Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: funkusmunkus on October 29, 2004, 05:04:16 PM

Title: weird log files messages
Post by: funkusmunkus on October 29, 2004, 05:04:16 PM

Hi all,

well i've been getting hundreds of these messages in the log file

Quote

Oct 30 00:46:22 SERVERNAME kernel: denylog:IN=eth1 OUT= MAC=00:60:08:38:d6:e3:00:0a:42:6b:20:8c:08:00 SRC=200.157.189.2 DST=MYIPADDRESS LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=64598 DF PROTO=TCP SPT=4099 DPT=6881 WINDOW=64240 RES=0x00 SYN URGP=0

can someone give me a little insite to what's going on ?
I am using a torrent program, might that have anything to do with it?

cheers

Title: weird log files messages
Post by: byte on October 29, 2004, 07:13:21 PM

Did you attempt a search? this has been asked many times in the past...Search is ur best friend

Title: weird log files messages
Post by: RavenIV on October 30, 2004, 01:46:37 AM

this is an entry of your firewall.
access from that IP-adress to that port is denied.

search for "firewall AND log" in the forum and you will find the answer to eliminate these entries.

cheers

Title: weird log files messages
Post by: cc_skavenger on November 02, 2004, 02:23:48 AM

That is a bittorrent port

Any one using bittorrent behind your server?

Title: weird log files messages
Post by: funkusmunkus on November 03, 2004, 12:38:43 AM

thanx guys

cc_skavenger yes there is a bittorrent program running behind, i did mention it in the main post.

i was just a little worried what was going on, thanx for clearing it up.

I'll see if i can find that "firewall and log" thing to eliminate the entries that RavenIV suggested.
thanx again guys

Title: weird log files messages
Post by: jahlewis on November 16, 2004, 04:49:30 PM

I've searched the forums, and have found nothing helping me on how to eliminate these messages from my /var/log/messages.  Can someone point me in the right direction?

Quote

Nov 16 10:49:33 gluon kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:08:c7:cf:91:9b:08:00 SRC=216.12.70.32 DST=255.255.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=128 ID=23756 PROTO=UDP SPT=520 DPT=520 LEN=52
Nov 16 10:49:37 gluon kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:41:e5:c3:21:08:00 SRC=216.12.17.30 DST=255.255.255.255 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=63730 PROTO=UDP SPT=1032 DPT=7100 LEN=48

Title: weird log files messages
Post by: chris burnat on November 17, 2004, 02:19:32 PM

/sbin/e-smith/db configuration setprop masq Logging none

followed by:

/sbin/e-smith/signal-event remoteaccess-update

Title: weird log files messages
Post by: jahlewis on November 17, 2004, 02:33:22 PM

That did it!

Thanks very much for the reply.

Title: weird log files messages
Post by: RavenIV on November 18, 2004, 03:27:30 AM

if you did a search for "firewall logging" you should have found the solution...