|
how to track or trace outgoing traffic
Since I installed apf firewall on my Debian squeeze server I see a lot of blocked outgoing traffic and it is rightfully blocked as my server should have no business connecting to this IP but I would really like to know who or what application is responsible for these connections.
Can someone point me in the right direction how to track this? I see tons of these logs: Code:
Apr 18 09:11:04 h1870666 kernel: [2406188.392117] ** SDROP ** IN= OUT=eth0 SRC=85.214.249.219 DST=31.184.242.127 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=48286 DF PROTO=TCP SPT=53254 DPT=80 WINDOW=5840 RES=0x00 CWR ECE SYN URGP=0 OPT (020405B401010402) |
| All times are GMT +2. The time now is 13:47. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.