Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th April 2012, 09:16
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,262
Thanks: 78
Thanked 24 Times in 20 Posts
 
Default how to track or trace outgoing traffic

Since I installed apf firewall on my Debian squeeze server I see a lot of blocked outgoing traffic and it is rightfully blocked as my server should have no business connecting to this IP but I would really like to know who or what application is responsible for these connections.

Can someone point me in the right direction how to track this?

I see tons of these logs:

Code:
Apr 18 09:11:04 h1870666 kernel: [2406188.392117] ** SDROP ** IN= OUT=eth0 SRC=85.214.249.219 DST=31.184.242.127 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=48286 DF PROTO=TCP SPT=53254 DPT=80 WINDOW=5840 RES=0x00 CWR ECE SYN URGP=0 OPT (020405B401010402)
Reply With Quote
Sponsored Links
Reply

Bookmarks

Tags
firewall, ougoing traffic, trace, track

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISP Config3 and Pure-FTPD gigaboy Installation/Configuration 4 20th May 2011 13:28
Traffic quota and mail traffic Davide General 2 10th January 2011 13:21
Postfix not forwarding for some domains flappy Installation/Configuration 3 21st November 2010 17:57
Newb: Result of nessus scan Slowhand Installation/Configuration 12 4th June 2009 15:31
Disabling HTTP TRACE / TRACK in all virtual host rdike Installation/Configuration 8 11th May 2008 03:41


All times are GMT +2. The time now is 06:23.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.