* prevent iptables LOG target from flooding dmesg
@ 2010-06-05 20:42 Thanasis
[not found] ` <AANLkTilXnjHFMQI50wTupvFi2hIgf0tMhlu-lzPekPr7@mail.gmail.com>
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Thanasis @ 2010-06-05 20:42 UTC (permalink / raw)
To: netfilter
The subject says it all.
I have set up logging like so :
--------------------------------------------------------------------------------------------------------------------
iptables -A INPUT -m state --state INVALID -j LOG --log-prefix "DROP
INVALID " --log-ip-options --log-tcp-options
iptables -A INPUT -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT "
iptables -A INPUT ! -i lo -j LOG --log-prefix "DROP " --log-ip-options
--log-tcp-options
iptables -A OUTPUT -m state --state INVALID -j LOG --log-prefix "DROP
INVALID " --log-ip-options --log-tcp-options
iptables -A OUTPUT ! -o lo -j LOG --log-prefix "DROP " --log-ip-options
--log-tcp-options
iptables -A FORWARD -m state --state INVALID -j LOG --log-prefix "DROP
INVALID " --log-ip-options --log-tcp-options
iptables -A FORWARD -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT "
iptables -A FORWARD ! -i lo -j LOG --log-prefix "DROP " --log-ip-options
--log-tcp-options
--------------------------------------------------------------------------------------------------------------------
and dmesg is flooded by DROP log messages etc.
I have NETFILTER_NETLINK_LOG [=m]
in the kenel config, but I don't know how to use it,
(and what the module name is).
Any pointers/help will be much appreciated.
^ permalink raw reply [flat|nested] 9+ messages in thread[parent not found: <AANLkTilXnjHFMQI50wTupvFi2hIgf0tMhlu-lzPekPr7@mail.gmail.com>]
* Re: prevent iptables LOG target from flooding dmesg [not found] ` <AANLkTilXnjHFMQI50wTupvFi2hIgf0tMhlu-lzPekPr7@mail.gmail.com> @ 2010-06-05 22:03 ` Thanasis 0 siblings, 0 replies; 9+ messages in thread From: Thanasis @ 2010-06-05 22:03 UTC (permalink / raw) To: Curby; +Cc: netfilter on 06/06/2010 12:43 AM Curby wrote the following: > The problem may be that you're not sure what you should be logging. > The rules are probably working as expected, but the rules as written > are bound to be verbose. > Why do you have these rules? In short, why is it important to you to > log everything that's not going through the loopback interface? > Depending on where these rules exist in your chains, they may even log > packets that you will accept, in which case the "DROP" log prefix is > incorrect. > > I think it may be time to go back to the drawing board. Consider > carefully what you want to log, and then develop new rules to only log > those packets. The full ruleset may help us help you further. > > --Mike Here is the full ruleset: # Generated by iptables-save v1.4.6 on Sun Jun 6 01:00:20 2010 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -m state --state INVALID -j LOG --log-prefix "DROP INVALID " --log-tcp-options --log-ip-options -A INPUT -m state --state INVALID -j DROP -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT ! -s 192.168.0.0/24 -i bond0 -j LOG --log-prefix "SPOOFED PKT " -A INPUT ! -s 192.168.0.0/24 -i bond0 -j DROP -A INPUT -i bond0 -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT -A INPUT -i bond0 -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT -A INPUT -i bond0 -p udp -m udp --dport 67 -m state --state NEW -j ACCEPT -A INPUT -i bond0 -p tcp -m tcp --dport 67 -m state --state NEW -j ACCEPT -A INPUT -i bond0 -p udp -m udp --dport 123 -m state --state NEW -j ACCEPT -A INPUT -i bond0 -p tcp -m tcp --dport 123 -m state --state NEW -j ACCEPT -A INPUT -s 192.168.0.0/24 -i bond0 -p tcp -m tcp --dport 8888 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j ACCEPT -A INPUT -s 192.168.0.0/24 -i bond0 -p tcp -m tcp --dport 8080 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j ACCEPT -A INPUT -s 192.168.0.0/24 -i bond0 -p tcp -m tcp --dport 3551 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 1/sec -j ACCEPT -A INPUT -p tcp -m tcp --dport 110 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 1/sec -j ACCEPT -A INPUT -p tcp -m tcp --dport 25 --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 10/sec -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j ACCEPT -A INPUT ! -i lo -j LOG --log-prefix "DROP " --log-tcp-options --log-ip-options -A INPUT -i lo -j ACCEPT -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A FORWARD -m state --state INVALID -j LOG --log-prefix "DROP INVALID " --log-tcp-options --log-ip-options -A FORWARD -m state --state INVALID -j DROP -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD ! -s 192.168.0.0/24 -i bond0 -j LOG --log-prefix "SPOOFED PKT " -A FORWARD ! -s 192.168.0.0/24 -i bond0 -j DROP -A FORWARD -s 192.168.0.0/24 -i bond0 -m state --state NEW -j ACCEPT -A FORWARD ! -i lo -j LOG --log-prefix "DROP " --log-tcp-options --log-ip-options -A OUTPUT -m state --state INVALID -j LOG --log-prefix "DROP INVALID " --log-tcp-options --log-ip-options -A OUTPUT -m state --state INVALID -j DROP -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A OUTPUT ! -o lo -j LOG --log-prefix "DROP " --log-tcp-options --log-ip-options -A OUTPUT -o lo -j ACCEPT COMMIT # Completed on Sun Jun 6 01:00:20 2010 # Generated by iptables-save v1.4.6 on Sun Jun 6 01:00:20 2010 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A PREROUTING -i bond0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 -A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE COMMIT # Completed on Sun Jun 6 01:00:20 2010 # Generated by iptables-save v1.4.6 on Sun Jun 6 01:00:20 2010 *mangle :PREROUTING ACCEPT [5075158:1310503988] :INPUT ACCEPT [952099:738925140] :FORWARD ACCEPT [4112581:569194430] :OUTPUT ACCEPT [932258:673687313] :POSTROUTING ACCEPT [5042726:1242782393] -A PREROUTING -p icmp -j MARK --set-xmark 0x1/0xffffffff -A PREROUTING -p icmp -j RETURN COMMIT # Completed on Sun Jun 6 01:00:20 2010 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: prevent iptables LOG target from flooding dmesg 2010-06-05 20:42 prevent iptables LOG target from flooding dmesg Thanasis [not found] ` <AANLkTilXnjHFMQI50wTupvFi2hIgf0tMhlu-lzPekPr7@mail.gmail.com> @ 2010-06-06 3:03 ` Robby Workman 2010-06-06 5:26 ` Thanasis 2010-06-06 16:55 ` Thanasis 2010-06-06 7:09 ` lists 2 siblings, 2 replies; 9+ messages in thread From: Robby Workman @ 2010-06-06 3:03 UTC (permalink / raw) To: Thanasis; +Cc: netfilter [-- Attachment #1: Type: text/plain, Size: 293 bytes --] On Sat, 05 Jun 2010 23:42:21 +0300 Thanasis <thanasis@asyr.hopto.org> wrote: > ... > and dmesg is flooded by DROP log messages etc. > ... 1) Do you really *care* about most of what you're logging? 1a) If so, why? 2) Install ulogd and use -j ULOG instead of -j LOG. -RW [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 198 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: prevent iptables LOG target from flooding dmesg 2010-06-06 3:03 ` Robby Workman @ 2010-06-06 5:26 ` Thanasis 2010-06-06 11:31 ` Jan Engelhardt 2010-06-06 16:55 ` Thanasis 1 sibling, 1 reply; 9+ messages in thread From: Thanasis @ 2010-06-06 5:26 UTC (permalink / raw) To: Robby Workman; +Cc: netfilter on 06/06/2010 06:03 AM Robby Workman wrote the following: > On Sat, 05 Jun 2010 23:42:21 +0300 > Thanasis <thanasis@asyr.hopto.org> wrote: > >> ... >> and dmesg is flooded by DROP log messages etc. >> ... > > > 1) Do you really *care* about most of what you're logging? > 1a) If so, why? Yes and no, because it's a recent install, and I would like to watch closer, at least for a while ... > > 2) Install ulogd and use -j ULOG instead of -j LOG. I have read about ulog but the kernel config help says for ULOG that it is deprecated: "CONFIG_IP_NF_TARGET_ULOG: This option enables the old IPv4-only "ipt_ULOG" implementation │ │ which has been obsoleted by the new "nfnetlink_log" code (see │ │ CONFIG_NETFILTER_NETLINK_LOG). " That is why I was asking about CONFIG_NETFILTER_NETLINK_LOG in the fist place... ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: prevent iptables LOG target from flooding dmesg 2010-06-06 5:26 ` Thanasis @ 2010-06-06 11:31 ` Jan Engelhardt 2010-06-06 13:42 ` Thanasis 0 siblings, 1 reply; 9+ messages in thread From: Jan Engelhardt @ 2010-06-06 11:31 UTC (permalink / raw) To: Thanasis; +Cc: Robby Workman, netfilter On Sunday 2010-06-06 07:26, Thanasis wrote: >> >> 2) Install ulogd and use -j ULOG instead of -j LOG. >I have read about ulog but the kernel config help says for ULOG that it >is deprecated: Try -j NFLOG. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: prevent iptables LOG target from flooding dmesg 2010-06-06 11:31 ` Jan Engelhardt @ 2010-06-06 13:42 ` Thanasis 0 siblings, 0 replies; 9+ messages in thread From: Thanasis @ 2010-06-06 13:42 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Robby Workman, netfilter on 06/06/2010 02:31 PM Jan Engelhardt wrote the following: > > On Sunday 2010-06-06 07:26, Thanasis wrote: >>> >>> 2) Install ulogd and use -j ULOG instead of -j LOG. >> I have read about ulog but the kernel config help says for ULOG that it >> is deprecated: > > Try -j NFLOG. > > I installed ulogd2, as suggested in http://www.netfilter.org/projects/libnetfilter_log/ ... but I cannot start it. (# ulogd -V ulogd Version 2.0.0beta Copyright (C) 2000-2005 Harald Welte <laforge@netfilter.org>) Here is what /var/log/ulogd.log says: Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `NFLOG' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `ULOG' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `NFCT' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `IFINDEX' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `IP2STR' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `IP2BIN' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `PRINTPKT' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `HWHDR' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `PRINTFLOW' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `MARK' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `LOGEMU' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `SYSLOG' Sun Jun 6 16:36:02 2010 <5> ulogd.c:372 registering plugin `BASE' Sun Jun 6 16:36:02 2010 <8> ulogd.c:1173 not even a single working plugin stack ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: prevent iptables LOG target from flooding dmesg 2010-06-06 3:03 ` Robby Workman 2010-06-06 5:26 ` Thanasis @ 2010-06-06 16:55 ` Thanasis 1 sibling, 0 replies; 9+ messages in thread From: Thanasis @ 2010-06-06 16:55 UTC (permalink / raw) To: Robby Workman; +Cc: netfilter on 06/06/2010 06:03 AM Robby Workman wrote the following: > On Sat, 05 Jun 2010 23:42:21 +0300 > Thanasis <thanasis@asyr.hopto.org> wrote: > >> ... >> and dmesg is flooded by DROP log messages etc. >> ... > > > 1) Do you really *care* about most of what you're logging? > 1a) If so, why? > > 2) Install ulogd and use -j ULOG instead of -j LOG. > > -RW I tried ULOG with ulogd and it worked! I just had to remove options like: ... --log-ip-options --log-tcp-options which are not valid for ULOG, but even without them that data is there anyway. Thanks ;-) ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: prevent iptables LOG target from flooding dmesg 2010-06-05 20:42 prevent iptables LOG target from flooding dmesg Thanasis [not found] ` <AANLkTilXnjHFMQI50wTupvFi2hIgf0tMhlu-lzPekPr7@mail.gmail.com> 2010-06-06 3:03 ` Robby Workman @ 2010-06-06 7:09 ` lists 2010-06-06 10:52 ` Thanasis 2 siblings, 1 reply; 9+ messages in thread From: lists @ 2010-06-06 7:09 UTC (permalink / raw) To: netfilter On Sat, 2010-06-05 at 23:42 +0300, Thanasis wrote: > The subject says it all. > I have set up logging like so : > -------------------------------------------------------------------------------------------------------------------- > iptables -A INPUT -m state --state INVALID -j LOG --log-prefix "DROP > INVALID " --log-ip-options --log-tcp-options > iptables -A INPUT -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT " > iptables -A INPUT ! -i lo -j LOG --log-prefix "DROP " --log-ip-options > --log-tcp-options > iptables -A OUTPUT -m state --state INVALID -j LOG --log-prefix "DROP > INVALID " --log-ip-options --log-tcp-options > iptables -A OUTPUT ! -o lo -j LOG --log-prefix "DROP " --log-ip-options > --log-tcp-options > iptables -A FORWARD -m state --state INVALID -j LOG --log-prefix "DROP > INVALID " --log-ip-options --log-tcp-options > iptables -A FORWARD -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT " > iptables -A FORWARD ! -i lo -j LOG --log-prefix "DROP " --log-ip-options > --log-tcp-options > -------------------------------------------------------------------------------------------------------------------- > and dmesg is flooded by DROP log messages etc. > I have NETFILTER_NETLINK_LOG [=m] > in the kenel config, but I don't know how to use it, > (and what the module name is). > Any pointers/help will be much appreciated. You can limit how much is logged with the 'limit' match. Doing this you might lose some information but you might be okay with that. The 'limit' match can be used like this: $ipt [...] -m limit --limit 3/second [...] However, I don't know if that's what you want. -- Rob ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: prevent iptables LOG target from flooding dmesg 2010-06-06 7:09 ` lists @ 2010-06-06 10:52 ` Thanasis 0 siblings, 0 replies; 9+ messages in thread From: Thanasis @ 2010-06-06 10:52 UTC (permalink / raw) To: netfilter; +Cc: lists on 06/06/2010 10:09 AM lists@sterenborg.info wrote the following: > On Sat, 2010-06-05 at 23:42 +0300, Thanasis wrote: >> The subject says it all. >> I have set up logging like so : >> -------------------------------------------------------------------------------------------------------------------- >> iptables -A INPUT -m state --state INVALID -j LOG --log-prefix "DROP >> INVALID " --log-ip-options --log-tcp-options >> iptables -A INPUT -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT " >> iptables -A INPUT ! -i lo -j LOG --log-prefix "DROP " --log-ip-options >> --log-tcp-options >> iptables -A OUTPUT -m state --state INVALID -j LOG --log-prefix "DROP >> INVALID " --log-ip-options --log-tcp-options >> iptables -A OUTPUT ! -o lo -j LOG --log-prefix "DROP " --log-ip-options >> --log-tcp-options >> iptables -A FORWARD -m state --state INVALID -j LOG --log-prefix "DROP >> INVALID " --log-ip-options --log-tcp-options >> iptables -A FORWARD -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT " >> iptables -A FORWARD ! -i lo -j LOG --log-prefix "DROP " --log-ip-options >> --log-tcp-options >> -------------------------------------------------------------------------------------------------------------------- >> and dmesg is flooded by DROP log messages etc. >> I have NETFILTER_NETLINK_LOG [=m] >> in the kenel config, but I don't know how to use it, >> (and what the module name is). >> Any pointers/help will be much appreciated. > > You can limit how much is logged with the 'limit' match. Doing this you > might lose some information but you might be okay with that. The 'limit' > match can be used like this: > > $ipt [...] -m limit --limit 3/second [...] > > However, I don't know if that's what you want. > My problem is _not_the_number_ of messages that I get from iptables, but the fact that _lots_ of them are logged in buffer of the kernel filling it, to the point that I loose all important info/warnings that I should be able to see with dmesg. eg. this is all that I get by dmesg now: (I have hidden some of the IPs for security reasons) # dmesg 5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15659 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15659 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15660 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15660 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=15663 PROTO=UDP SPT=138 DPT=138 LEN=209 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=15663 PROTO=UDP SPT=138 DPT=138 LEN=209 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15668 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15668 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15669 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15669 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15670 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15670 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15671 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15671 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15672 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15672 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15673 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15673 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15674 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15674 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15675 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15675 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15676 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15676 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15677 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15677 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15678 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15678 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15679 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15679 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15680 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15680 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15681 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15681 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15682 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15682 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=15685 PROTO=UDP SPT=138 DPT=138 LEN=209 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=15685 PROTO=UDP SPT=138 DPT=138 LEN=209 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=92.249.130.158 DST=YY.YYY.YYY.YYY LEN=64 TOS=0x00 PREC=0x00 TTL=35 ID=36826 DF PROTO=TCP SPT=2867 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0 OPT (020405A0010303030101080A000000000000000001010402) DROP IN=ppp0 OUT= MAC= SRC=92.249.130.158 DST=YY.YYY.YYY.YYY LEN=64 TOS=0x00 PREC=0x00 TTL=35 ID=37606 DF PROTO=TCP SPT=2867 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0 OPT (020405A0010303030101080A000000000000000001010402) DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15689 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15689 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15690 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15690 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15691 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15691 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15692 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15692 PROTO=UDP SPT=137 DPT=137 LEN=58 SPOOFED PKT IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:25:43:7f:93:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=355 TOS=0x00 PREC=0x00 TTL=64 ID=36184 PROTO=UDP SPT=68 DPT=67 LEN=335 SPOOFED PKT IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:25:43:7f:93:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=355 TOS=0x00 PREC=0x00 TTL=64 ID=36184 PROTO=UDP SPT=68 DPT=67 LEN=335 DROP IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:25:43:7f:93:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=355 TOS=0x00 PREC=0x00 TTL=64 ID=36184 PROTO=UDP SPT=68 DPT=67 LEN=335 SPOOFED PKT IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:25:43:7f:93:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=367 TOS=0x00 PREC=0x00 TTL=64 ID=25448 PROTO=UDP SPT=68 DPT=67 LEN=347 SPOOFED PKT IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:25:43:7f:93:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=367 TOS=0x00 PREC=0x00 TTL=64 ID=25448 PROTO=UDP SPT=68 DPT=67 LEN=347 DROP IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:25:43:7f:93:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=367 TOS=0x00 PREC=0x00 TTL=64 ID=25448 PROTO=UDP SPT=68 DPT=67 LEN=347 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15693 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15693 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15694 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15694 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15695 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15695 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15696 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15696 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15697 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=15697 PROTO=UDP SPT=138 DPT=138 LEN=182 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15698 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15698 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15699 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15699 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15700 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15700 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15701 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15701 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15702 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15702 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15703 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15703 PROTO=UDP SPT=137 DPT=137 LEN=58 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=ppp0 OUT= MAC= SRC=218.25.11.207 DST=YY.YYY.YYY.YYY LEN=40 TOS=0x00 PREC=0x00 TTL=107 ID=61402 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=15707 PROTO=UDP SPT=138 DPT=138 LEN=209 DROP IN=bond0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:48:08:29:8b:08:00 SRC=192.168.0.5 DST=192.168.0.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=15707 PROTO=UDP SPT=138 DPT=138 LEN=209 DROP IN=ppp0 OUT= MAC= SRC=58.247.163.220 DST=YY.YYY.YYY.YYY LEN=30 TOS=0x00 PREC=0x00 TTL=114 ID=3635 PROTO=UDP SPT=9739 DPT=4672 LEN=10 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 DROP INVALID IN=ppp0 OUT= MAC= SRC=209.132.180.67 DST=YY.YYY.YYY.YYY LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=0 DF PROTO=TCP SPT=35728 DPT=25 WINDOW=0 RES=0x00 RST URGP=0 DROP IN=ppp0 OUT= MAC= SRC=XX.XXX.X.XXX DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 OPT (94040000) PROTO=2 # ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2010-06-06 16:55 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-06-05 20:42 prevent iptables LOG target from flooding dmesg Thanasis
[not found] ` <AANLkTilXnjHFMQI50wTupvFi2hIgf0tMhlu-lzPekPr7@mail.gmail.com>
2010-06-05 22:03 ` Thanasis
2010-06-06 3:03 ` Robby Workman
2010-06-06 5:26 ` Thanasis
2010-06-06 11:31 ` Jan Engelhardt
2010-06-06 13:42 ` Thanasis
2010-06-06 16:55 ` Thanasis
2010-06-06 7:09 ` lists
2010-06-06 10:52 ` Thanasis
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.