Apr 24 22:59:32 (none) daemon.crit pppd[292]: Clear IP addresses. Connection DOWN. 90
Apr 24 22:59:32 (none) daemon.crit pppd[292]: Clear IP addresses. PPP connection DOWN. 94
Apr 24 22:59:40 (none) daemon.notice pppd[292]: PPP: Start to connect ... 80
Apr 24 22:59:40 (none) daemon.crit pppd[292]: PPP server detected. 73
Apr 24 22:59:41 (none) daemon.crit pppd[292]: PPP session established. 77
Apr 24 22:59:48 (none) daemon.crit pppd[292]: PPP LCP UP. 64
Apr 24 22:59:49 (none) daemon.crit pppd[292]: Received valid IP address from server. Connection UP. 107
Apr 24 22:59:52 (none) user.debug syslog: route add default gw 92.46.31.34 2>/dev/null 92
Apr 24 22:59:53 (none) user.debug syslog: iptables -A FORWARD -o ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144
Apr 24 22:59:54 (none) user.debug syslog: iptables -A FORWARD -i ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144
Apr 24 22:59:54 (none) user.debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 2>/dev/null 151
Apr 24 22:59:54 (none) user.debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 139
Apr 24 22:59:55 (none) user.debug syslog: iptables -I INPUT 1 -p tcp --dport 80 -i ppp_0_0_40_1 -j ACCEPT 111
Apr 24 22:59:55 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 114
Apr 24 22:59:55 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 116
Apr 24 22:59:55 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.4/29 --dport 30006 132
Apr 24 22:59:55 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.4/29 --dport 30006 134
Apr 24 22:59:57 (none) user.debug syslog: ifconfig ppp_0_0_40_1 mtu 1492 78
Apr 24 23:00:01 (none) daemon.crit pppd[292]: Clear IP addresses. Connection DOWN. 90
Apr 24 23:00:01 (none) daemon.crit pppd[292]: Clear IP addresses. PPP connection DOWN. 94
Apr 24 23:00:08 (none) daemon.notice pppd[292]: PPP: Start to connect ... 80
Apr 24 23:00:11 (none) daemon.crit pppd[292]: PPP server detected. 73
Apr 24 23:00:11 (none) daemon.crit pppd[292]: PPP session established. 77
Apr 24 23:00:23 (none) daemon.notice pppd[292]: PPP: Start to connect ... 80
Apr 24 23:00:24 (none) daemon.crit pppd[292]: PPP server detected. 73
Apr 24 23:00:24 (none) daemon.crit pppd[292]: PPP session established. 77
Apr 24 23:00:31 (none) daemon.crit pppd[292]: PPP LCP UP. 64
Apr 24 23:00:32 (none) daemon.err pppd[292]: User name and password authentication failed. 97
Apr 24 23:00:33 (none) user.debug syslog: iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j DNAT --to 192.168.5.4 127
Apr 24 23:00:34 (none) user.debug syslog: iptables -t nat -I PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 192.168.5.4 127
Apr 24 23:00:34 (none) user.debug syslog: /bin/dnsspoof 192.168.5.4 & 75
Apr 24 23:00:35 (none) daemon.notice pppd[292]: PPP: Start to connect ... 80
Apr 24 23:00:36 (none) daemon.crit pppd[292]: PPP server detected. 73
Apr 24 23:00:36 (none) daemon.crit pppd[292]: PPP session established. 77
Apr 24 23:00:37 (none) daemon.crit pppd[292]: PPP LCP UP. 64
Apr 24 23:00:50 (none) daemon.crit pppd[292]: Received valid IP address from server. Connection UP. 107
Apr 24 23:00:52 (none) user.debug syslog: route add default gw 92.46.31.34 2>/dev/null 92
Apr 24 23:00:57 (none) user.debug syslog: iptables -A FORWARD -o ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144
Apr 24 23:00:58 (none) user.debug syslog: iptables -A FORWARD -i ppp_0_0_40_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 144
Apr 24 23:00:59 (none) user.debug syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 2>/dev/null 151
Apr 24 23:00:59 (none) user.debug syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_40_1 -s 192.168.5.0/255.255.255.248 -j MASQUERADE 139
Apr 24 23:01:02 (none) user.debug syslog: iptables -I INPUT 1 -p tcp --dport 80 -i ppp_0_0_40_1 -j ACCEPT 111
Apr 24 23:01:02 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 114
Apr 24 23:01:02 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p tcp --dport 30005 116
Apr 24 23:01:03 (none) user.debug syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.4/29 --dport 30006 132
Apr 24 23:01:03 (none) user.debug syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_40_1 -p udp -s 192.168.5.4/29 --dport 30006 134
Apr 24 23:01:05 (none) user.debug syslog: ifconfig ppp_0_0_40_1 mtu 1492 78
Apr 24 23:01:15 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=109.110.88.5 DST=95.56.27.137 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=54504 DF PROTO=TCP SPT=4880 DPT=5600 WINDOW=16384 RES=0x00 SYN URGP=0 228
Apr 24 23:01:17 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=89.169.47.244 DST=95.56.27.137 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=12941 DF PROTO=TCP SPT=57408 DPT=5600 WINDOW=8192 RES=0x00 SYN URGP=0 229
Apr 24 23:01:19 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=89.169.47.244 DST=95.56.27.137 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=14174 DF PROTO=TCP SPT=57408 DPT=5600 WINDOW=8192 RES=0x00 SYN URGP=0 229
Apr 24 23:01:25 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=89.169.47.244 DST=95.56.27.137 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=16061 DF PROTO=TCP SPT=57408 DPT=5600 WINDOW=8192 RES=0x00 SYN URGP=0 229
Apr 24 23:01:29 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=176.104.92.101 DST=95.56.27.137 LEN=60 TOS=0x00 PREC=0x00 TTL=117 ID=12711 DF PROTO=TCP SPT=58633 DPT=5600 WINDOW=8192 RES=0x00 SYN URGP=0 230
Apr 24 23:04:50 (none) user.warn kernel: Wireless button pressed, check time expand to 10 seconds 103
Apr 24 23:06:08 (none) syslog.info -- MARK -- 51
Apr 24 23:11:37 (none) user.alert kernel: Intrusion -> IN=ppp_0_0_40_1 OUT= MAC= SRC=37.144.201.13 DST=95.56.27.137 LEN=52 TOS=0x04 PREC=0x00 TTL=117 ID=18826 DF PROTO=TCP SPT=65503 DPT=5600 WINDOW=8192 RES=0x00 SYN URGP=0 229