs.contribs.org ? Please don't wait to be told this way you help us to help you/others - Thanks!

RavenIV

weird log files messages

« Reply #2 on: October 30, 2004, 01:46:37 AM »

this is an entry of your firewall.
access from that IP-adress to that port is denied.

search for "firewall AND log" in the forum and you will find the answer to eliminate these entries.

cheers

Logged

cc_skavenger

weird log files messages

« Reply #3 on: November 02, 2004, 02:23:48 AM »

That is a bittorrent port

Any one using bittorrent behind your server?

Logged

funkusmunkus

220
+0/-0

weird log files messages

« Reply #4 on: November 03, 2004, 12:38:43 AM »

thanx guys

cc_skavenger yes there is a bittorrent program running behind, i did mention it in the main post.

i was just a little worried what was going on, thanx for clearing it up.

I'll see if i can find that "firewall and log" thing to eliminate the entries that RavenIV suggested.
thanx again guys

Logged

.........

jahlewis

151
+0/-0

weird log files messages

« Reply #5 on: November 16, 2004, 04:49:30 PM »

I've searched the forums, and have found nothing helping me on how to eliminate these messages from my /var/log/messages. Can someone point me in the right direction?

Quote

Nov 16 10:49:33 gluon kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:08:c7:cf:91:9b:08:00 SRC=216.12.70.32 DST=255.255.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=128 ID=23756 PROTO=UDP SPT=520 DPT=520 LEN=52
Nov 16 10:49:37 gluon kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:41:e5:c3:21:08:00 SRC=216.12.17.30 DST=255.255.255.255 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=63730 PROTO=UDP SPT=1032 DPT=7100 LEN=48

Logged

............

chris burnat

1,135
+2/-0

weird log files messages

« Reply #6 on: November 17, 2004, 02:19:32 PM »

/sbin/e-smith/db configuration setprop masq Logging none

followed by:

/sbin/e-smith/signal-event remoteaccess-update

Logged

- chris
If it does not work out of the box, please fill in a Bug Report @ Bugzilla (http://bugs.contribs.org) - check: http://wiki.contribs.org/Bugzilla_Help . Thanks.

jahlewis

151
+0/-0

weird log files messages

« Reply #7 on: November 17, 2004, 02:33:22 PM »

That did it!

Thanks very much for the reply.

Logged

............

RavenIV

weird log files messages

« Reply #8 on: November 18, 2004, 03:27:30 AM »

if you did a search for "firewall logging" you should have found the solution...

Logged