Aide iptables



  • Bonjours dans mes log iptables j'ai pu voir ceci

    Aug 31 02:26:23 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:db:f7:08:00  SRC=185.13.36.86 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=16789 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:26:29 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:fd:08:00  SRC=185.13.36.56 DST=185.13.36.255 LEN=229 TOS=00 PREC=0x00 TTL=128 ID=3340 PROTO=UDP SPT=138 DPT=138 LEN=209
    Aug 31 02:26:39 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=20250 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:26:51 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=21301 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:27:04 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:3d:7e:35:ec:62:08:00  SRC=185.13.36.84 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=5592 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:27:18 srv416 iptables denied:  IN=eth0 OUT= MAC=01:00:5e:00:00:01:d4:3d:7e:27:75:ee:08:00  SRC=0.0.0.0 DST=224.0.0.1 LEN=32 TOS=00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
    Aug 31 02:27:28 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=25445 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:27:39 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=14019 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:27:51 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=15728 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:28:04 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:3d:7e:35:ec:62:08:00  SRC=185.13.36.84 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=5594 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:28:15 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=29433 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:28:27 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=19378 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:28:39 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=20532 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:28:51 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=21989 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:29:03 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=23305 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:29:15 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=24747 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:29:27 srv416 iptables denied:  IN=eth0 OUT= MAC=01:00:5e:00:00:fb:d4:3d:7e:27:75:e6:08:00  SRC=185.13.36.20 DST=224.0.0.251 LEN=32 TOS=00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
    Aug 31 02:29:40 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:9b:01:08:00  SRC=185.13.36.43 DST=255.255.255.255 LEN=140 TOS=00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=120
    Aug 31 02:29:51 srv416 iptables denied:  IN=eth0 OUT= MAC=01:00:5e:00:00:fb:d4:3d:7e:27:75:e6:08:00  SRC=185.13.36.20 DST=224.0.0.251 LEN=72 TOS=00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=52
    Aug 31 02:30:04 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:3d:7e:35:ec:62:08:00  SRC=185.13.36.84 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=5598 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:30:19 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=30243 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:30:31 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:de:92:08:00  SRC=185.13.36.85 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=10841 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:30:40 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=11260 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:30:55 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:db:f7:08:00  SRC=185.13.36.86 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=16798 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:31:05 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:3d:7e:35:ec:62:08:00  SRC=185.13.36.84 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=5600 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:31:15 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=15404 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:31:27 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:de:bb:08:00  SRC=185.13.36.87 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=2420 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:31:41 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:9b:01:08:00  SRC=185.13.36.43 DST=255.255.255.255 LEN=140 TOS=00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=120
    Aug 31 02:31:53 srv416 iptables denied:  IN=eth0 OUT= MAC=01:00:5e:00:00:01:d4:3d:7e:27:6d:c4:08:00  SRC=0.0.0.0 DST=224.0.0.1 LEN=32 TOS=00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
    Aug 31 02:32:03 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=19811 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:32:25 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:db:f7:08:00  SRC=185.13.36.86 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=16801 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:32:27 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:de:bb:08:00  SRC=185.13.36.87 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=2422 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:32:39 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=23842 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:32:51 srv416 iptables denied:  IN=eth0 OUT= MAC=01:00:5e:00:00:01:d4:3d:7e:27:6d:3c:08:00  SRC=0.0.0.0 DST=224.0.0.1 LEN=32 TOS=00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
    Aug 31 02:33:05 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:3d:7e:35:ec:62:08:00  SRC=185.13.36.84 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=5604 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:33:15 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=15493 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:33:27 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:de:bb:08:00  SRC=185.13.36.87 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=2424 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:33:40 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=30009 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:33:55 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:db:f7:08:00  SRC=185.13.36.86 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=16804 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:34:05 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:3d:7e:35:ec:62:08:00  SRC=185.13.36.84 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=5606 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:34:15 srv416 iptables denied:  IN=eth0 OUT= MAC=01:00:5e:00:00:fb:70:54:d2:44:c4:f6:08:00  SRC=185.13.36.67 DST=224.0.0.251 LEN=173 TOS=00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=153
    Aug 31 02:34:28 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:54:d2:44:de:bb:08:00  SRC=185.13.36.87 DST=255.255.255.255 LEN=225 TOS=00 PREC=0x00 TTL=128 ID=2426 PROTO=UDP SPT=17500 DPT=17500 LEN=205
    Aug 31 02:34:41 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d4:3d:7e:4f:0e:20:08:00  SRC=185.13.36.63 DST=255.255.255.255 LEN=140 TOS=00 PREC=0x00 TTL=128 ID=13911 PROTO=UDP SPT=17500 DPT=17500 LEN=120
    Aug 31 02:34:54 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=24662 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:35:03 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:99:b7:08:00  SRC=185.13.36.25 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=5217 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:35:15 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=26907 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:35:27 srv416 iptables denied:  IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:22:4d:a3:98:9c:08:00  SRC=185.13.36.55 DST=185.13.36.255 LEN=78 TOS=00 PREC=0x00 TTL=128 ID=28352 PROTO=UDP SPT=137 DPT=137 LEN=58
    Aug 31 02:35:39 srv416 iptables denied:  IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:22:4d:a3:94:d9:08:00  SRC=185.13.36.31 DST=224.0.0.251 LEN=32 TOS=00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2
    
    

    Le soucis c'est que je comprend pas dans c'est log l'ip de mon serveur n'apparai même pas est cela concerne toujours le même port (128)

    ci quel'un peux m'aider.

    Merci d'avance


  • Administrateur

    C'est le broadcast sur le réseau, sans importance particulière.
    D'autres hébergeurs suppriment le broadcast sur les switch, nous on le laisse passer pour le moment car pas trop important.



  • Okay merci de cette précision :D

    Moyen de dire a iptables d’arrêté de log certain ip ?
    car cela pollue un peux les log :D


Log in to reply