D-Link • Просмотр темы - 2600U после перепрошивки теряет интернет

Сообщения без ответов | Активные темы

Список форумов » ADSL и последняя миля

Часовой пояс: UTC + 3 часа

2600U после перепрошивки теряет интернет

Модераторы: Sergei Asmankin, Sergik, Vladimir Degtyarev, Davydov Denis

Страница 1 из 1

[ Сообщений: 6 ]

Предыдущая тема | Следующая тема

Автор

Сообщение

wmtrader

Заголовок сообщения: 2600U после перепрошивки теряет интернет

Добавлено: Пт ноя 20, 2009 19:31

Зарегистрирован: Пт ноя 20, 2009 19:01
Сообщений: 4

Прошил модем этой прошивкой:
Для DSL-2600U/BRU/C (H/W: A1, C1)
ftp://ftp.dlink.ru/pub/ADSL/DSL-2600U_B ... 090909.zip

Теперь он постоянно теряет интернет, работа восстанавливается только после ребута. Давайте разбираться в чем проблема.

Мой модем:

Device Info:

Лог модема:

Код:

Date/Time   Facility   Severity   Message
Jan 1 00:00:24   user   warn   kernel: adsl: adsl_init entry
Jan 1 00:00:24   user   warn   kernel: blaadd: blaa_detect entry
Jan 1 00:00:24   user   info   kernel: Broadcom BCMPROCFS v1.0 initialized
Jan 1 00:00:24   user   warn   kernel: SDIOH mode switch from 1 to 2
Jan 1 00:00:24   user   warn   kernel: available commands: sdio sdioh
Jan 1 00:00:24   user   warn   kernel:
Jan 1 00:00:24   user   warn   kernel: ---SDIO init SUCCEEDED--- sromless
Jan 1 00:00:24   user   warn   kernel:
Jan 1 00:00:24   user   warn   kernel: chipid 0x4024318
Jan 1 00:00:24   user   warn   kernel: bcmsdh_attach, sdioh_attach successful, bcmsdh->sdioh 0x80e58c10
Jan 1 00:00:24   user   warn   kernel: wl: srom not detected, using main memory mapped srom info (wombo board)
Jan 1 00:00:24   user   warn   kernel: wl0: wlc_attach: use mac addr from the system pool by id: 0x776c0000
Jan 1 00:00:24   user   warn   kernel: wl0: MAC Address: 00:1E:58:E4:64:39
Jan 1 00:00:24   user   warn   kernel: wl0: Broadcom BCM4318 802.11 Wireless Controller 4.170.16.0.cpe2.1sd1
Jan 1 00:00:24   user   warn   kernel: dgasp: kerSysRegisterDyingGaspHandler: wl0 registered
Jan 1 00:00:24   user   warn   kernel: Trying to free free IRQ25
Jan 1 00:00:24   user   warn   kernel: Broadcom BCM6338A2 Ethernet Network Device v0.3 Sep 9 2009 13:16:11
Jan 1 00:00:24   user   warn   kernel: Config Internal PHY Through MDIO
Jan 1 00:00:24   user   info   kernel: BCM63xx_ENET: 100 MB Full-Duplex (auto-neg)
Jan 1 00:00:24   user   warn   kernel: eth0: MAC Address: 00:1E:58:E4:64:3A
Jan 1 00:00:24   user   crit   kernel: eth0 Link UP.
Jan 1 00:00:24   user   warn   kernel: BcmAdsl_Initialize=0xC00663E8, g_pFnNotifyCallback=0xC0080FE4
Jan 1 00:00:24   user   warn   kernel: AnnexCParam=0x7FFF7EB8 AnnexAParam=0x00000980 adsl2=0x00000000
Jan 1 00:00:24   user   warn   kernel: pSdramPHY=0xA0FFFFF8, 0x1B7916 0xDEADBEEF
Jan 1 00:00:24   user   warn   kernel: AdslCoreHwReset: AdslOemDataAddr = 0xA0FEF96C
Jan 1 00:00:24   user   warn   kernel: AnnexCParam=0x7FFF7EB8 AnnexAParam=0x00000980 adsl2=0x00000000
Jan 1 00:00:24   user   warn   kernel: dgasp: kerSysRegisterDyingGaspHandler: dsl0 registered
Jan 1 00:00:24   user   warn   kernel: ATM proc init !!!
Jan 1 00:00:24   user   warn   kernel: filter core team
Jan 1 00:00:24   user   warn   kernel: ip_conntrack version 2.1 (125 buckets, 0 max) - 384 bytes per conntrack
Jan 1 00:00:24   user   warn   kernel: ip_ct_h323: init success
Jan 1 00:00:24   user   warn   kernel: ip_nat_h323: init success
Jan 1 00:00:24   user   crit   kernel: ADSL G.994 training
Jan 1 00:00:24   user   warn   kernel: BRCM NAT Caching v1.0 Nov 20 2007 10:22:27
Jan 1 00:00:24   user   warn   kernel: BRCM NAT Cache: Hooking hit function @ c0060088
Jan 1 00:00:24   user   warn   kernel: ip_conntrack_rtsp v0.01 loading
Jan 1 00:00:24   user   warn   kernel: ip_nat_rtsp v0.01 loading
Jan 1 00:00:24   user   info   kernel: device eth0 entered promiscuous mode
Jan 1 00:00:24   user   info   kernel: br0: port 1(eth0) entering learning state
Jan 1 00:00:24   user   info   kernel: br0: topology change detected, propagating
Jan 1 00:00:24   user   info   kernel: br0: port 1(eth0) entering forwarding state
Jan 1 00:00:24   user   info   kernel: device wl0 entered promiscuous mode
Jan 1 00:00:24   user   info   kernel: br0: port 2(wl0) entering learning state
Jan 1 00:00:24   user   info   kernel: br0: topology change detected, propagating
Jan 1 00:00:24   user   info   kernel: br0: port 2(wl0) entering forwarding state
Jan 1 00:00:24   user   crit   kernel: ADSL G.992 started
Jan 1 00:00:25   user   debug   syslog: brctl addbr pppbr
Jan 1 00:00:25   user   debug   syslog: brctl addif pppbr nas_0_0_35
Jan 1 00:00:25   user   info   kernel: device nas_0_0_35 entered promiscuous mode
Jan 1 00:00:26   user   debug   syslog: pppd keepalive 0 0 -c 0.0.35.1 -i nas_0_0_35 -u "adsl6643_252" -p ********** -f 0 -m 003088028758/4a7a &
Jan 1 00:00:26   daemon   notice   pppd[393]: pppd 2.4.1 started by admin, uid 0
Jan 1 00:00:28   user   crit   kernel: ADSL G.992 channel analysis
Jan 1 00:00:34   user   crit   kernel: ADSL G.992 message exchange
Jan 1 00:00:34   user   crit   kernel: ADSL link up, interleaved, us=711, ds=11979
Jan 1 00:00:34   user   warn   kernel: ATM Soft SAR: ATM link connected.
Jan 1 00:00:36   user   debug   syslog: iptables -t nat -A PREROUTING -i br0 -d 192.168.1.1 -p udp --dport 53 -j DNAT --to 128.9.0.107
Jan 1 00:00:36   daemon   notice   pppd[393]: PPP: Start to connect ...
Jan 1 00:00:37   user   debug   syslog: dhcpc -i nas_0_0_32 &
Jan 1 00:00:37   daemon   crit   pppd[393]: PPP server detected.
Jan 1 00:00:38   daemon   crit   pppd[393]: PPP session established.
Jan 1 00:00:38   daemon   crit   pppd[393]: PPP LCP UP.
Jan 1 00:00:38   daemon   crit   pppd[393]: Received valid IP address from server. Connection UP.
Jan 1 00:00:38   user   debug   syslog: route add default dev ppp_0_0_35_1 2>/dev/null
Jan 1 00:00:38   user   debug   syslog: route add -net 10.253.0.0 netmask 255.255.0.0 metric 1 gw 10.253.196.1 2>/dev/null
Jan 1 00:00:38   user   debug   syslog: iptables -A FORWARD -o ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Jan 1 00:00:39   user   debug   syslog: iptables -A FORWARD -i ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Jan 1 00:00:39   user   debug   syslog: echo > /proc/net/ip_conntrack
Jan 1 00:00:39   user   debug   syslog: echo "1000" > /proc/sys/net/ipv4/ip_conntrack_max
Jan 1 00:00:39   user   debug   syslog: iptables -t nat -D PREROUTING -i br0 -d 192.168.1.1 -p udp --dport 53 -j DNAT --to 128.9.0.107 2>/dev/null
Jan 1 00:00:39   user   debug   syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_35_1 -s 192.168.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Jan 1 00:00:39   user   debug   syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_35_1 -s 192.168.1.0/255.255.255.0 -j MASQUERADE
Jan 1 00:00:39   user   debug   syslog: iptables -t nat -D PREROUTING -i br0 -d 192.168.1.1 -p udp --dport 53 -j DNAT --to 87.117.0.1 2>/dev/null
Jan 1 00:00:39   user   debug   syslog: iptables -t nat -A PREROUTING -i br0 -d 192.168.1.1 -p udp --dport 53 -j DNAT --to 87.117.0.1
Jan 1 00:00:39   user   debug   syslog: /bin/dnsprobe &
Jan 1 00:00:39   user   debug   syslog: upnp -L br0 -W ppp_0_0_35_1 -D
Jan 1 00:00:40   user   notice   dnsprobe[769]: dnsprobe started!
Jan 1 00:00:40   user   debug   syslog: iptables -t filter -I OUTPUT -o ppp_0_0_35_1 -d 239.255.255.250 -j DROP 2>/dev/null
Jan 1 00:00:40   user   debug   syslog: iptables -I INPUT 1 -i ppp_0_0_35_1 -p udp --dport 5060 -j ACCEPT 2>/dev/null
Jan 1 00:00:40   user   debug   syslog: iptables -I INPUT 1 -i ppp_0_0_35_1 -p udp --dport 7070:7079 -j ACCEPT 2>/dev/null
Jan 1 00:00:40   user   debug   syslog: iptables -t nat -A PREROUTING -i br0 -p udp --dport 5060 -j REDIRECT --to-ports 5060 2>/dev/null
Jan 1 00:00:40   user   debug   syslog: siproxd --config /var/siproxd/siproxd.conf &
Jan 1 00:00:40   user   notice   syslog: siproxd.c:192 INFO:siproxd-0.5.10-2842 i686-redhat-linux-gnu starting up
Jan 1 00:00:40   user   notice   syslog: siproxd.c:218 INFO:daemonized, pid=785
Jan 1 00:00:40   user   notice   syslog: sock.c:65 INFO:bound to port 5060
Jan 1 00:00:40   user   notice   syslog: register.c:65 WARNING:registration file not found, starting with empty table
Jan 1 00:00:40   user   notice   syslog: siproxd.c:265 INFO:siproxd-0.5.10-2842 i686-redhat-linux-gnu started
Jan 1 00:00:41   user   debug   syslog: setkey -f /var/setkey.conf
Jan 1 00:00:44   user   debug   syslog: ifconfig ppp_0_0_35_1 mtu 1492
Jan 1 00:00:44   user   debug   syslog: route add -net 10.253.0.0 netmask 255.255.0.0 metric 1 gw 10.253.196.1 2>/dev/null
Jan 1 00:00:44   user   debug   syslog: iptables -t nat -D POSTROUTING -o nas_0_0_32 -s 192.168.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Jan 1 00:00:44   user   debug   syslog: iptables -t nat -A POSTROUTING -o nas_0_0_32 -s 192.168.1.0/255.255.255.0 -j MASQUERADE
Jan 1 00:00:45   daemon   err   user: tr69c: Unable to retrieve attributes in scratch PAD
Jan 1 00:00:45   daemon   err   user: Stored Parameter Attribute data is corrupt or missing
Jan 1 00:00:46   user   debug   syslog: setkey -f /var/setkey.conf
Jan 1 01:00:24   syslog   info   -- MARK --
Jan 1 02:00:24   syslog   info   -- MARK --
Jan 1 03:00:24   syslog   info   -- MARK --
Jan 1 04:00:24   syslog   info   -- MARK --
Jan 1 05:00:24   syslog   info   -- MARK --
Jan 1 06:00:24   syslog   info   -- MARK --
Jan 1 06:01:18   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:01:20   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:01:22   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:01:22   user   notice   dnsprobe[769]: Primary DNS server Is Down... Switching To Secondary DNS server
Jan 1 06:11:24   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:11:26   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:11:28   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:21:30   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:21:32   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:21:34   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:31:36   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:31:38   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:31:40   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:41:42   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:41:44   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:41:46   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:51:48   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:51:50   user   warn   dnsprobe[769]: dns query failed
Jan 1 06:51:52   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:00:24   syslog   info   -- MARK --
Jan 1 07:01:54   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:01:56   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:01:58   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:12:00   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:12:02   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:12:04   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:22:06   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:22:08   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:22:10   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:32:12   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:32:14   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:32:16   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:42:19   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:42:21   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:42:23   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:52:25   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:52:27   user   warn   dnsprobe[769]: dns query failed
Jan 1 07:52:29   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:00:24   syslog   info   -- MARK --
Jan 1 08:02:31   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:02:33   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:02:35   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:12:37   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:12:39   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:12:41   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:22:43   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:22:45   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:22:47   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:32:49   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:32:51   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:32:53   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:42:55   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:42:57   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:42:59   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:53:01   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:53:03   user   warn   dnsprobe[769]: dns query failed
Jan 1 08:53:05   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:00:24   syslog   info   -- MARK --
Jan 1 09:03:07   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:03:09   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:03:11   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:13:13   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:13:15   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:13:17   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:23:19   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:23:21   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:23:23   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:33:25   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:33:27   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:33:29   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:43:31   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:43:33   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:43:35   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:53:37   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:53:39   user   warn   dnsprobe[769]: dns query failed
Jan 1 09:53:41   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:00:24   syslog   info   -- MARK --
Jan 1 10:03:43   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:03:45   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:03:47   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:13:49   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:13:51   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:13:53   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:23:55   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:23:57   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:23:59   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:34:01   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:34:03   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:34:05   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:44:07   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:44:09   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:44:11   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:54:13   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:54:15   user   warn   dnsprobe[769]: dns query failed
Jan 1 10:54:17   user   warn   dnsprobe[769]: dns query failed
Jan 1 11:00:24   syslog   info   -- MARK --
Jan 1 11:04:19   user   warn   dnsprobe[769]: dns query failed
Jan 1 11:04:21   user   warn   dnsprobe[769]: dns query failed
Jan 1 11:04:23   user   warn   dnsprobe[769]: dns query failed

Последний раз редактировалось wmtrader Пт ноя 20, 2009 19:39, всего редактировалось 1 раз.

Вернуться наверх

wmtrader

Заголовок сообщения:

Добавлено: Пт ноя 20, 2009 19:37

Зарегистрирован: Пт ноя 20, 2009 19:01
Сообщений: 4

Прописывал ДНС сервера вручную (другие), такая же картина. Работает несколько часов и все.
Да, и еще, интернет теряется полностью, т.е. сервисы не требующие ДНС (например скайп, торрент) также не работают!

Вернуться наверх

kDn

Заголовок сообщения:

Добавлено: Сб ноя 21, 2009 01:06

Зарегистрирован: Пт сен 12, 2008 16:52
Сообщений: 706

Сброс+настройку с чистого листа руками (не загружая старых конфигов) делать пробовали? Если не пробовали, то попробуйте.

Вернуться наверх

wmtrader

Заголовок сообщения:

Добавлено: Вс ноя 22, 2009 20:47

Зарегистрирован: Пт ноя 20, 2009 19:01
Сообщений: 4

Пробовал. Не помогло. Менял ДНС на открытые, тоже самое.
После включения фаервола в модеме появились сообщения от атаках, у меня складывается впечатление что именно они валят модем, как от них защититься?

Код:

Nov 22 19:14:55     user     debug     syslog: ping -c 1 -q 87.117.0.1
Nov 22 19:22:19    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.14 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=51175 DF PROTO=TCP SPT=1403 DPT=135 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:22:22    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.14 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=51760 DF PROTO=TCP SPT=1403 DPT=135 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:27:29    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.14 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=45915 DF PROTO=TCP SPT=4711 DPT=2967 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:27:32    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.14 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=46534 DF PROTO=TCP SPT=4711 DPT=2967 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:27:58    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.14 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=51567 DF PROTO=TCP SPT=1102 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:28:01    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.14 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=52107 DF PROTO=TCP SPT=1102 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:30:42    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.125.140 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=24996 DF PROTO=TCP SPT=3435 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:38:28    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.125.140 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=62921 DF PROTO=TCP SPT=4312 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 22 19:50:20    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=16776 DF PROTO=TCP SPT=1099 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 22 20:06:54    syslog    info    -- MARK --

Вернуться наверх

kDn

Заголовок сообщения:

Добавлено: Вс ноя 22, 2009 22:49

Зарегистрирован: Пт сен 12, 2008 16:52
Сообщений: 706

Включив фаервол вы и так защитились от SYN-флада, о чем вам в логах и пишут.

Вернуться наверх

wmtrader

Заголовок сообщения:

Добавлено: Вт ноя 24, 2009 07:26

Зарегистрирован: Пт ноя 20, 2009 19:01
Сообщений: 4

Вот сегодняшний лог модема:

Код:

Date/Time     Facility     Severity     Message
Nov 23 20:59:38    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.230 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=48727 DF PROTO=TCP SPT=4879 DPT=135 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 23 20:59:41    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.230 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=49327 DF PROTO=TCP SPT=4879 DPT=135 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 23 21:03:01    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.230 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=44487 DF PROTO=TCP SPT=3088 DPT=135 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 23 21:08:50    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.231.230 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=13593 DF PROTO=TCP SPT=3989 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 23 21:19:02    syslog    info    -- MARK --
Nov 23 21:21:44    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.253.116 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=45993 DF PROTO=TCP SPT=3922 DPT=445 WINDOW=64960 RES=0x00 SYN URGP=0
Nov 23 21:21:47    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.253.116 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=46505 DF PROTO=TCP SPT=3922 DPT=445 WINDOW=64960 RES=0x00 SYN URGP=0
Nov 23 21:22:02    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.253.116 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=49181 DF PROTO=TCP SPT=3756 DPT=135 WINDOW=64960 RES=0x00 SYN URGP=0
Nov 23 21:22:05    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.253.116 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=49752 DF PROTO=TCP SPT=3756 DPT=135 WINDOW=64960 RES=0x00 SYN URGP=0
Nov 23 21:28:40    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=21792 DF PROTO=TCP SPT=2100 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 23 21:37:12    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.253.116 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=9679 DF PROTO=TCP SPT=4142 DPT=445 WINDOW=64960 RES=0x00 SYN URGP=0
Nov 23 21:44:45    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.253.116 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=22777 DF PROTO=TCP SPT=4788 DPT=445 WINDOW=64960 RES=0x00 SYN URGP=0
Nov 23 22:19:01    syslog    info    -- MARK --
Nov 23 22:19:20    daemon    crit    pppd[366]: Clear IP addresses. Connection DOWN.
Nov 23 22:19:20    daemon    crit    pppd[366]: Clear IP addresses. PPP connection DOWN.
Nov 23 22:19:26    daemon    notice    pppd[366]: PPP: Start to connect ...
Nov 23 22:19:27    daemon    crit    pppd[366]: PPP server detected.
Nov 23 22:19:28    daemon    crit    pppd[366]: PPP session established.
Nov 23 22:19:28    daemon    crit    pppd[366]: PPP LCP UP.
Nov 23 22:19:28    daemon    crit    pppd[366]: Received valid IP address from server. Connection UP.
Nov 23 22:19:29    user    debug    syslog: route add default gw 10.52.0.1 2>/dev/null
Nov 23 22:19:29    user    debug    syslog: iptables -A FORWARD -o ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Nov 23 22:19:29    user    debug    syslog: iptables -A FORWARD -i ppp_0_0_35_1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Nov 23 22:19:29    user    debug    syslog: iptables -t nat -D POSTROUTING -o ppp_0_0_35_1 -s 192.168.1.0/255.255.255.0 -j MASQUERADE 2>/dev/null
Nov 23 22:19:29    user    debug    syslog: iptables -t nat -A POSTROUTING -o ppp_0_0_35_1 -s 192.168.1.0/255.255.255.0 -j MASQUERADE
Nov 23 22:19:31    user    debug    syslog: setkey -f /var/setkey.conf
Nov 23 22:19:31    user    debug    syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_35_1 -p tcp --dport 30005
Nov 23 22:19:31    user    debug    syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_35_1 -p tcp --dport 30005
Nov 23 22:19:31    user    debug    syslog: iptables -I INPUT 1 -j ACCEPT -i ppp_0_0_35_1 -p udp -s 192.168.1.1/24 --dport 30006
Nov 23 22:19:31    user    debug    syslog: iptables -I FORWARD 1 -j ACCEPT -i ppp_0_0_35_1 -p udp -s 192.168.1.1/24 --dport 30006
Nov 23 22:19:33    user    debug    syslog: ifconfig ppp_0_0_35_1 mtu 1492
Nov 23 22:47:31    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=44562 DF PROTO=TCP SPT=2343 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 23 22:47:34    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=44706 DF PROTO=TCP SPT=2343 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 23 22:53:14    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=60467 DF PROTO=TCP SPT=3463 DPT=445 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 23 22:53:17    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=60594 DF PROTO=TCP SPT=3463 DPT=445 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 23 23:19:02    syslog    info    -- MARK --
Nov 23 23:23:39    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=56315 DF PROTO=TCP SPT=2858 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 23 23:23:42    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.67 DST=10.52.124.190 LEN=64 TOS=0x00 PREC=0x00 TTL=47 ID=56581 DF PROTO=TCP SPT=2858 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0
Nov 23 23:50:09    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.213 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=11102 DF PROTO=TCP SPT=3529 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 23 23:50:12    user    alert    kernel: Intrusion -> IN=ppp_0_0_35_1 OUT= MAC= SRC=10.52.240.213 DST=10.52.124.190 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=11545 DF PROTO=TCP SPT=3529 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0
Nov 23 23:51:53    user    warn    dnsprobe[713]: dns query failed
Nov 23 23:51:55    user    warn    dnsprobe[713]: dns query failed
Nov 23 23:51:57    user    warn    dnsprobe[713]: dns query failed
Nov 23 23:51:57    user    notice    dnsprobe[713]: Primary DNS server Is Down... Switching To Secondary DNS server
Nov 24 00:02:01    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:02:03    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:02:05    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:12:07    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:12:09    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:12:11    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:19:02    syslog    info    -- MARK --
Nov 24 00:22:13    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:22:15    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:22:17    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:32:19    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:32:21    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:32:23    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:42:25    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:42:27    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:42:29    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:52:31    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:52:33    user    warn    dnsprobe[713]: dns query failed
Nov 24 00:52:35    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:02:37    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:02:39    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:02:41    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:12:43    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:12:45    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:12:47    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:19:02    syslog    info    -- MARK --
Nov 24 01:22:49    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:22:51    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:22:53    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:32:55    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:32:57    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:32:59    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:43:01    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:43:03    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:43:05    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:53:07    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:53:09    user    warn    dnsprobe[713]: dns query failed
Nov 24 01:53:11    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:03:13    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:03:15    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:03:17    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:13:19    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:13:21    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:13:23    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:19:02    syslog    info    -- MARK --
Nov 24 02:23:25    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:23:27    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:23:29    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:33:31    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:33:33    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:33:35    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:43:37    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:43:39    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:43:41    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:53:43    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:53:45    user    warn    dnsprobe[713]: dns query failed
Nov 24 02:53:47    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:03:49    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:03:51    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:03:53    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:13:55    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:13:57    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:13:59    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:19:02    syslog    info    -- MARK --
Nov 24 03:24:01    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:24:03    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:24:05    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:34:07    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:34:09    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:34:11    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:44:13    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:44:15    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:44:17    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:54:19    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:54:21    user    warn    dnsprobe[713]: dns query failed
Nov 24 03:54:23    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:04:26    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:04:28    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:04:30    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:14:32    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:14:34    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:14:36    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:19:02    syslog    info    -- MARK --
Nov 24 04:24:38    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:24:40    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:24:42    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:34:44    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:34:46    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:34:48    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:44:50    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:44:52    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:44:54    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:54:56    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:54:58    user    warn    dnsprobe[713]: dns query failed
Nov 24 04:55:00    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:05:02    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:05:04    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:05:06    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:15:08    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:15:10    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:15:12    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:19:02    syslog    info    -- MARK --
Nov 24 05:25:14    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:25:16    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:25:18    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:35:20    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:35:22    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:35:24    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:45:26    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:45:28    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:45:30    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:55:32    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:55:34    user    warn    dnsprobe[713]: dns query failed
Nov 24 05:55:36    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:05:38    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:05:40    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:05:42    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:15:44    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:15:46    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:15:48    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:19:02    syslog    info    -- MARK --
Nov 24 06:25:50    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:25:52    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:25:54    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:35:56    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:35:58    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:36:00    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:46:02    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:46:04    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:46:06    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:56:08    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:56:10    user    warn    dnsprobe[713]: dns query failed
Nov 24 06:56:12    user    warn    dnsprobe[713]: dns query failed 

Вернуться наверх

Страница 1 из 1

[ Сообщений: 6 ]

Список форумов » ADSL и последняя миля

Часовой пояс: UTC + 3 часа

Кто сейчас на форуме

Сейчас этот форум просматривают: нет зарегистрированных пользователей и гости: 5

Вы не можете начинать темы
Вы не можете отвечать на сообщения
Вы не можете редактировать свои сообщения
Вы не можете удалять свои сообщения
Вы не можете добавлять вложения