Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Big loggfiles!
« previous next »
Pages: [1]   Go Down

Big loggfiles!

  • 7 Replies
  • 497 Views

Magnus

Big loggfiles!
« on: November 09, 2003, 10:48:52 PM »
running E-Smith 6.0b3. After a few weeks running it started to create very big loggfiles in /var/log/
 hade to remove a few and i got 100mb free space.
The hdd is working almost all the time now..

Any one got any clue?
Logged

jeroen

Re: Big loggfiles!
« Reply #1 on: November 10, 2003, 12:06:08 AM »
What logfiles are getting that big?
Logged

Magnus

Re: Big loggfiles!
« Reply #2 on: November 10, 2003, 01:21:12 AM »
i deleted messages.date. secure.date and its messages that is growing..
i´m losing 3mb disk every hour
Logged

Klaus Eckert

Re: Big loggfiles!
« Reply #3 on: November 10, 2003, 04:01:40 AM »
maybe your firewall logs all dropped connections.
search the forum for a solution to tell the firewall to log less.

can you post a few lines (about 50 lines) of vour messages.log?

cheers klaus
Logged

Magnus

Re: Big loggfiles!
« Reply #4 on: November 10, 2003, 04:56:25 AM »
looks like this..

Nov 10 02:57:34 miniburken kernel: denylog:IN=eth1 OUT= MAC=00:80:ad:73:31:8e:00:04:de:18:13:fc:08:00 SRC=157.158.176.69 DST=213.113.207.116 LEN=73 TOS=0x00 PREC=0x00 TTL=111 ID=62015 PROTO=UDP SPT=1214 DPT=2086 LEN=53
Nov 10 02:57:34 miniburken kernel: denylog:IN=eth1 OUT= MAC=00:80:ad:73:31:8e:00:04:de:18:13:fc:08:00 SRC=157.161.124.117 DST=213.113.207.116 LEN=94 TOS=0x00 PREC=0x00 TTL=108 ID=23341 PROTO=UDP SPT=2232 DPT=2086 LEN=74
Nov 10 02:57:35 miniburken kernel: denylog:IN=eth1 OUT= MAC=00:80:ad:73:31:8e:00:04:de:18:13:fc:08:00 SRC=62.72.224.94 DST=213.113.207.116 LEN=63 TOS=0x00 PREC=0x00 TTL=114 ID=40103 PROTO=UDP SPT=1323 DPT=2086 LEN=43
Nov 10 02:57:35 miniburken kernel: denylog:IN=eth1 OUT= MAC=00:80:ad:73:31:8e:00:04:de:18:13:fc:08:00 SRC=217.210.87.123 DST=213.113.207.116 LEN=63 TOS=0x00 PREC=0x00 TTL=113 ID=18309 PROTO=UDP SPT=1961 DPT=2086 LEN=43
Nov 10 02:57:36 miniburken kernel: denylog:IN=eth1 OUT= MAC=00:80:ad:73:31:8e:00:04:de:18:13:fc:08:00 SRC=158.36.248.102 DST=213.113.207.116 LEN=63 TOS=0x00 PREC=0x00 TTL=115 ID=38938 PROTO=UDP SPT=1417 DPT=2086 LEN=43
Logged

SloopJohnB

Re: Big loggfiles!
« Reply #5 on: November 10, 2003, 06:09:41 AM »
Looks like someone has downloaded a file sharing program (like Kazaa, Limewire...). The DPT (or destination port) is prot 2086, which is gnunet, peer-to-peer file sharing protocol. Check all your machines for anything resembling P2P, kazaa, LimeWire, and maybe someone else could chime in with more info...
The good news, is that your SME server is logging each connection, so you can disable these ports and find out who is doing the illegal, timewasting, bandwidth-sucking  downloads!

SloopJohnB
Logged

Magnus

Re: Big loggfiles!
« Reply #6 on: November 10, 2003, 06:43:54 AM »
Well it´s still logging and there is no p2p programs on any of the computers..
i run the same programs as before.. but i didn´t have this problems before.
Started last week.
Logged

Magnus

Re: Big loggfiles!
« Reply #7 on: November 10, 2003, 10:26:58 PM »
All of this started after i updated ssh and  opened ssh public.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Big loggfiles!