Зарегистрирован: Вт июл 05, 2011 13:09 Сообщений: 198 Откуда: Almaty_KZ
|
Вот, получилось снять логи, интернета нет,(хотя судя по логу, должен быть). # logread Jan 1 00:00:24 (none) user.warn kernel: memory: 007a0000 @ 00000000 (usable) 84 Jan 1 00:00:24 (none) user.debug kernel: On node 0 totalpages: 1952 74 Jan 1 00:00:24 (none) user.debug kernel: DMA zone: 1952 pages, LIFO batch:1 84 Jan 1 00:00:24 (none) user.debug kernel: Normal zone: 0 pages, LIFO batch:1 84 Jan 1 00:00:24 (none) user.debug kernel: HighMem zone: 0 pages, LIFO batch:1 85 Jan 1 00:00:24 (none) user.warn kernel: Built 1 zonelists 64 Jan 1 00:00:24 (none) user.warn kernel: Kernel command line: root=31:0 ro noinitrd console=ttyS0,115200 110 Jan 1 00:00:24 (none) user.warn kernel: brcm mips: enabling icache and dcache... 87 Jan 1 00:00:24 (none) user.warn kernel: Primary instruction cache 16kB, physically tagged, 2-way, linesize 16 bytes. 123 Jan 1 00:00:24 (none) user.warn kernel: Primary data cache 8kB 2-way, linesize 16 bytes. 95 Jan 1 00:00:24 (none) user.warn kernel: PID hash table entries: 32 (order 5: 256 bytes) 94 Jan 1 00:00:24 (none) user.warn kernel: Using 120.000 MHz high precision timer. 86 Jan 1 00:00:24 (none) user.warn kernel: Dentry cache hash table entries: 2048 (order: 1, 8192 bytes) 107 Jan 1 00:00:24 (none) user.warn kernel: Inode-cache hash table entries: 1024 (order: 0, 4096 bytes) 106 Jan 1 00:00:24 (none) user.info kernel: Memory: 5820k/7808k available (1435k kernel code, 1968k reserved, 216k data, 68k init, 0k highmem) 145 Jan 1 00:00:24 (none) user.warn kernel: KLOB Pool 1 Initialized: 1048576 bytes <0x80600000 ... 0x80700000> 113 Jan 1 00:00:24 (none) user.warn kernel: Calibrating delay loop... 239.20 BogoMIPS 88 Jan 1 00:00:24 (none) user.warn kernel: Mount-cache hash table entries: 512 (order: 0, 4096 bytes) 105 Jan 1 00:00:24 (none) user.warn kernel: Checking for 'wait' instruction... unavailable. 95 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 16 81 Jan 1 00:00:24 (none) user.warn kernel: Total Flash size: 2048K with 512 sectors 87 Jan 1 00:00:24 (none) user.warn kernel: File system address: 0xbfc10100 78 Jan 1 00:00:24 (none) user.warn kernel: Blk# BlkOff Blks MemLen Partition Name 86 Jan 1 00:00:24 (none) user.warn kernel: 0 1408 1 1024 NVRAM 77 Jan 1 00:00:24 (none) user.warn kernel: 498 0 6 24576 Config 2 80 Jan 1 00:00:24 (none) user.warn kernel: 504 0 2 8192 Scratch PAD 83 Jan 1 00:00:24 (none) user.warn kernel: 506 0 6 24576 Config 1 80 Jan 1 00:00:24 (none) user.warn kernel: Can't analyze prologue code at 80175674 86 Jan 1 00:00:24 (none) user.info kernel: Initializing Cryptographic API 77 Jan 1 00:00:24 (none) user.info kernel: PPP generic driver version 2.4.2 79 Jan 1 00:00:24 (none) user.info kernel: PPP Deflate Compression module registered 88 Jan 1 00:00:24 (none) user.info kernel: PPP BSD Compression module registered 84 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 24 81 Jan 1 00:00:24 (none) user.warn kernel: Using noop io scheduler 70 Jan 1 00:00:24 (none) user.warn kernel: bcm963xx_mtd driver v1.0 71 Jan 1 00:00:24 (none) user.warn kernel: brcmboard: brcm_board_init entry 79 Jan 1 00:00:24 (none) user.info kernel: Serial: BCM63XX driver $Revision: 3.00 $ 87 Jan 1 00:00:24 (none) user.warn kernel: ttyS0 at MMIO 0xfffe0300 (irq = 10) is a BCM63XX 95 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 2 80 Jan 1 00:00:24 (none) user.info kernel: IP: routing cache hash table of 512 buckets, 4Kbytes 99 Jan 1 00:00:24 (none) user.info kernel: TCP: Hash tables configured (established 512 bind 1024) 102 Jan 1 00:00:24 (none) user.info kernel: Initializing IPsec netlink socket 80 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 1 80 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 17 81 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 15 81 Jan 1 00:00:24 (none) user.notice kernel: Ebtables v2.0 registered 73 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 8 80 Jan 1 00:00:24 (none) user.info kernel: NET: Registered protocol family 20 81 Jan 1 00:00:24 (none) user.info kernel: 802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com> 108 Jan 1 00:00:24 (none) user.info kernel: All bugs added by David S. Miller <davem@redhat.com> 99 Jan 1 00:00:24 (none) user.warn kernel: VFS: Mounted root (squashfs filesystem) readonly. 96 Jan 1 00:00:24 (none) user.info kernel: Freeing unused kernel memory: 68k freed 86 Jan 1 00:00:24 (none) user.warn kernel: Algorithmics/MIPS FPU Emulator v1.5 82 Jan 1 00:00:24 (none) user.warn kernel: atmapi: module license 'Proprietary' taints kernel. 98 Jan 1 00:00:24 (none) user.warn kernel: adsl: adsl_init entry 68 Jan 1 00:00:24 (none) user.warn kernel: blaadd: blaa_detect entry 72 Jan 1 00:00:24 (none) user.info kernel: Broadcom BCMPROCFS v1.0 initialized 82 Jan 1 00:00:24 (none) user.warn kernel: Broadcom BCM6338A2 Ethernet Network Device v0.3 Oct 22 2010 11:48:58 115 Jan 1 00:00:24 (none) user.warn kernel: Config PHY Switch Through MDIO Pseudo PHY Interface 98 Jan 1 00:00:24 (none) user.info kernel: BCM63xx_ENET: Auto-negotiation timed-out 87 Jan 1 00:00:24 (none) user.info kernel: BCM63xx_ENET: 10 MB Half-Duplex (assumed) 88 Jan 1 00:00:24 (none) user.warn kernel: ====>PAGE_MANAGEMENT=02, REG_DEV_ID=30, val32=00000000 101 Jan 1 00:00:24 (none) user.warn kernel: ethsw: found bcm5325e! 69 Jan 1 00:00:24 (none) user.warn kernel: eth0: MAC Address: 1C:AF:F7:B1:AE:62 83 Jan 1 00:00:24 (none) user.crit kernel: eth0 Link UP. 60 Jan 1 00:00:24 (none) user.warn kernel: BcmAdsl_Initialize=0xC00643E8, g_pFnNotifyCallback=0xC007EFE4 108 Jan 1 00:00:24 (none) user.warn kernel: AnnexCParam=0x7FFF7EA8 AnnexAParam=0x00003987 adsl2=0x00000003 109 Jan 1 00:00:24 (none) user.warn kernel: pSdramPHY=0xA07FFFF8, 0x97CFDCBF 0xAAA3ABE5 90 Jan 1 00:00:24 (none) user.warn kernel: AdslCoreHwReset: AdslOemDataAddr = 0xA07EF96C 93 Jan 1 00:00:24 (none) user.warn kernel: AnnexCParam=0x7FFF7EA8 AnnexAParam=0x00003987 adsl2=0x00000003 109 Jan 1 00:00:24 (none) user.warn kernel: dgasp: kerSysRegisterDyingGaspHandler: dsl0 registered 102 Jan 1 00:00:24 (none) user.warn kernel: ATM proc init !!! 64 Jan 1 00:00:24 (none) user.warn kernel: ip_tables: (C) 2000-2002 Netfilter core team 91 Jan 1 00:00:24 (none) user.warn kernel: ip_conntrack version 2.1 (61 buckets, 0 max) - 384 bytes per conntrack 117 Jan 1 00:00:24 (none) user.warn kernel: ip_conntrack_pptp version 2.1 loaded 83 Jan 1 00:00:24 (none) user.warn kernel: ip_nat_pptp version 2.0 loaded 77 Jan 1 00:00:24 (none) user.warn kernel: BRCM NAT Caching v1.0 Nov 20 2007 10:22:27 89 Jan 1 00:00:24 (none) user.warn kernel: BRCM NAT Cache: Hooking hit function @ c0061088 94 Jan 1 00:00:24 (none) user.warn kernel: ip_conntrack_rtsp v0.01 loading 78 Jan 1 00:00:24 (none) user.crit kernel: ADSL G.994 training 66 Jan 1 00:00:24 (none) user.warn kernel: ip_nat_rtsp v0.01 loading 72 Jan 1 00:00:24 (none) user.info kernel: device eth0 entered promiscuous mode 83 Jan 1 00:00:24 (none) user.info kernel: br0: port 1(eth0) entering learning state 88 Jan 1 00:00:24 (none) user.info kernel: br0: topology change detected, propagating 89 Jan 1 00:00:24 (none) user.info kernel: br0: port 1(eth0) entering forwarding state 90 Jan 1 00:00:24 (none) user.info kernel: s_0_0_40 entered promiscuous mode 80 Jan 1 00:00:24 (none) user.info kernel: br0: port 2(nas_0_0_40) entering learning state 94 Jan 1 00:00:24 (none) user.info kernel: br0: topology change detected, propagating 89 Jan 1 00:00:24 (none) user.info kernel: br0: port 2(nas_0_0_40) entering forwarding state 96 Jan 1 00:00:25 (none) user.debug syslog: brctl addbr pppbr 65 Jan 1 00:00:25 (none) user.debug syslog: brctl addif pppbr nas_0_0_40 76 Jan 1 00:00:26 (none) user.debug syslog: pppd keepalive 0 0 -c 0.0.40.1 -i nas_0_0_40 -u "apm2" -p ********** -f 0 -m 00901aa12b29/12ce & 146 Jan 1 00:00:28 (none) user.crit kernel: ADSL G.992 started 65 Jan 1 00:00:28 (none) daemon.notice pppd[300]: pppd 2.4.1 started by admin, uid 0 88 Jan 1 00:00:32 (none) user.crit kernel: ADSL G.992 channel analysis 74 Jan 1 00:00:38 (none) user.crit kernel: ADSL link up, interleaved, us=1019, ds=10079 91 Jan 1 00:00:38 (none) user.warn kernel: ATM Soft SAR: ATM link connected. 80 Jan 1 00:00:40 (none) user.debug syslog: iptables -t nat -A PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 128.9.0.107 142 Jan 1 00:00:41 (none) daemon.notice pppd[300]: PPP: Start to connect ... 80 Jan 1 00:00:42 (none) daemon.crit pppd[300]: PPP server detected. 73 Jan 1 00:00:42 (none) daemon.crit pppd[300]: PPP session established. 77 Jan 1 00:00:42 (none) daemon.crit pppd[300]: PPP LCP UP. 64 Jan 1 00:00:43 (none) daemon.crit pppd[300]: Received valid IP address from server. Connection UP. 107 Jan 1 00:00:44 (none) user.debug syslog: route add default gw 92.46.31.34 2>/dev/null 92 Jan 1 00:00:44 (none) user.debug syslog: route add -net 192.168.4.0 netmask 255.255.255.248 metric 1 gw 192.168.5.1 dev br0 2>/dev/null 142 Jan 1 00:00:44 (none) user.debug syslog: route add -net 192.168.2.0 netmask 255.255.255.224 metric 1 gw 192.168.5.1 2>/dev/null 134 Jan 1 00:00:45 (none) user.debug syslog: iptables -A FORWARD -o ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144 Jan 1 00:00:45 (none) user.debug syslog: iptables -A FORWARD -i ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144 Jan 1 00:00:45 (none) user.debug syslog: echo > /proc/net/ip_conntrack 77 Jan 1 00:00:45 (none) user.debug syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max 97 Jan 1 00:00:45 (none) user.debug syslog: iptables -t nat -D PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null 154 Jan 1 00:00:45 (none) user.debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 2>/dev/null 151 Jan 1 00:00:45 (none) user.debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 139 Jan 1 00:00:45 (none) user.debug syslog: iptables -t nat -D PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 95.56.237.24 2>/dev/null 155 Jan 1 00:00:45 (none) user.debug syslog: iptables -t nat -A PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 95.56.237.24 143 Jan 1 00:00:45 (none) user.debug syslog: /bin/dnsprobe & 63 Mar 3 12:32:23 (none) user.notice dnsprobe[688]: dnsprobe started! 74 Mar 3 12:32:24 (none) user.debug syslog: iptables -I INPUT 1 -p tcp --dport 80 -i ppp_0_0_40_1 -j ACCEPT 111 Mar 3 12:32:24 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 114 Mar 3 12:32:24 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 116 Mar 3 12:32:24 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.3/29 --dport 30006 132 Mar 3 12:32:24 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.3/29 --dport 30006 134 Mar 3 12:32:28 (none) user.debug syslog: ifconfig ppp_0_0_40_1 mtu 1492 78 Mar 3 12:32:32 (none) daemon.err user: tr69c: Unable to retrieve attributes in scratch PAD 97 Mar 3 12:32:32 (none) daemon.err user: Stored Parameter Attribute data is corrupt or missing 99 Mar 3 12:33:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=85.167.184.248 DST=95.56.155.62 LEN=60 TOS=0x04 PREC=0x00 TTL=46 ID=22916 DF PROTO=TCP SPT=19848 DPT=14231 WINDOW=64240 RES=0x00 SYN URGP=0 231 Mar 3 12:33:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.34.126.30 DST=95.56.155.62 LEN=52 TOS=0x04 PREC=0x00 TTL=108 ID=27284 DF PROTO=TCP SPT=52121 DPT=443 WINDOW=8192 RES=0x00 SYN URGP=0 227 Mar 3 12:33:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.34.126.30 DST=95.56.155.62 LEN=52 TOS=0x04 PREC=0x00 TTL=108 ID=27288 DF PROTO=TCP SPT=52121 DPT=443 WINDOW=8192 RES=0x00 SYN URGP=0 227 Mar 3 12:33:28 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.34.126.30 DST=95.56.155.62 LEN=48 TOS=0x04 PREC=0x00 TTL=108 ID=27292 DF PROTO=TCP SPT=52121 DPT=443 WINDOW=8192 RES=0x00 SYN URGP=0 227 Mar 3 12:33:29 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=178.45.147.5 DST=95.56.155.62 LEN=48 TOS=0x04 PREC=0x00 TTL=113 ID=48586 DF PROTO=TCP SPT=4516 DPT=63227 WINDOW=65535 RES=0x00 SYN URGP=0 229 Mar 3 12:43:28 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=94.242.167.208 DST=95.56.155.62 LEN=48 TOS=0x04 PREC=0x00 TTL=111 ID=20170 DF PROTO=TCP SPT=57450 DPT=58540 WINDOW=8192 RES=0x00 SYN URGP=0 231 Mar 3 12:53:28 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=89.254.239.45 DST=95.56.155.62 LEN=48 TOS=0x04 PREC=0x00 TTL=113 ID=43383 DF PROTO=TCP SPT=4595 DPT=58540 WINDOW=64240 RES=0x00 SYN URGP=0 230 Mar 3 13:03:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=2.94.103.47 DST=95.56.155.62 LEN=48 TOS=0x04 PREC=0x00 TTL=53 ID=22448 DF PROTO=TCP SPT=55296 DPT=58540 WINDOW=8192 RES=0x00 SYN URGP=0 227 Mar 3 13:13:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=46.175.160.49 DST=95.56.155.62 LEN=60 TOS=0x04 PREC=0x00 TTL=111 ID=17655 DF PROTO=TCP SPT=20047 DPT=58540 WINDOW=8192 RES=0x00 SYN URGP=0 230 Mar 3 13:23:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=217.150.61.161 DST=95.56.155.62 LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=2047 DF PROTO=TCP SPT=49449 DPT=58540 WINDOW=8192 RES=0x00 SYN URGP=0 230 Mar 3 13:32:01 (none) syslog.info -- MARK -- 51 Mar 3 13:33:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=217.9.94.187 DST=95.56.155.62 LEN=52 TOS=0x04 PREC=0x00 TTL=117 ID=2348 DF PROTO=TCP SPT=50004 DPT=58540 WINDOW=8192 RES=0x00 SYN URGP=0 228 Mar 3 13:43:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=84.237.20.146 DST=95.56.155.62 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=4575 DF PROTO=TCP SPT=55037 DPT=58540 WINDOW=8192 RES=0x00 SYN URGP=0 229 Mar 3 13:53:28 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=78.30.230.232 DST=95.56.155.62 LEN=52 TOS=0x04 PREC=0x00 TTL=113 ID=22220 DF PROTO=TCP SPT=50882 DPT=58540 WINDOW=8192 RES=0x00 SYN URGP=0 230 Mar 3 14:00:20 (none) daemon.crit pppd[300]: Clear IP addresses. Connection DOWN. 90 Mar 3 14:00:20 (none) daemon.crit pppd[300]: Clear IP addresses. PPP connection DOWN. 94 Mar 3 14:00:28 (none) daemon.notice pppd[300]: PPP: Start to connect ... 80 Mar 3 14:00:33 (none) daemon.crit pppd[300]: PPP server detected. 73 Mar 3 14:00:33 (none) daemon.crit pppd[300]: PPP session established. 77 Mar 3 14:00:37 (none) daemon.crit pppd[300]: PPP LCP UP. 64 Mar 3 14:00:43 (none) daemon.crit pppd[300]: Received valid IP address from server. Connection UP. 107 Mar 3 14:02:34 (none) user.warn dnsprobe[688]: dns query failed 72 Mar 3 14:02:36 (none) user.warn dnsprobe[688]: dns query failed 72 Mar 3 14:02:38 (none) user.warn dnsprobe[688]: dns query failed 72 Mar 3 14:02:39 (none) user.notice dnsprobe[688]: Primary DNS server Is Down... Switching To Secondary DNS server 121 Mar 3 14:03:28 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=178.184.118.191 DST=95.56.17.34 LEN=52 TOS=0x04 PREC=0x00 TTL=111 ID=10970 DF PROTO=TCP SPT=61500 DPT=25882 WINDOW=8192 RES=0x00 SYN URGP=0 231 Mar 3 14:07:24 (none) user.crit kernel: eth0 Link DOWN. 62 Mar 3 14:07:24 (none) user.info kernel: br0: port 1(eth0) entering disabled state 88 Mar 3 14:07:25 (none) user.crit kernel: eth0 Link UP. 60 Mar 3 14:07:25 (none) user.info kernel: br0: port 1(eth0) entering learning state 88 Mar 3 14:07:25 (none) user.info kernel: br0: topology change detected, propagating 89 Mar 3 14:07:25 (none) user.info kernel: br0: port 1(eth0) entering forwarding state 90 >reboot (через консоль) Перезапуск, и интернет есть. Jan 1 00:00:20 (none) syslog.emerg BCM96345 started: BusyBox v1.00 (2010.10.22-03:56+0000) 98 Jan 1 00:00:20 (none) user.notice kernel: klogd started: BusyBox v1.00 (2010.10.22-03:56+0000) 101 Jan 1 00:00:20 (none) user.warn kernel: Linux version 2.6.8.1 (root@root.localdomain) (gcc version 3.4.2) #5 Fri Oct 22 12:37:23 CST 2010 144 Jan 1 00:00:20 (none) user.warn kernel: Serial flash device: name NXW25P16, id 0xef14, size 2048KB 105 Jan 1 00:00:20 (none) user.warn kernel: 96332AG2 prom init 65 Jan 1 00:00:20 (none) user.warn kernel: CPU revision is: 00029010 72 Jan 1 00:00:20 (none) user.warn kernel: Determined physical RAM map: 75 Jan 1 00:00:20 (none) user.warn kernel: memory: 007a0000 @ 00000000 (usable) 84 Jan 1 00:00:20 (none) user.debug kernel: On node 0 totalpages: 1952 74 Jan 1 00:00:20 (none) user.debug kernel: DMA zone: 1952 pages, LIFO batch:1 84 Jan 1 00:00:20 (none) user.debug kernel: Normal zone: 0 pages, LIFO batch:1 84 Jan 1 00:00:20 (none) user.debug kernel: HighMem zone: 0 pages, LIFO batch:1 85 Jan 1 00:00:20 (none) user.warn kernel: Built 1 zonelists 64 Jan 1 00:00:20 (none) user.warn kernel: Kernel command line: root=31:0 ro noinitrd console=ttyS0,115200 110 Jan 1 00:00:20 (none) user.warn kernel: brcm mips: enabling icache and dcache... 87 Jan 1 00:00:20 (none) user.warn kernel: Primary instruction cache 16kB, physically tagged, 2-way, linesize 16 bytes. 123 Jan 1 00:00:20 (none) user.warn kernel: Primary data cache 8kB 2-way, linesize 16 bytes. 95 Jan 1 00:00:20 (none) user.warn kernel: PID hash table entries: 32 (order 5: 256 bytes) 94 Jan 1 00:00:20 (none) user.warn kernel: Using 120.000 MHz high precision timer. 86 Jan 1 00:00:20 (none) user.warn kernel: Dentry cache hash table entries: 2048 (order: 1, 8192 bytes) 107 Jan 1 00:00:20 (none) user.warn kernel: Inode-cache hash table entries: 1024 (order: 0, 4096 bytes) 106 Jan 1 00:00:20 (none) user.info kernel: Memory: 5820k/7808k available (1435k kernel code, 1968k reserved, 216k data, 68k init, 0k highmem) 145 Jan 1 00:00:20 (none) user.warn kernel: KLOB Pool 1 Initialized: 1048576 bytes <0x80600000 ... 0x80700000> 113 Jan 1 00:00:20 (none) user.warn kernel: Calibrating delay loop... 239.20 BogoMIPS 88 Jan 1 00:00:20 (none) user.warn kernel: Mount-cache hash table entries: 512 (order: 0, 4096 bytes) 105 Jan 1 00:00:20 (none) user.warn kernel: Checking for 'wait' instruction... unavailable. 95 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 16 81 Jan 1 00:00:20 (none) user.warn kernel: Total Flash size: 2048K with 512 sectors 87 Jan 1 00:00:20 (none) user.warn kernel: File system address: 0xbfc10100 78 Jan 1 00:00:20 (none) user.warn kernel: Blk# BlkOff Blks MemLen Partition Name 86 Jan 1 00:00:20 (none) user.warn kernel: 0 1408 1 1024 NVRAM 77 Jan 1 00:00:20 (none) user.warn kernel: 498 0 6 24576 Config 2 80 Jan 1 00:00:20 (none) user.warn kernel: 504 0 2 8192 Scratch PAD 83 Jan 1 00:00:20 (none) user.warn kernel: 506 0 6 24576 Config 1 80 Jan 1 00:00:20 (none) user.warn kernel: Can't analyze prologue code at 80175674 86 Jan 1 00:00:20 (none) user.info kernel: Initializing Cryptographic API 77 Jan 1 00:00:20 (none) user.info kernel: PPP generic driver version 2.4.2 79 Jan 1 00:00:20 (none) user.info kernel: PPP Deflate Compression module registered 88 Jan 1 00:00:20 (none) user.info kernel: PPP BSD Compression module registered 84 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 24 81 Jan 1 00:00:20 (none) user.warn kernel: Using noop io scheduler 70 Jan 1 00:00:20 (none) user.warn kernel: bcm963xx_mtd driver v1.0 71 Jan 1 00:00:20 (none) user.warn kernel: brcmboard: brcm_board_init entry 79 Jan 1 00:00:20 (none) user.info kernel: Serial: BCM63XX driver $Revision: 3.00 $ 87 Jan 1 00:00:20 (none) user.warn kernel: ttyS0 at MMIO 0xfffe0300 (irq = 10) is a BCM63XX 95 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 2 80 Jan 1 00:00:20 (none) user.info kernel: IP: routing cache hash table of 512 buckets, 4Kbytes 99 Jan 1 00:00:20 (none) user.info kernel: TCP: Hash tables configured (established 512 bind 1024) 102 Jan 1 00:00:20 (none) user.info kernel: Initializing IPsec netlink socket 80 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 1 80 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 17 81 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 15 81 Jan 1 00:00:20 (none) user.notice kernel: Ebtables v2.0 registered 73 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 8 80 Jan 1 00:00:20 (none) user.info kernel: NET: Registered protocol family 20 81 Jan 1 00:00:20 (none) user.info kernel: 802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com> 108 Jan 1 00:00:20 (none) user.info kernel: All bugs added by David S. Miller <davem@redhat.com> 99 Jan 1 00:00:20 (none) user.warn kernel: VFS: Mounted root (squashfs filesystem) readonly. 96 Jan 1 00:00:20 (none) user.info kernel: Freeing unused kernel memory: 68k freed 86 Jan 1 00:00:20 (none) user.warn kernel: Algorithmics/MIPS FPU Emulator v1.5 82 Jan 1 00:00:20 (none) user.warn kernel: atmapi: module license 'Proprietary' taints kernel. 98 Jan 1 00:00:20 (none) user.warn kernel: adsl: adsl_init entry 68 Jan 1 00:00:20 (none) user.warn kernel: blaadd: blaa_detect entry 72 Jan 1 00:00:20 (none) user.info kernel: Broadcom BCMPROCFS v1.0 initialized 82 Jan 1 00:00:20 (none) user.warn kernel: Broadcom BCM6338A2 Ethernet Network Device v0.3 Oct 22 2010 11:48:58 115 Jan 1 00:00:20 (none) user.warn kernel: Config PHY Switch Through MDIO Pseudo PHY Interface 98 Jan 1 00:00:20 (none) user.info kernel: BCM63xx_ENET: 100 MB Full-Duplex (auto-neg) 90 Jan 1 00:00:20 (none) user.warn kernel: ====>PAGE_MANAGEMENT=02, REG_DEV_ID=30, val32=00000000 101 Jan 1 00:00:20 (none) user.warn kernel: ethsw: found bcm5325e! 69 Jan 1 00:00:20 (none) user.warn kernel: eth0: MAC Address: 1C:AF:F7:B1:AE:62 83 Jan 1 00:00:20 (none) user.warn kernel: BcmAdsl_Initialize=0xC00643E8, g_pFnNotifyCallback=0xC007EFE4 108 Jan 1 00:00:20 (none) user.warn kernel: AnnexCParam=0x7FFF7EA8 AnnexAParam=0x00003987 adsl2=0x00000003 109 Jan 1 00:00:20 (none) user.crit kernel: eth0 Link UP. 60 Jan 1 00:00:20 (none) user.warn kernel: pSdramPHY=0xA07FFFF8, 0x1B7781 0xDEADBEEF 88 Jan 1 00:00:20 (none) user.warn kernel: AdslCoreHwReset: AdslOemDataAddr = 0xA07EF96C 93 Jan 1 00:00:20 (none) user.warn kernel: AnnexCParam=0x7FFF7EA8 AnnexAParam=0x00003987 adsl2=0x00000003 109 Jan 1 00:00:20 (none) user.warn kernel: dgasp: kerSysRegisterDyingGaspHandler: dsl0 registered 102 Jan 1 00:00:20 (none) user.warn kernel: ATM proc init !!! 64 Jan 1 00:00:20 (none) user.warn kernel: ip_tables: (C) 2000-2002 Netfilter core team 91 Jan 1 00:00:20 (none) user.warn kernel: ip_conntrack version 2.1 (61 buckets, 0 max) - 384 bytes per conntrack 117 Jan 1 00:00:20 (none) user.warn kernel: ip_conntrack_pptp version 2.1 loaded 83 Jan 1 00:00:20 (none) user.crit kernel: ADSL G.994 training 66 Jan 1 00:00:20 (none) user.warn kernel: ip_nat_pptp version 2.0 loaded 77 Jan 1 00:00:20 (none) user.warn kernel: BRCM NAT Caching v1.0 Nov 20 2007 10:22:27 89 Jan 1 00:00:20 (none) user.warn kernel: BRCM NAT Cache: Hooking hit function @ c0061088 94 Jan 1 00:00:20 (none) user.warn kernel: ip_conntrack_rtsp v0.01 loading 78 Jan 1 00:00:20 (none) user.warn kernel: ip_nat_rtsp v0.01 loading 72 Jan 1 00:00:20 (none) user.info kernel: device eth0 entered promiscuous mode 83 Jan 1 00:00:20 (none) user.info kernel: br0: port 1(eth0) entering learning state 88 Jan 1 00:00:20 (none) user.info kernel: br0: topology change detected, propagating 89 Jan 1 00:00:20 (none) user.info kernel: br0: port 1(eth0) entering forwarding state 90 Jan 1 00:00:20 (none) user.info kernel: device nas_0_0_40 entered promiscuous mode 89 Jan 1 00:00:20 (none) user.info kernel: rt 2(nas_0_0_40) entering learning state 87 Jan 1 00:00:20 (none) user.info kernel: br0: topology change detected, propagating 89 Jan 1 00:00:20 (none) user.info kernel: br0: port 2(nas_0_0_40) entering forwarding state 96 Jan 1 00:00:20 (none) user.debug syslog: ddnsd /var/ddnsd.cfg /var/ddnsd.cache & 87 Jan 1 00:00:20 (none) user.debug syslog: sntp -s clock.fmt.he.net -s time.nist.gov -t "Almaty, Novosibirsk" & 116 Jan 1 00:00:21 (none) user.debug syslog: brctl addbr pppbr 65 Jan 1 00:00:21 (none) user.debug syslog: brctl addif pppbr nas_0_0_40 76 Jan 1 00:00:22 (none) user.debug syslog: pppd keepalive 0 0 -c 0.0.40.1 -i nas_0_0_40 -u "apm2" -p ********** -f 0 -m 00901aa12b29/1ddf & 146 Jan 1 00:00:22 (none) user.crit kernel: ADSL G.992 started 65 Jan 1 00:00:23 (none) daemon.notice pppd[300]: pppd 2.4.1 started by admin, uid 0 88 Jan 1 00:00:26 (none) user.crit kernel: ADSL G.992 channel analysis 74 Jan 1 00:00:32 (none) user.crit kernel: ADSL G.992 message exchange 74 Jan 1 00:00:33 (none) user.crit kernel: ADSL link up, interleaved, us=1023, ds=10079 91 Jan 1 00:00:33 (none) user.warn kernel: ATM Soft SAR: ATM link connected. 80 Jan 1 00:00:34 (none) user.debug syslog: iptables -t nat -A PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 128.9.0.107 142 Jan 1 00:00:35 (none) daemon.notice pppd[300]: PPP: Start to connect ... 80 Jan 1 00:00:38 (none) daemon.crit pppd[300]: PPP server detected. 73 Jan 1 00:00:38 (none) daemon.crit pppd[300]: PPP session established. 77 Jan 1 00:00:38 (none) daemon.crit pppd[300]: PPP LCP UP. 64 Jan 1 00:00:39 (none) daemon.crit pppd[300]: Received valid IP address from server. Connection UP. 107 Jan 1 00:00:39 (none) user.debug syslog: route add default gw 92.46.31.34 2>/dev/null 92 Jan 1 00:00:40 (none) user.debug syslog: route add -net 192.168.4.0 netmask 255.255.255.248 metric 1 gw 192.168.5.1 dev br0 2>/dev/null 142 Jan 1 00:00:40 (none) user.debug syslog: route add -net 192.168.2.0 netmask 255.255.255.224 metric 1 gw 192.168.5.1 2>/dev/null 134 Jan 1 00:00:40 (none) user.debug syslog: iptables -A FORWARD -o ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144 Jan 1 00:00:40 (none) user.debug syslog: iptables -A FORWARD -i ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144 Jan 1 00:00:40 (none) user.debug syslog: echo > /proc/net/ip_conntrack 77 Jan 1 00:00:40 (none) user.debug syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max 97 Jan 1 00:00:40 (none) user.debug syslog: iptables -t nat -D PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null 154 Jan 1 00:00:40 (none) user.debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 2>/dev/null 151 Jan 1 00:00:40 (none) user.debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 139 Jan 1 00:00:41 (none) user.debug syslog: iptables -t nat -D PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 95.56.237.24 2>/dev/null 155 Jan 1 00:00:41 (none) user.debug syslog: iptables -t nat -A PREROUTING -i br0 -d 192.168.5.3 -p udp --dport 53 -j DNAT --to 95.56.237.24 143 Jan 1 00:00:41 (none) user.debug syslog: /bin/dnsprobe & 63 Mar 3 14:14:45 (none) user.notice dnsprobe[685]: dnsprobe started! 74 Mar 3 14:14:46 (none) user.debug syslog: iptables -I INPUT 1 -p tcp --dport 80 -i ppp_0_0_40_1 -j ACCEPT 111 Mar 3 14:14:46 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 114 Mar 3 14:14:46 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 116 Mar 3 14:14:47 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.3/29 --dport 30006 132 Mar 3 14:14:47 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.3/29 --dport 30006 134 Mar 3 14:14:53 (none) user.debug syslog: ifconfig ppp_0_0_40_1 mtu 1492 78 Mar 3 14:14:58 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=178.203.158.70 DST=95.56.46.28 LEN=64 TOS=0x04 PREC=0x00 TTL=51 ID=43243 DF PROTO=TCP SPT=49287 DPT=14231 WINDOW=65535 RES=0x00 SYN URGP=0 230 Mar 3 14:15:00 (none) daemon.err user: tr69c: Unable to retrieve attributes in scratch PAD 97 Mar 3 14:15:00 (none) daemon.err user: Stored Parameter Attribute data is corrupt or missing 99 Mar 3 14:15:01 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=90.132.90.152 DST=95.56.46.28 LEN=60 TOS=0x04 PREC=0x00 TTL=44 ID=34626 DF PROTO=TCP SPT=53775 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0 226 Mar 3 14:15:26 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=46.242.106.211 DST=95.56.46.28 LEN=52 TOS=0x04 PREC=0x00 TTL=116 ID=15769 DF PROTO=TCP SPT=2265 DPT=10591 WINDOW=8192 RES=0x00 SYN URGP=0 229 Mar 3 14:15:27 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=46.242.106.211 DST=95.56.46.28 LEN=52 TOS=0x04 PREC=0x00 TTL=116 ID=15773 DF PROTO=TCP SPT=2265 DPT=10591 WINDOW=8192 RES=0x00 SYN URGP=0 229 Mar 3 14:15:28 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=46.242.106.211 DST=95.56.46.28 LEN=48 TOS=0x04 PREC=0x00 TTL=116 ID=15774 DF PROTO=TCP SPT=2265 DPT=10591 WINDOW=8192 RES=0x00 SYN URGP=0 229
_________________ knock-knock
|
|