D-Link • Просмотр темы - 2540U - обрывается соединение каждые 10-20 минут

Сообщения без ответов | Активные темы

Список форумов » ADSL и последняя миля

Часовой пояс: UTC + 3 часа

2540U - обрывается соединение каждые 10-20 минут

Модераторы: Sergei Asmankin, Sergik, Vladimir Degtyarev, Davydov Denis

Страница 1 из 1

[ Сообщений: 7 ]

Предыдущая тема | Следующая тема

Автор

Сообщение

vryabko

Заголовок сообщения: 2540U - обрывается соединение каждые 10-20 минут

Добавлено: Пт окт 23, 2009 13:21

Зарегистрирован: Пт окт 23, 2009 09:26
Сообщений: 10
Откуда: Almaty

С месяц назад появилась проблема - каждые 10-20 минут обрывается связь. Иногда восстанавливается, иногда не восстанавливается пока не перегрузишь модем. Внутри было 2 сгоревших конденсатора, замена не помогла.
Специалисты провайдера приходили много раз, проблему решить не смогли.
Модем
2540U
P/N ISL2540UBRU0.A1G
H/W Version A1
F/w RU_DSL-2540U_3-06-04-3B00.A2pB023g2.d19b
Bootloader (CFE) Version: 1.0.37-6.5
Mode: G.DMT
Type: Interleave
Line Coding: Trellis On
Status: No Defect
Link Power State: L0

Downstream Upstream
SNR Margin (dB): 33.0 26.0
Attenuation (dB): 6.0 3.5
Output Power (dBm): 12.5 8.6
Attainable Rate (Kbps): 11904 1248
Rate (Kbps): 512 512

Вот лог, может что-то прояснится..
Date/Time Facility Severity Message
Jan 1 00:00:36 user debug syslog: upnp -L br0 -W ppp_0_40_1 -D
Jan 1 00:00:36 user notice dnsprobe[743]: dnsprobe started!
Jan 1 00:00:36 user debug syslog: iptables -t filter -I OUTPUT -o ppp_0_40_1 -d 239.255.255.250 -j DROP 2>/dev/null
Jan 1 00:00:38 user debug syslog: iptables -D INPUT -i ppp_0_40_1 -j DROP
Jan 1 00:00:38 user debug syslog: iptables -A INPUT -i ppp_0_40_1 -j DROP
Oct 23 16:30:14 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=95.104.6.123 DST=95.56.32.197 LEN=64 TOS=0x04 PREC=0x00 TTL=25 ID=30163 DF PROTO=TCP SPT=3976 DPT=445 WINDOW=53760 RES=0x00 SYN URGP=0
Oct 23 16:30:16 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=95.104.6.123 DST=95.56.32.197 LEN=64 TOS=0x04 PREC=0x00 TTL=25 ID=30998 DF PROTO=TCP SPT=3976 DPT=445 WINDOW=53760 RES=0x00 SYN URGP=0
Oct 23 16:30:23 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=95.56.47.7 DST=95.56.32.197 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=50834 DF PROTO=TCP SPT=1058 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:32:33 user debug igmp[1298]: iptables -t filter -I FORWARD 1 -i br0 -d 224.0.0.22 -j DROP 2>/dev/null
Oct 23 16:32:34 user debug igmp[1300]: iptables -t filter -D FORWARD -i br0 -d 224.0.0.22 -j ACCEPT 2>/dev/null
Oct 23 16:34:08 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=89.218.31.110 DST=95.56.32.197 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=14099 DF PROTO=TCP SPT=1630 DPT=445 WINDOW=64170 RES=0x00 SYN URGP=0
Oct 23 16:34:11 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=89.218.31.110 DST=95.56.32.197 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=14131 DF PROTO=TCP SPT=1630 DPT=445 WINDOW=64170 RES=0x00 SYN URGP=0
Oct 23 16:38:03 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=190.244.98.153 DST=95.56.32.197 LEN=48 TOS=0x04 PREC=0x00 TTL=104 ID=54670 DF PROTO=TCP SPT=1318 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:38:06 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=190.244.98.153 DST=95.56.32.197 LEN=48 TOS=0x04 PREC=0x00 TTL=104 ID=56221 DF PROTO=TCP SPT=1318 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:38:12 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=190.244.98.153 DST=95.56.32.197 LEN=48 TOS=0x04 PREC=0x00 TTL=104 ID=60096 DF PROTO=TCP SPT=1318 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:44:55 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=92.47.81.103 DST=95.56.32.197 LEN=48 TOS=0x04 PREC=0x00 TTL=121 ID=1446 DF PROTO=TCP SPT=1610 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:55:32 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=95.56.18.248 DST=95.56.32.197 LEN=48 TOS=0x00 PREC=0x00 TTL=126 ID=1461 DF PROTO=TCP SPT=1367 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:55:55 user warn dnsprobe[743]: dns query failed
Oct 23 16:55:56 user crit kernel: ADSL link down
Oct 23 16:55:57 user warn dnsprobe[743]: dns query failed
Oct 23 16:55:58 daemon crit pppd[311]: Clear IP addresses. Connection DOWN.
Oct 23 16:55:58 daemon crit pppd[311]: Clear IP addresses. PPP connection DOWN.
Oct 23 16:55:59 user warn dnsprobe[743]: dns query failed
Oct 23 16:55:59 user notice dnsprobe[743]: Primary DNS server Is Down... Switching To Secondary DNS server
Oct 23 16:55:59 user crit kernel: ADSL G.994 training
Oct 23 16:56:15 user crit kernel: ADSL G.992 started
Oct 23 16:56:18 user crit kernel: ADSL G.992 channel analysis
Oct 23 16:56:23 user crit kernel: ADSL G.992 message exchange
Oct 23 16:56:24 user crit kernel: ADSL link up, interleaved, us=512, ds=512
Oct 23 16:56:25 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107
Oct 23 16:56:25 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 16:56:26 daemon crit pppd[311]: PPP server detected.
Oct 23 16:56:29 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 16:56:29 daemon crit pppd[311]: PPP server detected.
Oct 23 16:56:29 daemon crit pppd[311]: PPP session established.
Oct 23 16:56:32 user warn dnsprobe[743]: dns query failed
Oct 23 16:56:34 user warn dnsprobe[743]: dns query failed
Oct 23 16:56:36 user warn dnsprobe[743]: dns query failed
Oct 23 16:56:41 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 16:56:41 daemon crit pppd[311]: PPP server detected.
Oct 23 16:56:44 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 16:56:44 daemon crit pppd[311]: PPP server detected.
Oct 23 16:56:47 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 16:56:47 daemon crit pppd[311]: PPP server detected.
Oct 23 16:56:47 daemon crit pppd[311]: PPP session established.
Oct 23 16:56:48 daemon crit pppd[311]: PPP LCP UP.
Oct 23 16:56:48 daemon crit pppd[311]: Received valid IP address from server. Connection UP.
Oct 23 16:56:48 user debug syslog: route add default gw 92.46.31.32 2>/dev/null
Oct 23 16:56:48 user debug syslog: iptables -A FORWARD -o ppp_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Oct 23 16:56:49 user debug syslog: iptables -A FORWARD -i ppp_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Oct 23 16:56:49 user debug syslog: echo > /proc/net/ip_conntrack
Oct 23 16:56:49 user debug syslog: echo "512" > /proc/sys/net/ipv4/ip_conntrack_max
Oct 23 16:56:49 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null
Oct 23 16:56:49 user debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Oct 23 16:56:49 user debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE
Oct 23 16:56:49 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 208.67.220.220 2>/dev/null
Oct 23 16:56:49 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 208.67.220.220
Oct 23 16:56:50 user debug syslog: iptables -D INPUT -i ppp_0_40_1 -j DROP
Oct 23 16:56:50 user debug syslog: iptables -A INPUT -i ppp_0_40_1 -j DROP
Oct 23 16:57:07 user notice dnsprobe[743]: Switching Back To Primary DNS server
Oct 23 16:57:54 user warn kernel: AdslCoreEcUpdTmr: timeMs=1800025 ecUpdMask=0x40000
Oct 23 16:58:08 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=94.75.157.226 DST=92.47.208.194 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=53085 DF PROTO=TCP SPT=3320 DPT=43535 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:58:12 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=94.75.157.226 DST=92.47.208.194 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=53526 DF PROTO=TCP SPT=3320 DPT=43535 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 16:58:17 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=94.75.157.226 DST=92.47.208.194 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=54214 DF PROTO=TCP SPT=3320 DPT=43535 WINDOW=65535 RES=0x00 SYN URGP=0
Oct 23 17:00:33 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=92.47.185.27 DST=92.47.208.194 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=39771 DF PROTO=TCP SPT=4326 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 23 17:00:36 user alert kernel: Intrusion -> IN=ppp_0_40_1 OUT= MAC= SRC=92.47.185.27 DST=92.47.208.194 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=40060 DF PROTO=TCP SPT=4326 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0

А вот когда соединение не восстанавливается
Date/Time Facility Severity Message
Oct 23 17:10:03 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107
Oct 23 17:10:05 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:05 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:08 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:08 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:08 daemon crit pppd[311]: PPP session established.
Oct 23 17:10:09 user warn dnsprobe[743]: dns query failed
Oct 23 17:10:11 user warn dnsprobe[743]: dns query failed
Oct 23 17:10:13 user warn dnsprobe[743]: dns query failed
Oct 23 17:10:20 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:20 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:23 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:23 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:23 daemon crit pppd[311]: PPP session established.
Oct 23 17:10:35 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:35 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:38 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:38 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:38 daemon crit pppd[311]: PPP session established.
Oct 23 17:10:45 user warn dnsprobe[743]: dns query failed
Oct 23 17:10:47 user warn dnsprobe[743]: dns query failed
Oct 23 17:10:49 user warn dnsprobe[743]: dns query failed
Oct 23 17:10:50 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:50 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:53 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:10:53 daemon crit pppd[311]: PPP server detected.
Oct 23 17:10:53 daemon crit pppd[311]: PPP session established.
Oct 23 17:11:05 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:06 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:09 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:09 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:09 daemon crit pppd[311]: PPP session established.
Oct 23 17:11:21 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:21 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:21 user warn dnsprobe[743]: dns query failed
Oct 23 17:11:23 user warn dnsprobe[743]: dns query failed
Oct 23 17:11:24 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:24 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:24 daemon crit pppd[311]: PPP session established.
Oct 23 17:11:25 user warn dnsprobe[743]: dns query failed
Oct 23 17:11:36 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:36 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:39 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:39 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:39 daemon crit pppd[311]: PPP session established.
Oct 23 17:11:51 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:51 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:54 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:11:54 daemon crit pppd[311]: PPP server detected.
Oct 23 17:11:54 daemon crit pppd[311]: PPP session established.
Oct 23 17:11:57 user warn dnsprobe[743]: dns query failed
Oct 23 17:11:59 user warn dnsprobe[743]: dns query failed
Oct 23 17:12:01 user warn dnsprobe[743]: dns query failed
Oct 23 17:12:06 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:12:06 daemon crit pppd[311]: PPP server detected.
Oct 23 17:12:09 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:12:09 daemon crit pppd[311]: PPP server detected.
Oct 23 17:12:09 daemon crit pppd[311]: PPP session established.
Oct 23 17:12:21 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:12:21 daemon crit pppd[311]: PPP server detected.
Oct 23 17:12:24 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:12:24 daemon crit pppd[311]: PPP server detected.
Oct 23 17:12:24 daemon crit pppd[311]: PPP session established.
Oct 23 17:12:33 user warn dnsprobe[743]: dns query failed
Oct 23 17:12:35 user warn dnsprobe[743]: dns query failed
Oct 23 17:12:37 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:12:37 daemon crit pppd[311]: PPP server detected.
Oct 23 17:12:37 user warn dnsprobe[743]: dns query failed
Oct 23 17:12:40 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:12:40 daemon crit pppd[311]: PPP server detected.
Oct 23 17:12:40 daemon crit pppd[311]: PPP session established.
Oct 23 17:12:52 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:12:52 daemon crit pppd[311]: PPP server detected.
Oct 23 17:12:52 daemon crit pppd[311]: PPP session established.
Oct 23 17:13:04 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:13:04 daemon crit pppd[311]: PPP server detected.
Oct 23 17:13:07 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:13:07 daemon crit pppd[311]: PPP server detected.
Oct 23 17:13:07 daemon crit pppd[311]: PPP session established.
Oct 23 17:13:09 user warn dnsprobe[743]: dns query failed
Oct 23 17:13:11 user warn dnsprobe[743]: dns query failed
Oct 23 17:13:13 user warn dnsprobe[743]: dns query failed
Oct 23 17:13:19 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:13:19 daemon crit pppd[311]: PPP server detected.
Oct 23 17:13:19 daemon crit pppd[311]: PPP session established.
Oct 23 17:13:31 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:13:31 daemon crit pppd[311]: PPP server detected.
Oct 23 17:13:34 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:13:34 daemon crit pppd[311]: PPP server detected.
Oct 23 17:13:34 daemon crit pppd[311]: PPP session established.
Oct 23 17:13:45 user warn dnsprobe[743]: dns query failed
Oct 23 17:13:46 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:13:46 daemon crit pppd[311]: PPP server detected.
Oct 23 17:13:47 user warn dnsprobe[743]: dns query failed
Oct 23 17:13:49 user warn dnsprobe[743]: dns query failed
Oct 23 17:13:49 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:13:49 daemon crit pppd[311]: PPP session established.
Oct 23 17:14:02 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:14:02 daemon crit pppd[311]: PPP server detected.
Oct 23 17:14:05 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:14:05 daemon crit pppd[311]: PPP server detected.
Oct 23 17:14:08 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:14:08 daemon crit pppd[311]: PPP server detected.
Oct 23 17:14:08 daemon crit pppd[311]: PPP session established.
Oct 23 17:14:20 daemon notice pppd[311]: PPP: Start to connect ...
Oct 23 17:14:20 daemon crit pppd[311]: PPP server detected.
Oct 23 17:14:21 user warn dnsprobe[743]: dns query failed

Вернуться наверх

vryabko

Заголовок сообщения: Re: 2540U - обрывается соединение каждые 10-20 минут

Добавлено: Пн окт 26, 2009 18:29

Зарегистрирован: Пт окт 23, 2009 09:26
Сообщений: 10
Откуда: Almaty

Купил новый модем. Примерно то же самое - постоянно валится : ( Видимо дело не в модеме...
Может в логе всё же что-то есть полезное - куда копать?

BoardID: DSL-2540U
Software Version: RU_1.22
Bootloader (CFE) Version: 1.0.37-12.1
Release Date: Wed Sep 9 13:22:19 CST 2009

Mode: G.DMT
Type: Interleave
Line Coding: Trellis On
Status: No Defect
Link Power State: L0

Downstream Upstream
SNR Margin (dB): 33.0 26.0
Attenuation (dB): 7.0 3.0
Output Power (dBm): 12.3 8.6

Вот такой лог

Date/Time Facility Severity Message
Jan 1 03:33:16 user debug syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max
Jan 1 03:33:16 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null
Jan 1 03:33:16 user debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Jan 1 03:33:16 user debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE
Jan 1 03:33:16 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238 2>/dev/null
Jan 1 03:33:17 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238
Jan 1 03:33:18 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Jan 1 03:33:18 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Jan 1 03:33:18 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Jan 1 03:33:19 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Jan 1 03:33:20 user debug syslog: ifconfig ppp_0_0_40_1 mtu 1492
Jan 1 03:34:13 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.133.57 DST=95.56.143.240 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=46194 DF PROTO=TCP SPT=1717 DPT=445 WINDOW=64800 RES=0x00

SYN URGP=0
Jan 1 03:34:16 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.133.57 DST=95.56.143.240 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=47972 DF PROTO=TCP SPT=1717 DPT=445 WINDOW=64800 RES=0x00

SYN URGP=0
Jan 1 03:34:25 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.32.49 DST=95.56.143.240 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=35965 DF PROTO=TCP SPT=13162 DPT=135 WINDOW=60352 RES=0x00 SYN

URGP=0
Jan 1 03:35:36 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.2.35 DST=95.56.143.240 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=60904 DF PROTO=TCP SPT=27010 DPT=445 WINDOW=60352 RES=0x00 SYN

URGP=0
Jan 1 03:35:39 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.2.35 DST=95.56.143.240 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=63489 DF PROTO=TCP SPT=27010 DPT=445 WINDOW=60352 RES=0x00 SYN

URGP=0
Jan 1 03:41:14 user warn dnsprobe[660]: dns query failed
Jan 1 03:41:16 user warn dnsprobe[660]: dns query failed
Jan 1 03:41:18 user warn dnsprobe[660]: dns query failed
Jan 1 03:41:18 user notice dnsprobe[660]: Primary DNS server Is Down... Switching To Secondary DNS server
Jan 1 03:41:19 user crit kernel: ADSL link down
Jan 1 03:41:21 daemon crit pppd[278]: Clear IP addresses. Connection DOWN.
Jan 1 03:41:21 daemon crit pppd[278]: Clear IP addresses. PPP connection DOWN.
Jan 1 03:41:24 user crit kernel: ADSL G.994 training
Jan 1 03:41:42 user crit kernel: ADSL G.992 started
Jan 1 03:41:44 user crit kernel: ADSL G.992 channel analysis
Jan 1 03:41:49 user crit kernel: ADSL G.992 message exchange
Jan 1 03:41:50 user crit kernel: ADSL link up, interleaved, us=512, ds=512
Jan 1 03:41:52 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107
Jan 1 03:41:53 daemon notice pppd[278]: PPP: Start to connect ...
Jan 1 03:41:54 daemon crit pppd[278]: PPP server detected.
Jan 1 03:41:55 daemon crit pppd[278]: PPP session established.
Jan 1 03:41:55 daemon crit pppd[278]: PPP LCP UP.
Jan 1 03:41:55 daemon crit pppd[278]: Received valid IP address from server. Connection UP.
Jan 1 03:42:02 user debug syslog: route add default gw 92.46.31.34 2>/dev/null
Jan 1 03:42:03 user debug syslog: iptables -A FORWARD -o ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Jan 1 03:42:03 user debug syslog: iptables -A FORWARD -i ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Jan 1 03:42:03 user debug syslog: echo > /proc/net/ip_conntrack
Jan 1 03:42:03 user debug syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max
Jan 1 03:42:03 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null
Jan 1 03:42:03 user debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Jan 1 03:42:03 user debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE
Jan 1 03:42:04 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238 2>/dev/null
Jan 1 03:42:04 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238
Jan 1 03:42:05 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Jan 1 03:42:05 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Jan 1 03:42:05 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Jan 1 03:42:05 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Jan 1 03:42:07 user debug syslog: ifconfig ppp_0_0_40_1 mtu 1492
Jan 1 03:42:28 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.47.232.59 DST=92.47.240.164 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=14515 DF PROTO=TCP SPT=9321 DPT=445 WINDOW=60352 RES=0x00 SYN

URGP=0
Jan 1 03:42:31 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.47.232.59 DST=92.47.240.164 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=15291 DF PROTO=TCP SPT=9321 DPT=445 WINDOW=60352 RES=0x00 SYN

URGP=0
Jan 1 03:42:34 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.112.134.247 DST=92.47.240.164 LEN=48 TOS=0x04 PREC=0x00 TTL=116 ID=30598 DF PROTO=TCP SPT=3640 DPT=59483 WINDOW=65535 RES=0x00

SYN URGP=0
Jan 1 03:42:37 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.112.134.247 DST=92.47.240.164 LEN=48 TOS=0x04 PREC=0x00 TTL=116 ID=30883 DF PROTO=TCP SPT=3640 DPT=59483 WINDOW=65535 RES=0x00

SYN URGP=0
Jan 1 03:42:53 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.47.191.66 DST=92.47.240.164 LEN=64 TOS=0x00 PREC=0x00 TTL=45 ID=47474 DF PROTO=TCP SPT=30041 DPT=135 WINDOW=53760 RES=0x00

SYN URGP=0
Jan 1 03:51:22 user warn dnsprobe[660]: dns query failed
Jan 1 03:51:24 user warn dnsprobe[660]: dns query failed
Jan 1 03:51:26 user warn dnsprobe[660]: dns query failed
Jan 1 03:53:32 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.47.191.66 DST=92.47.240.164 LEN=64 TOS=0x00 PREC=0x00 TTL=45 ID=59628 DF PROTO=TCP SPT=11617 DPT=135 WINDOW=53760 RES=0x00

SYN URGP=0
Jan 1 04:00:19 syslog info -- MARK --
Jan 1 04:01:27 user notice dnsprobe[660]: Switching Back To Primary DNS server
Jan 1 04:02:34 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.47.191.66 DST=92.47.240.164 LEN=64 TOS=0x00 PREC=0x00 TTL=45 ID=14209 DF PROTO=TCP SPT=1823 DPT=135 WINDOW=53760 RES=0x00 SYN

URGP=0
Jan 1 04:13:21 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=193.254.217.214 DST=92.47.240.164 LEN=60 TOS=0x04 PREC=0x00 TTL=51 ID=32076 DF PROTO=TCP SPT=55759 DPT=59483 WINDOW=5840 RES=0x00

SYN URGP=0
Jan 1 04:18:05 user debug syslog: sntp -s clock.fmt.he.net -t "Almaty, Novosibirsk" &
Oct 26 21:04:19 user debug syslog: sntp -s clock.fmt.he.net -s time.cachenetworks.com -t "Almaty, Novosibirsk" &
Oct 26 21:04:35 user warn dnsprobe[660]: dns query failed
Oct 26 21:05:59 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=92.112.134.247 DST=92.47.240.164 LEN=48 TOS=0x04 PREC=0x00 TTL=116 ID=36394 DF PROTO=TCP SPT=1508 DPT=59483 WINDOW=65535

RES=0x00 SYN URGP=0
Oct 26 21:11:22 user crit kernel: ADSL link down
Oct 26 21:11:23 user crit kernel: ADSL G.994 training
Oct 26 21:11:38 user crit kernel: ADSL G.992 started
Oct 26 21:11:39 daemon crit pppd[278]: Clear IP addresses. Connection DOWN.
Oct 26 21:11:39 daemon crit pppd[278]: Clear IP addresses. PPP connection DOWN.
Oct 26 21:11:41 user crit kernel: ADSL G.992 channel analysis
Oct 26 21:11:45 user crit kernel: ADSL G.992 message exchange
Oct 26 21:11:46 user crit kernel: ADSL link up, interleaved, us=512, ds=512
Oct 26 21:11:48 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107
Oct 26 21:11:51 daemon notice pppd[278]: PPP: Start to connect ...
Oct 26 21:11:52 daemon crit pppd[278]: PPP server detected.
Oct 26 21:11:52 daemon crit pppd[278]: PPP session established.
Oct 26 21:11:52 daemon crit pppd[278]: PPP LCP UP.
Oct 26 21:11:53 daemon crit pppd[278]: Received valid IP address from server. Connection UP.
Oct 26 21:12:02 user debug syslog: route add default gw 92.46.31.34 2>/dev/null
Oct 26 21:12:03 user debug syslog: iptables -A FORWARD -o ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Oct 26 21:12:03 user debug syslog: iptables -A FORWARD -i ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Oct 26 21:12:03 user debug syslog: echo > /proc/net/ip_conntrack
Oct 26 21:12:03 user debug syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max
Oct 26 21:12:04 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null
Oct 26 21:12:04 user debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Oct 26 21:12:04 user debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE
Oct 26 21:12:04 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238 2>/dev/null
Oct 26 21:12:04 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238
Oct 26 21:12:06 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Oct 26 21:12:06 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Oct 26 21:12:06 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Oct 26 21:12:07 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Oct 26 21:12:09 user debug syslog: ifconfig ppp_0_0_40_1 mtu 1492
Oct 26 21:13:05 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=211.225.28.254 DST=95.56.129.206 LEN=48 TOS=0x04 PREC=0x00 TTL=115 ID=29255 DF PROTO=TCP SPT=1773 DPT=4899 WINDOW=65535 RES=0x00

SYN URGP=0
Oct 26 21:13:09 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.59.184.251 DST=95.56.129.206 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=41502 DF PROTO=TCP SPT=2622 DPT=3306 WINDOW=65535 RES=0x00

SYN URGP=0
Oct 26 21:13:49 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.57.244.234 DST=95.56.129.206 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=574 DF PROTO=TCP SPT=1878 DPT=445 WINDOW=65535 RES=0x00

SYN URGP=0
Oct 26 21:14:12 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.59.84.222 DST=95.56.129.206 LEN=64 TOS=0x00 PREC=0x00 TTL=117 ID=46325 DF PROTO=TCP SPT=52844 DPT=445 WINDOW=16384 RES=0x00

SYN URGP=0
Oct 26 21:14:42 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.129.168 DST=95.56.129.206 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=10103 DF PROTO=TCP SPT=4606 DPT=445 WINDOW=64800 RES=0x00

SYN URGP=0
Oct 26 21:21:52 user crit kernel: ADSL link down
Oct 26 21:21:55 user crit kernel: ADSL G.992 started
Oct 26 21:21:55 daemon crit pppd[278]: Clear IP addresses. Connection DOWN.
Oct 26 21:21:55 daemon crit pppd[278]: Clear IP addresses. PPP connection DOWN.
Oct 26 21:21:57 user crit kernel: ADSL link down
Oct 26 21:22:18 user crit kernel: ADSL G.994 training
Oct 26 21:22:32 user crit kernel: ADSL G.992 started
Oct 26 21:22:35 user crit kernel: ADSL G.992 channel analysis
Oct 26 21:22:40 user crit kernel: ADSL G.992 message exchange
Oct 26 21:22:41 user crit kernel: ADSL link up, interleaved, us=512, ds=512
Oct 26 21:22:42 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107
Oct 26 21:22:44 daemon notice pppd[278]: PPP: Start to connect ...
Oct 26 21:22:46 daemon crit pppd[278]: PPP server detected.
Oct 26 21:22:46 daemon crit pppd[278]: PPP session established.
Oct 26 21:22:47 daemon crit pppd[278]: PPP LCP UP.
Oct 26 21:22:48 daemon crit pppd[278]: Received valid IP address from server. Connection UP.
Oct 26 21:22:55 user debug syslog: route add default gw 92.46.31.34 2>/dev/null
Oct 26 21:22:56 user debug syslog: iptables -A FORWARD -o ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Oct 26 21:22:57 user debug syslog: iptables -A FORWARD -i ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Oct 26 21:22:57 user debug syslog: echo > /proc/net/ip_conntrack
Oct 26 21:22:57 user debug syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max
Oct 26 21:22:57 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null
Oct 26 21:22:57 user debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Oct 26 21:22:57 user debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 10.1.1.0/255.255.255.0 -j MASQUERADE
Oct 26 21:22:57 user debug syslog: iptables -t nat -D PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238 2>/dev/null
Oct 26 21:22:58 user debug syslog: iptables -t nat -A PREROUTING -i br0 -d 10.1.1.100 -p udp --dport 53 -j DNAT --to 92.46.53.238
Oct 26 21:22:59 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Oct 26 21:22:59 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005
Oct 26 21:23:00 user debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Oct 26 21:23:01 user debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 10.1.1.100/24 --dport 30006
Oct 26 21:23:03 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.118.191 DST=95.56.62.3 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=4291 DF PROTO=TCP SPT=4241 DPT=1433 WINDOW=16384 RES=0x00 SYN

URGP=0
Oct 26 21:23:03 user debug syslog: ifconfig ppp_0_0_40_1 mtu 1492
Oct 26 21:23:06 user alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.118.191 DST=95.56.62.3 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=4363 DF PROTO=TCP SPT=4241 DPT=1433 WINDOW=16384 RES=0x00 SYN

URGP=0

Вернуться наверх

vryabko

Заголовок сообщения: Re: 2540U - обрывается соединение каждые 10-20 минут

Добавлено: Ср окт 28, 2009 15:22

Зарегистрирован: Пт окт 23, 2009 09:26
Сообщений: 10
Откуда: Almaty

kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=95.56.74.219 DST=95.56.15.138 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=11225 DF PROTO=TCP SPT=1282 DPT=1433 WINDOW=65535 RES=0x00 SYN URGP=0

Что вот эта строчка означает, может кто-нибуль сказать?

Вернуться наверх

rilk

Заголовок сообщения: Re: 2540U - обрывается соединение каждые 10-20 минут

Добавлено: Ср окт 28, 2009 16:28

Зарегистрирован: Вс июл 02, 2006 10:41
Сообщений: 1
Откуда: none

vryabko писал(а):

Advanced Setup - DNS - Enable Automatic Assigned DNS сними галку
Primary DNS Secondary DNS внеси IP DNS провайдера, это должно помочь. Если помогло скажи Спасибо

ЗЫ модем перегрузи

Вернуться наверх

tundra37

Заголовок сообщения: Re: 2540U - обрывается соединение каждые 10-20 минут

Добавлено: Чт окт 29, 2009 14:23

Зарегистрирован: Чт окт 09, 2008 13:56
Сообщений: 1095

vryabko писал(а):

Эта строчка означает наличие в сети провайдера SYN-флуда Вроде основная причина - трояны, но возможно и молодежь шалит. D-Link делал правки и на большинстве провайдеров все стало работать и при SYN-флуде. Возможно и провайдеры почистили сеть. На части сетей коннект рвется

Вернуться наверх

vryabko

Заголовок сообщения: Re: 2540U - обрывается соединение каждые 10-20 минут

Добавлено: Пт окт 30, 2009 15:54

Зарегистрирован: Пт окт 23, 2009 09:26
Сообщений: 10
Откуда: Almaty

tundra37 писал(а):

А что за правки? Я последнюю прошивку ставил - там то же самое...

Вернуться наверх

vryabko

Заголовок сообщения: Re: 2540U - обрывается соединение каждые 10-20 минут

Добавлено: Чт ноя 19, 2009 15:01

Зарегистрирован: Пт окт 23, 2009 09:26
Сообщений: 10
Откуда: Almaty

На данный момент всё работает хорошо. В логие по прежнему dns query failed, но на устойчивость коннекта это никак не влияет. Стало быть дело было в провайдере, а не в модеме.

Вернуться наверх

Страница 1 из 1

[ Сообщений: 7 ]

Список форумов » ADSL и последняя миля

Часовой пояс: UTC + 3 часа

Кто сейчас на форуме

Сейчас этот форум просматривают: нет зарегистрированных пользователей и гости: 26

Вы не можете начинать темы
Вы не можете отвечать на сообщения
Вы не можете редактировать свои сообщения
Вы не можете удалять свои сообщения
Вы не можете добавлять вложения