View Single Post
  #5  
Old 21st February 2008, 11:23
ikkem ikkem is offline
Member
 
Join Date: Feb 2007
Posts: 85
Thanks: 2
Thanked 2 Times in 1 Post
Default

hi these are the rules in my /etc/shorewall/rules

Code:
FTP/ACCEPT     net       loc	tcp

ACCEPT    net    fw    tcp    20
ACCEPT    net    fw    tcp    21
ACCEPT    net    fw    tcp    2900
/var/log/syslog info

Code:
 Shorewall:logflags:DROP:IN=eth0 OUT= MAC=00:1a:92:55:09:5c:00:18:f6:05:40:6f:08:00 SRC=202.10.89.8 DST=192.168.1.72 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=0 DF PROTO=TCP SPT=51099 DPT=50847 WINDOW=32768 RES=0x00 URGP=0 
Feb 21 08:44:26 localhost kernel: Shorewall:logflags:DROP:IN=eth0 OUT= MAC=00:1a:92:55:09:5c:00:18:f6:05:40:6f:08:00 SRC=220.233.122.214 DST=192.168.1.72 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=0 DF PROTO=TCP SPT=2254 DPT=46261 WINDOW=32768 RES=0x00 URGP=0 
Feb 21 08:44:29 localhost last message repeated 3 times
Feb 21 08:50:09 localhost root: Shorewall restarted
Feb 21 09:00:03 localhost root: Shorewall restarted
Feb 21 09:04:23 localhost kernel: Shorewall:logflags:DROP:IN=eth0 OUT= MAC=00:1a:92:55:09:5c:00:18:f6:05:40:6f:08:00 SRC=220.233.122.214 DST=192.168.1.72 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=0 DF PROTO=TCP SPT=2254 DPT=57781 WINDOW=32768 RES=0x00 URGP=0 
Feb 21 09:04:32 localhost last message repeated 8 times
Feb 21 09:09:01 localhost /USR/SBIN/CRON[19995]: (root) CMD (  [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm)
Feb 21 09:17:01 localhost /USR/SBIN/CRON[20213]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Feb 21 09:34:57 localhost -- MARK --
Feb 21 09:39:01 localhost /USR/SBIN/CRON[20838]: (root) CMD (  [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm)
Feb 21 09:54:58 localhost -- MARK --
Feb 21 10:09:01 localhost /USR/SBIN/CRON[22096]: (root) CMD (  [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm)
Feb 21 10:17:01 localhost /USR/SBIN/CRON[22399]: (root) CMD

/var/log/proftpd/proftpd.log info

Code:
Feb 21 05:36:07 server1 proftpd[19377] localhost: error setting IPV6_V6ONLY: Protocol not available
Feb 21 05:36:07 server1 proftpd[19377] localhost: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
Feb 21 05:59:51 server1 proftpd[19377] localhost: ProFTPD killed (signal 15)
Feb 21 05:59:51 server1 proftpd[19377] localhost: ProFTPD 1.3.0 standalone mode SHUTDOWN
Feb 21 05:59:53 server1 proftpd[20593] localhost: error setting IPV6_V6ONLY: Protocol not available
Feb 21 05:59:53 server1 proftpd[20593] localhost: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
Feb 21 06:13:54 server1 proftpd[20593] localhost: ProFTPD killed (signal 15)
Feb 21 06:13:54 server1 proftpd[20593] localhost: ProFTPD 1.3.0 standalone mode SHUTDOWN
Feb 21 06:15:05 server1 proftpd[5026] localhost: error setting IPV6_V6ONLY: Protocol not available
Feb 21 06:15:05 server1 proftpd[5026] localhost: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
Feb 21 06:32:16 server1 proftpd[5026] localhost: ProFTPD killed (signal 15)
Feb 21 06:32:16 server1 proftpd[5026] localhost: ProFTPD 1.3.0 standalone mode SHUTDOWN
Feb 21 06:32:18 server1 proftpd[11118] localhost: error setting IPV6_V6ONLY: Protocol not available
Feb 21 06:32:18 server1 proftpd[11118] localhost: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
Feb 21 08:14:16 server1 proftpd[13640] localhost (localhost[::ffff:127.0.0.1]): FTP session closed.
Feb 21 08:20:33 server1 proftpd[13882] localhost (localhost[::ffff:127.0.0.1]): FTP session closed.
Feb 21 08:50:35 server1 proftpd[18090] localhost (::ffff:77.163.218.144[::ffff:77.163.218.144]): FTP session closed.
Feb 21 08:50:40 server1 proftpd[18093] localhost (::ffff:77.163.218.144[::ffff:77.163.218.144]): FTP session closed.
Feb 21 08:50:45 server1 proftpd[18096] localhost (::ffff:77.163.218.144[::ffff:77.163.218.144]): FTP session closed.
Feb 21 08:52:34 server1 proftpd[18145] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:52:39 server1 proftpd[18148] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:52:44 server1 proftpd[18151] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:54:07 server1 proftpd[18183] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:54:12 server1 proftpd[18186] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:54:17 server1 proftpd[18189] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:55:09 server1 proftpd[18210] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:55:14 server1 proftpd[18213] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 08:55:19 server1 proftpd[18216] localhost (Unknown-00-c0-a8-f0-7e-71.lan[::ffff:192.168.1.70]): FTP session closed.
Feb 21 09:01:33 server1 proftpd[19782] localhost (::ffff:77.163.218.144[::ffff:77.163.218.144]): FTP session closed.
Feb 21 09:01:38 server1 proftpd[19785] localhost (::ffff:77.163.218.144[::ffff:77.163.218.144]): FTP session closed.
Feb 21 09:01:43 server1 proftpd[19788] localhost (::ffff:77.163.218.144[::ffff:77.163.218.144]): FTP session closed.
Feb 21 09:03:25 server1 proftpd[11118] localhost: ProFTPD killed (signal 15)
Feb 21 09:03:25 server1 proftpd[11118] localhost: ProFTPD 1.3.0 standalone mode SHUTDOWN
Feb 21 09:03:27 server1 proftpd[19844] localhost: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
Feb 21 09:03:40 server1 proftpd[19859] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:03:45 server1 proftpd[19862] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:03:50 server1 proftpd[19865] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:06:41 server1 proftpd[19935] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:06:47 server1 proftpd[19938] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:06:52 server1 proftpd[19941] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:13:58 server1 proftpd[20127] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:14:03 server1 proftpd[20130] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:14:09 server1 proftpd[20133] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 09:14:35 server1 proftpd[20146] localhost (Unknown-00-c0-a8-f0-7e-71.lan[192.168.1.70]): FTP session closed.
Feb 21 09:14:40 server1 proftpd[20149] localhost (Unknown-00-c0-a8-f0-7e-71.lan[192.168.1.70]): FTP session closed.
Feb 21 09:14:45 server1 proftpd[20152] localhost (Unknown-00-c0-a8-f0-7e-71.lan[192.168.1.70]): FTP session closed.
Feb 21 09:35:28 server1 proftpd[20724] localhost (Unknown-00-1a-92-55-09-5c.lan[192.168.1.72]): FTP session closed.
Feb 21 10:05:46 server1 proftpd[21694] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:46 server1 proftpd[21695] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:46 server1 proftpd[21696] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:46 server1 proftpd[21697] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:49 server1 proftpd[21702] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:49 server1 proftpd[21703] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:49 server1 proftpd[21704] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:49 server1 proftpd[21705] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:52 server1 proftpd[21708] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:52 server1 proftpd[21710] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:52 server1 proftpd[21711] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:52 server1 proftpd[21709] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:54 server1 proftpd[21716] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:54 server1 proftpd[21717] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:54 server1 proftpd[21718] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:54 server1 proftpd[21719] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:55 server1 proftpd[21722] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:55 server1 proftpd[21723] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:55 server1 proftpd[21724] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:05:55 server1 proftpd[21725] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:03 server1 proftpd[21732] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:03 server1 proftpd[21733] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:03 server1 proftpd[21734] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:03 server1 proftpd[21735] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:55 server1 proftpd[21758] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:55 server1 proftpd[21759] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:55 server1 proftpd[21760] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:06:55 server1 proftpd[21761] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:21 server1 proftpd[21774] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:21 server1 proftpd[21776] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:21 server1 proftpd[21775] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:21 server1 proftpd[21777] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:22 server1 proftpd[21780] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:22 server1 proftpd[21781] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:22 server1 proftpd[21782] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:22 server1 proftpd[21783] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:28 server1 proftpd[21791] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:28 server1 proftpd[21790] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:28 server1 proftpd[21792] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:28 server1 proftpd[21793] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21796] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21797] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21798] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21799] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21802] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21804] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21805] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:29 server1 proftpd[21803] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21808] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21809] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21810] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21811] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21815] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21816] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21817] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:31 server1 proftpd[21814] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:32 server1 proftpd[21820] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:32 server1 proftpd[21821] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:32 server1 proftpd[21822] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:32 server1 proftpd[21823] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21828] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21829] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21830] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21831] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21834] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21835] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21837] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:33 server1 proftpd[21836] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:34 server1 proftpd[21840] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:34 server1 proftpd[21841] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:34 server1 proftpd[21842] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:34 server1 proftpd[21843] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:38 server1 proftpd[21848] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:38 server1 proftpd[21849] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:38 server1 proftpd[21850] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:07:38 server1 proftpd[21851] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:14 server1 proftpd[21868] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:14 server1 proftpd[21869] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:14 server1 proftpd[21870] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:14 server1 proftpd[21871] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:15 server1 proftpd[21875] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:15 server1 proftpd[21876] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:15 server1 proftpd[21877] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:15 server1 proftpd[21874] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:16 server1 proftpd[21880] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:16 server1 proftpd[21881] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:16 server1 proftpd[21882] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:16 server1 proftpd[21883] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:17 server1 proftpd[21886] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:17 server1 proftpd[21887] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:17 server1 proftpd[21888] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:17 server1 proftpd[21889] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:18 server1 proftpd[21894] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:18 server1 proftpd[21896] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:18 server1 proftpd[21897] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:18 server1 proftpd[21895] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:21 server1 proftpd[21903] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:21 server1 proftpd[21904] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:21 server1 proftpd[21905] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:08:21 server1 proftpd[21906] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:09:26 server1 proftpd[22124] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 10:09:37 server1 proftpd[22132] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 10:09:54 server1 proftpd[22143] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:09:54 server1 proftpd[22144] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:09:54 server1 proftpd[22145] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:09:54 server1 proftpd[22146] localhost (localhost[127.0.0.1]): FTP session closed.
Feb 21 10:11:03 server1 proftpd[22180] localhost (77.163.218.144[77.163.218.144]): FTP session closed.
Feb 21 10:11:14 server1 proftpd[22207] localhost (Unknown-00-1a-92-55-09-5c.lan[192.168.1.72]): FTP session closed.

Last edited by ikkem; 21st February 2008 at 11:36.
Reply With Quote