Конечно не радостная новость, но может поможет благородному делу
Код:
System Log
Date/Time Facility Severity Message
Jan 1 00:00:16 user info kernel: IP: routing cache hash table of 512 buckets, 4Kbytes
Jan 1 00:00:16 user info kernel: TCP: Hash tables configured (established 512 bind 1024)
Jan 1 00:00:16 user warn kernel: ip_conntrack version 2.1 (61 buckets, 0 max) - 376 bytes per conntrack
Jan 1 00:00:16 user warn kernel: ip_tables: (C) 2000-2002 Netfilter core team
Jan 1 00:00:16 user info kernel: Initializing IPsec netlink socket
Jan 1 00:00:16 user info kernel: NET: Registered protocol family 1
Jan 1 00:00:16 user info kernel: NET: Registered protocol family 17
Jan 1 00:00:16 user info kernel: NET: Registered protocol family 15
Jan 1 00:00:16 user notice kernel: Ebtables v2.0 registered
Jan 1 00:00:16 user info kernel: NET: Registered protocol family 8
Jan 1 00:00:16 user info kernel: NET: Registered protocol family 20
Jan 1 00:00:16 user info kernel: 802.1Q VLAN Support v1.8 Ben Greear
Jan 1 00:00:16 user info kernel: All bugs added by David S. Miller
Jan 1 00:00:16 user warn kernel: VFS: Mounted root (squashfs filesystem) readonly.
Jan 1 00:00:16 user info kernel: Freeing unused kernel memory: 76k freed
Jan 1 00:00:16 user warn kernel: Algorithmics/MIPS FPU Emulator v1.5
Jan 1 00:00:16 user warn kernel: atmapi: module license 'Proprietary' taints kernel.
Jan 1 00:00:16 user warn kernel: adsl: adsl_init entry
Jan 1 00:00:16 user warn kernel: blaadd: blaa_detect entry
Jan 1 00:00:16 user info kernel: Broadcom BCMPROCFS v1.0 initialized
Jan 1 00:00:16 user warn kernel: Broadcom BCM6338A2 Ethernet Network Device v0.3 May 28 2008 12:22:14
Jan 1 00:00:16 user warn kernel: Config Internal PHY Through MDIO
Jan 1 00:00:16 user info kernel: BCM63xx_ENET: 100 MB Full-Duplex (auto-neg)
Jan 1 00:00:16 user warn kernel: eth0: MAC Address: 00:1C:F0:8E:E9:B4
Jan 1 00:00:16 user crit kernel: eth0 Link UP.
Jan 1 00:00:16 user warn kernel: BcmAdsl_Initialize=0xC00733F8, g_pFnNotifyCallback=0xC008BC64
Jan 1 00:00:16 user warn kernel: AnnexCParam=0x7FFF7EB8 AnnexAParam=0x00000980 adsl2=0x00000000
Jan 1 00:00:16 user warn kernel: pSdramPHY=0xA07FFFF8, 0x1B77D6 0xDEADBEEF
Jan 1 00:00:16 user warn kernel: AdslCoreHwReset: AdslOemDataAddr = 0xA07FD3D4
Jan 1 00:00:16 user warn kernel: AnnexCParam=0x7FFF7EB8 AnnexAParam=0x00000980 adsl2=0x00000000
Jan 1 00:00:16 user warn kernel: dgasp: kerSysRegisterDyingGaspHandler: dsl0 registered
Jan 1 00:00:16 user warn kernel: ATM proc init !!!
Jan 1 00:00:16 user crit kernel: ADSL G.994 training
Jan 1 00:00:16 user warn kernel: ip_conntrack_pptp version 2.1 loaded
Jan 1 00:00:16 user warn kernel: ip_nat_pptp version 2.0 loaded
Jan 1 00:00:16 user info kernel: device eth0 entered promiscuous mode
Jan 1 00:00:16 user info kernel: br0: port 1(eth0) entering learning state
Jan 1 00:00:16 user info kernel: br0: topology change detected, propagating
Jan 1 00:00:16 user info kernel: br0: port 1(eth0) entering forwarding state
Jan 1 00:00:16 user crit kernel: ADSL G.992 started
Jan 1 00:00:16 user info kernel: device nas_0_0_35 entered promiscuous mode
Jan 1 00:00:16 user info kernel: br0: port 2(nas_0_0_35) entering learning state
Jan 1 00:00:16 user info kernel: br0: topology change detected, propagating
Jan 1 00:00:16 user info kernel: br0: port 2(nas_0_0_35) entering forwarding state
Sep 4 10:05:54 user debug syslog: echo > /var/hosts
Sep 4 10:05:54 user crit kernel: ADSL G.992 channel analysis
Sep 4 10:05:54 user warn kernel:
Sep 4 10:05:54 user warn kernel: ioctl, p_name=diapd
Sep 4 10:05:55 user debug syslog: pppd plugin pppoe rp_pppoe_service WebStream nas_0_0_35 nodetach user '60793@256' password ********** interface_name 0_0_35_1 usepeerdns refuse-eap persist lcp-echo-interval 30 holdoff 3 lcp-echo-failure 3
Sep 4 10:05:58 user crit kernel: ADSL link up, interleaved, us=1120, ds=11552
Sep 4 10:05:58 user warn kernel: ATM Soft SAR: ATM link connected.
Sep 4 10:05:58 daemon info pppd[241]: Plugin pppoe loaded.
Sep 4 10:05:59 daemon info pppd[241]: RP-PPPoE plugin version 3.3 compiled against pppd 2.4.3
Sep 4 10:05:59 daemon info pppd[241]: Plugin pppoe called.
Sep 4 10:06:00 daemon notice pppd[241]: pppd 2.4.3 started by admin, uid 0
Sep 4 10:06:01 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 192.168.0.100 -p udp --dport 53 -j DNAT --to 128.9.0.107
Sep 4 10:06:40 daemon warn pppd[241]: Timeout waiting for PADO packets
Sep 4 10:06:40 daemon err pppd[241]: Unable to complete PPPoE Discovery
Sep 4 10:07:20 daemon warn pppd[241]: Timeout waiting for PADO packets
Sep 4 10:07:21 daemon err pppd[241]: Unable to complete PPPoE Discovery
Sep 4 10:08:00 daemon warn pppd[241]: Timeout waiting for PADO packets
Sep 4 10:08:01 daemon err pppd[241]: Unable to complete PPPoE Discovery
Sep 4 10:08:05 daemon info pppd[241]: PPP session is 2867
Sep 4 10:08:05 daemon info pppd[241]: Using interface ppp0_0_35_1
Sep 4 10:08:05 daemon notice pppd[241]: Connect: ppp_0_0_35_1 <--> nas_0_0_35
Sep 4 10:08:06 daemon warn pppd[241]: Couldn't increase MRU to 1500
Sep 4 10:08:06 daemon warn pppd[241]: Couldn't increase MRU to 1500
Sep 4 10:08:06 daemon notice pppd[241]: PAP authentication succeeded
Sep 4 10:08:06 daemon notice pppd[241]: peer from calling number 00:90:1A:42:B8:EF authorized
Sep 4 10:08:06 daemon notice pppd[241]: local IP address 92.125.124.60
Sep 4 10:08:06 daemon notice pppd[241]: remote IP address 213.228.116.68
Sep 4 10:08:06 daemon notice pppd[241]: primary DNS address 212.94.96.124
Sep 4 10:08:06 daemon notice pppd[241]: secondary DNS address 212.94.96.70
Sep 4 10:08:22 user debug syslog: route add default gw 213.228.116.68 2>/dev/null
Sep 4 10:08:24 user debug syslog: iptables -A FORWARD -o ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Sep 4 10:08:25 user debug syslog: iptables -A FORWARD -i ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Sep 4 10:08:25 user debug syslog: echo > /proc/net/ip_conntrack
Sep 4 10:08:26 user debug syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max
Sep 4 10:08:26 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 192.168.0.100 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null
Sep 4 10:08:26 user debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_35_1 -s 192.168.0.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Sep 4 10:08:26 user debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_35_1 -s 192.168.0.0/255.255.255.0 -j MASQUERADE
Sep 4 10:08:27 user debug syslog: kill -9 235
Sep 4 10:08:27 user debug syslog: echo > /var/hosts
Sep 4 10:08:31 user warn syslog: dns query failed
Sep 4 10:08:33 user debug syslog: iptables -I INPUT 1 -p tcp --dport 80 -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:08:33 user debug syslog: iptables -I INPUT 1 -p icmp --icmp-type echo-request -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:08:34 user debug syslog: iptables -I INPUT 1 -p udp --dport 161 -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:08:34 user debug syslog: iptables -I INPUT 1 -p tcp --dport 23 -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:08:36 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=92.125.109.1 DST=92.125.124.60 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=11572 DF PROTO=TCP SPT=3749 DPT=44131 WINDOW=65535 RES=0x00 SYN URGP=0
Sep 4 10:08:58 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=217.172.29.103 DST=92.125.124.60 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=12840 DF PROTO=TCP SPT=3642 DPT=44131 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 4 10:08:58 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=92.112.52.249 DST=92.125.124.60 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=24003 DF PROTO=TCP SPT=3282 DPT=44131 WINDOW=65535 RES=0x00 SYN URGP=0
Sep 4 10:08:59 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=91.124.127.147 DST=92.125.124.60 LEN=48 TOS=0x00 PREC=0x20 TTL=252 ID=60852 DF PROTO=TCP SPT=1960 DPT=44131 WINDOW=65535 RES=0x00 SYN URGP=0
Sep 4 10:09:00 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=81.208.31.216 DST=92.125.124.60 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=9094 DF PROTO=TCP SPT=5777 DPT=44131 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 4 10:09:06 user warn syslog: dns query failed
Sep 4 10:09:08 user warn syslog: dns query failed
Sep 4 10:09:10 user warn syslog: dns query failed
Sep 4 10:09:12 user warn syslog: dns query failed
Sep 4 10:09:14 user warn syslog: dns query failed
Sep 4 10:09:16 user warn syslog: dns query failed
Sep 4 10:09:48 user warn syslog: dns query failed
Sep 4 10:09:50 user warn syslog: dns query failed
Sep 4 10:09:52 user warn syslog: dns query failed
Sep 4 10:09:54 user warn syslog: dns query failed
Sep 4 10:09:56 user warn syslog: dns query failed
Sep 4 10:09:58 user warn syslog: dns query failed
Sep 4 10:10:10 daemon info pppd[241]: No response to 3 echo-requests
Sep 4 10:10:10 daemon notice pppd[241]: Serial link appears to be disconnected.
Sep 4 10:10:12 daemon info pppd[241]: Connect time 2.1 minutes.
Sep 4 10:10:12 daemon info pppd[241]: Sent 9099 bytes, received 18961 bytes.
Sep 4 10:10:12 daemon warn pppd[241]: Couldn't increase MRU to 1500
Sep 4 10:10:12 daemon notice pppd[241]: Connection terminated....
Sep 4 10:10:21 daemon info pppd[241]: Sent PADT
Sep 4 10:10:28 daemon info pppd[241]: Sent PADT
Sep 4 10:10:31 user warn syslog: dns query failed
Sep 4 10:10:33 user warn syslog: dns query failed
Sep 4 10:10:35 user warn syslog: dns query failed
Sep 4 10:10:37 user warn syslog: dns query failed
Sep 4 10:10:39 user warn syslog: dns query failed
Sep 4 10:10:41 user warn syslog: dns query failed
Sep 4 10:11:05 daemon warn pppd[241]: Timeout waiting for PADS packets
Sep 4 10:11:05 daemon err pppd[241]: Unable to complete PPPoE Discovery
Sep 4 10:11:09 daemon info pppd[241]: Sent PADT
Sep 4 10:11:14 user warn syslog: dns query failed
Sep 4 10:11:14 daemon info pppd[241]: Sent PADT
Sep 4 10:11:16 user warn syslog: dns query failed
Sep 4 10:11:18 user warn syslog: dns query failed
Sep 4 10:11:20 user warn syslog: dns query failed
Sep 4 10:11:22 user warn syslog: dns query failed
Sep 4 10:11:24 daemon info pppd[241]: Sent PADT
Sep 4 10:11:24 user warn syslog: dns query failed
Sep 4 10:11:44 daemon warn pppd[241]: Timeout waiting for PADO packets
Sep 4 10:11:44 daemon err pppd[241]: Unable to complete PPPoE Discovery
Sep 4 10:11:47 daemon info pppd[241]: Sent PADT
Sep 4 10:11:52 daemon info pppd[241]: Sent PADT
Sep 4 10:11:56 user warn syslog: dns query failed
Sep 4 10:11:58 user warn syslog: dns query failed
Sep 4 10:12:00 user warn syslog: dns query failed
Sep 4 10:12:02 daemon info pppd[241]: Sent PADT
Sep 4 10:12:02 user warn syslog: dns query failed
Sep 4 10:12:02 daemon info pppd[241]: PPP session is 3917
Sep 4 10:12:02 daemon info pppd[241]: Using interface ppp0_0_35_1
Sep 4 10:12:02 daemon notice pppd[241]: Connect: ppp_0_0_35_1 <--> nas_0_0_35
Sep 4 10:12:02 daemon warn pppd[241]: Couldn't increase MRU to 1500
Sep 4 10:12:04 user warn syslog: dns query failed
Sep 4 10:12:05 daemon warn pppd[241]: Couldn't increase MRU to 1500
Sep 4 10:12:05 daemon notice pppd[241]: PAP authentication succeeded
Sep 4 10:12:05 daemon notice pppd[241]: peer from calling number 00:90:1A:42:B8:EF authorized
Sep 4 10:12:06 user warn syslog: dns query failed
Sep 4 10:12:08 daemon notice pppd[241]: local IP address 92.125.120.166
Sep 4 10:12:08 daemon notice pppd[241]: remote IP address 213.228.116.68
Sep 4 10:12:08 daemon notice pppd[241]: primary DNS address 212.94.96.124
Sep 4 10:12:08 daemon notice pppd[241]: secondary DNS address 212.94.96.70
Sep 4 10:12:17 user debug syslog: route add default gw 213.228.116.68 2>/dev/null
Sep 4 10:12:21 user debug syslog: iptables -A FORWARD -o ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Sep 4 10:12:21 user debug syslog: iptables -A FORWARD -i ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Sep 4 10:12:23 user debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_35_1 -s 192.168.0.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Sep 4 10:12:23 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=92.243.164.2 DST=92.125.120.166 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=9321 DF PROTO=TCP SPT=61545 DPT=55907 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 4 10:12:23 user debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_35_1 -s 192.168.0.0/255.255.255.0 -j MASQUERADE
Sep 4 10:12:27 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=92.243.164.2 DST=92.125.120.166 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=9445 DF PROTO=TCP SPT=61545 DPT=55907 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 4 10:12:28 user debug syslog: iptables -I INPUT 1 -p tcp --dport 80 -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:12:31 user debug syslog: iptables -I INPUT 1 -p icmp --icmp-type echo-request -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:12:32 user debug syslog: iptables -I INPUT 1 -p udp --dport 161 -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:12:33 user debug syslog: iptables -I INPUT 1 -p tcp --dport 23 -i ppp_0_0_35_1 -j ACCEPT
Sep 4 10:13:23 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=86.111.230.242 DST=92.125.120.166 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=22646 DF PROTO=TCP SPT=64014 DPT=55907 WINDOW=8192 RES=0x00 SYN URGP=0
Sep 4 10:13:23 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=86.111.230.242 DST=92.125.120.166 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=22647 DF PROTO=TCP SPT=64104 DPT=55907 WINDOW=8192 RES=0x00 SYN URGP=0
Sep 4 10:13:25 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=75.9.34.16 DST=92.125.120.166 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=5397 DF PROTO=TCP SPT=1277 DPT=16694 WINDOW=65535 RES=0x00 SYN URGP=0
Sep 4 10:13:26 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=86.111.230.242 DST=92.125.120.166 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=22696 DF PROTO=TCP SPT=64014 DPT=55907 WINDOW=8192 RES=0x00 SYN URGP=0
Sep 4 10:13:26 user alert kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=86.111.230.242 DST=92.125.120.166 LEN=48 TOS=0x00 PREC=0x00 TTL=252 ID=22697 DF PROTO=TCP SPT=64104 DPT=55907 WINDOW=8192 RES=0x00 SYN URGP=0
Это скорее всего (полюбому) проблема у провайдера
Код:
Sep 4 10:11:05 daemon warn pppd[241]: Timeout waiting for PADS packets
Sep 4 10:11:05 daemon err pppd[241]: Unable to complete PPPoE Discovery
После восстановления сессии всё открывается и сейчас я с этой сессияй пишу данный пост, но 515PID весит спящий процесс зомби ip-down. Может это только мне повезло и у меня инет есть, у остальных нет (скорей всего так!) - не знаю... Но модем я сейчас обязательно перезагружу
---Добавка: Пост отправить не успел, в логах модема опять днс ошибки и вследствии
Код:
Sep 4 10:11:05 daemon warn pppd[241]: Timeout waiting for PADS packets
Sep 4 10:11:05 daemon err pppd[241]: Unable to complete PPPoE Discovery
Перезагрузил - отправляю
