|
|
Expected NETFILTER logs |
|
NETFILTER syslog alert |
Log 1: Nov 17 12:23:49 HOST_NETFILTER kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=36 TOS=0x10 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=123 DPT=32768 LEN=16
Log 2: Nov 17 14:34:04 HOST_NETFILTER kernel: IN=eth0 OUT= MAC=00:10:5a:b1:25:1d:08:00:20:86:af:22:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=56 TOS=0x00 PREC=0x00 TTL=47 ID=357 PROTO=ICMP TYPE=3 CODE=3 [SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=62973 DF PROTO=TCP INCOMPLETE [8 bytes] ]
Log 3: Nov 25 17:16:16 HOST_NETFILTER kernel: IN=eth0 OUT= MAC=00:10:5a:b1:25:1d:00:02:b3:c8:44:90:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=41762 DF PROTO=TCP SPT=59626 DPT=113 WINDOW=5544 RES=0x00 SYN URGP=0
Log 4: Dec 14 22:35:10 HOST_NETFILTER kernel: IN=eth1 OUT=eth0 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=180 TOS=0x10 PREC=0x00 TTL=62 ID=32089 DF PROTO=TCP SPT=22 DPT=35892 WINDOW=9120 RES=0x00 ACK PSH URGP=0
Log 5: Dec 15 10:09:36 HOST_NETFILTER kernel: IN=eth0 OUT=eth1 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=56 TOS=0x00 PREC=0x00 TTL=252 ID=51475 PROTO=ICMP TYPE=3 CODE=13 [SRC=192.168.1.66 DST=217.5.100.1 LEN=57 TOS=0x00 PREC=0x00 TTL=122 ID=58633 PROTO=UDP SPT=1308 DPT=53 LEN=37 ]
Log 6: Dec 15 10:11:11 HOST_NETFILTER kernel: IN=eth0 OUT=eth1 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=56 TOS=0x00 PREC=0x00 TTL=252 ID=54737 PROTO=ICMP TYPE=3 CODE=13 [SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=60 TOS=0x00 PREC=0x00 TTL=122 ID=63242 PROTO=UDP SPT=1385 DPT=53 LEN=40 ]
Log 7: Dec 15 13:12:09 HOST_NETFILTER kernel: IN=eth1 OUT=eth0 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=76 TOS=0x00 PREC=0x00 TTL=126 ID=47652 PROTO=UDP SPT=123 DPT=123 LEN=56
Log 8: Dec 21 03:36:51 HOST_NETFILTER kernel: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0e:6a:d2:c2:00:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=60 ID=0 PROTO=UDP SPT=68 DPT=67 LEN=308
Log 9: Jun 16 12:11:10 HOST_NETFILTER kernel: IN=eth0 OUT= MAC=00:0a:5e:55:1a:c2:00:c0:9f:41:d7:7d:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=246 TOS=0x00 PREC=0x00 TTL=61 ID=54732 PROTO=UDP SPT=32784 DPT=1470 LEN=226
|
|
| |
|