LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page help re losing internet connectivity (snort/pppd/pppoe related??)
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-12-2008, 12:12 AM   #1
callagga
Member
 
Registered: Jan 2008
Posts: 36

Rep: Reputation: 15
help re losing internet connectivity (snort/pppd/pppoe related??)

Hi,

I've been occasionally losing internet connectivity. The ADSL connection seems itself to be OK (per my ADSL modem D-LINK, DSL-504T, interface), however either a router (www.clarkconnect.com, which terminates ppp connection), or ADSL modem (in bridge mode) reboot seems to clear things.

"snort" seems to be restarting in the mix of things and I was hoping someone could take a look at my logs below and see if they could spot anything? Logs are below. (REPEATING BITS REMOVED TO LOWER SIZE OF LOG)

Note, there are two points in the morning logs marked below. One when I restarted modem to fix issue, and 2nd time I restarted ClarkConnect router to correct issue.

ROUTER LOG
================================================================================
Oct 12 08:32:41 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 08:32:41 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 08:32:41 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 08:32:48 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 08:32:48 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 08:32:48 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 08:54:34 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 08:54:34 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 08:54:34 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 08:57:20 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 08:57:20 home dhclient: DHCPACK from 10.1.1.1
Oct 12 08:57:20 home dhclient: bound to 10.1.1.2 -- renewal in 1472 seconds.
Oct 12 09:21:52 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 09:21:52 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 09:21:52 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 09:48:00 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 09:48:00 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 09:48:00 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 09:51:13 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 09:51:13 home dhclient: DHCPACK from 10.1.1.1
Oct 12 09:51:13 home dhclient: bound to 10.1.1.2 -- renewal in 1414 seconds.
Oct 12 10:01:19 home dnsmasq[3379]: DHCPDISCOVER(eth1) 00:12:5a:b9:1d:14
Oct 12 10:01:19 home dnsmasq[3379]: DHCPOFFER(eth1) 10.1.1.111 00:12:5a:b9:1d:14
Oct 12 10:01:19 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.111 00:12:5a:b9:1d:14
Oct 12 10:01:19 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.111 00:12:5a:b9:1d:14
<<cut repeating bits to reduce size>
Oct 12 10:18:04 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 10:18:04 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 10:18:04 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 10:18:25 home pppd[1842]: No response to 5 echo-requests
Oct 12 10:18:25 home pppd[1842]: Serial link appears to be disconnected.
Oct 12 10:18:25 home pppd[1842]: Connect time 186.0 minutes.
Oct 12 10:18:25 home pppd[1842]: Sent 12656857 bytes, received 325184364 bytes.
Oct 12 10:18:25 home snort[3454]: pcap_loop: recvfrom: Network is down
Oct 12 10:18:25 home snort[3454]: Final Flow Statistics
Oct 12 10:18:25 home snort[3454]: Frag3 statistics:
Oct 12 10:18:25 home snort[3454]: Total Fragments: 0
Oct 12 10:18:25 home snort[3454]: Frags Reassembled: 0
Oct 12 10:18:25 home snort[3454]: Discards: 0
Oct 12 10:18:25 home snort[3454]: Memory Faults: 0
Oct 12 10:18:25 home snort[3454]: Timeouts: 0
Oct 12 10:18:25 home snort[3454]: Overlaps: 0
Oct 12 10:18:25 home snort[3454]: Anomalies: 0
Oct 12 10:18:25 home snort[3454]: Alerts: 0
Oct 12 10:18:25 home snort[3454]: FragTrackers Added: 0
Oct 12 10:18:25 home snort[3454]: FragTrackers Dumped: 0
Oct 12 10:18:25 home snort[3454]: FragTrackers Auto Freed: 0
Oct 12 10:18:25 home snort[3454]: Frag Nodes Inserted: 0
Oct 12 10:18:25 home snort[3454]: Frag Nodes Deleted: 0
Oct 12 10:18:25 home snort[3454]: ===============================================================================
Oct 12 10:18:25 home snort[3454]: INFO => [Alert_FWsam](FWsamCheckOut) Disconnecting from host 127.0.0.1.
Oct 12 10:18:25 home snort[3454]: Snort exiting
Oct 12 10:18:25 home kernel: device ppp0 left promiscuous mode
Oct 12 10:18:25 home kernel: audit(1223770705.685:5): dev=ppp0 prom=0 old_prom=256 auid=4294967295
Oct 12 10:18:25 home NET: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 12 10:18:27 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 10:18:27 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 10:18:28 home adsl-stop: Killing pppd
Oct 12 10:18:28 home pppd[1842]: Terminating on signal 15
Oct 12 10:18:28 home adsl-stop: Killing adsl-connect
Oct 12 10:18:31 home pppd[1842]: Connection terminated.
Oct 12 10:18:31 home pppd[1842]: Modem hangup
Oct 12 10:18:33 home pppd[1842]: Terminating on signal 15
Oct 12 10:18:33 home pppd[1842]: Exit.
Oct 12 10:18:33 home pppoe[1856]: read (asyncReadFromPPP): Session 366: Input/output error
Oct 12 10:18:33 home pppoe[1856]: Sent PADT
Oct 12 10:18:35 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 10:18:35 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 10:18:35 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 10:18:35 home pppd[16525]: pppd 2.4.3 started by root, uid 0
Oct 12 10:18:36 home pppd[16525]: Using interface ppp0
Oct 12 10:18:36 home pppd[16525]: Connect: ppp0 <--> /dev/pts/0
Oct 12 10:18:36 home pppoe[16526]: PPP session is 337
Oct 12 10:18:38 home pppd[16525]: PAP authentication succeeded
Oct 12 10:18:38 home pppd[16525]: local IP address 123.233.121.32
Oct 12 10:18:38 home pppd[16525]: remote IP address 10.20.20.210
Oct 12 10:18:38 home pppd[16525]: primary DNS address 203.12.160.35
Oct 12 10:18:38 home pppd[16525]: secondary DNS address 203.12.160.36
Oct 12 10:18:38 home NET: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
Oct 12 10:18:39 home firewall: succeeded
Oct 12 10:18:40 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 10:18:40 home dnsmasq[3379]: using nameserver 203.12.160.36#53
Oct 12 10:18:40 home dnsmasq[3379]: using nameserver 203.12.160.35#53
Oct 12 10:18:55 home firewall: succeeded
Oct 12 10:19:06 home firewall: succeeded
Oct 12 10:19:06 home snort: snort shutdown failed
Oct 12 10:19:07 home kernel: device ppp0 entered promiscuous mode
Oct 12 10:19:07 home kernel: audit(1223770747.015:6): dev=ppp0 prom=256 old_prom=0 auid=4294967295
Oct 12 10:19:07 home snort[17399]: Initializing daemon mode
Oct 12 10:19:07 home snort[17400]: PID path stat checked out ok, PID path set to /var/run/
Oct 12 10:19:07 home snort[17400]: Writing PID "17400" to file "/var/run//snort_ppp0.pid"
Oct 12 10:19:07 home snort[17400]: Parsing Rules file /etc/snort.conf
Oct 12 10:19:07 home snort[17400]: ,-----------[Flow Config]----------------------
Oct 12 10:19:07 home snort[17400]: | Stats Interval: 0
Oct 12 10:19:07 home snort[17400]: | Hash Method: 2
Oct 12 10:19:07 home snort[17400]: | Memcap: 10485760
Oct 12 10:19:07 home snort[17400]: | Rows : 4099
Oct 12 10:19:07 home snort[17400]: | Overhead Bytes: 16400(%0.16)
Oct 12 10:19:07 home snort: snort startup succeeded
Oct 12 10:19:07 home snort[17400]: `----------------------------------------------
Oct 12 10:19:07 home snort[17400]: Frag3 global config:
Oct 12 10:19:07 home snort[17400]: Max frags: 65536
Oct 12 10:19:07 home snort[17400]: Fragment memory cap: 4194304 bytes
Oct 12 10:19:07 home snort[17400]: Frag3 engine config:
Oct 12 10:19:07 home snort[17400]: Target-based policy: FIRST
Oct 12 10:19:07 home snort[17400]: Fragment timeout: 60 seconds
Oct 12 10:19:07 home snort[17400]: Fragment min_ttl: 1
Oct 12 10:19:07 home snort[17400]: Fragment ttl_limit: 5
Oct 12 10:19:07 home snort[17400]: Fragment Problems: 1
Oct 12 10:19:07 home snort[17400]: Bound Addresses: 0.0.0.0/0.0.0.0
Oct 12 10:19:07 home snort[17400]: Stream4 config:
Oct 12 10:19:07 home snort[17400]: Stateful inspection: ACTIVE
Oct 12 10:19:07 home snort[17400]: Session statistics: INACTIVE
Oct 12 10:19:07 home snort[17400]: Session timeout: 30 seconds
Oct 12 10:19:07 home snort[17400]: Session memory cap: 8388608 bytes
Oct 12 10:19:07 home snort[17400]: Session count max: 8192 sessions
Oct 12 10:19:07 home snort[17400]: Session cleanup count: 5
Oct 12 10:19:07 home snort[17400]: State alerts: INACTIVE
Oct 12 10:19:07 home snort[17400]: Evasion alerts: INACTIVE
Oct 12 10:19:07 home snort[17400]: Scan alerts: INACTIVE
Oct 12 10:19:07 home snort[17400]: Log Flushed Streams: INACTIVE
Oct 12 10:19:07 home snort[17400]: MinTTL: 1
Oct 12 10:19:07 home snort[17400]: TTL Limit: 5
Oct 12 10:19:07 home snort[17400]: Async Link: 0
Oct 12 10:19:07 home snort[17400]: State Protection: 0
Oct 12 10:19:07 home snort[17400]: Self preservation threshold: 50
Oct 12 10:19:07 home snort[17400]: Self preservation period: 90
Oct 12 10:19:07 home snort[17400]: Suspend threshold: 200
Oct 12 10:19:07 home snort[17400]: Suspend period: 30
Oct 12 10:19:07 home snort[17400]: Enforce TCP State: INACTIVE
Oct 12 10:19:07 home snort[17400]: Midstream Drop Alerts: INACTIVE
Oct 12 10:19:07 home snort[17400]: Server Data Inspection Limit: -1
Oct 12 10:19:07 home snort[17400]: WARNING /etc/snort.conf(373) => flush_behavior set in config file, using old static flushpoints (0)
Oct 12 10:19:07 home snort[17400]: Stream4_reassemble config:
Oct 12 10:19:07 home snort[17400]: Server reassembly: INACTIVE
Oct 12 10:19:07 home snort[17400]: Client reassembly: ACTIVE
Oct 12 10:19:07 home snort[17400]: Reassembler alerts: ACTIVE
Oct 12 10:19:07 home snort[17400]: Zero out flushed packets: INACTIVE
Oct 12 10:19:07 home snort[17400]: Flush stream on alert: INACTIVE
Oct 12 10:19:07 home snort[17400]: flush_data_diff_size: 500
Oct 12 10:19:07 home snort[17400]: Reassembler Packet Preferance : Favor Old
Oct 12 10:19:07 home snort[17400]: Packet Sequence Overlap Limit: -1
Oct 12 10:19:07 home snort[17400]: Flush behavior: Small (<255 bytes)
Oct 12 10:19:07 home snort[17400]: Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 10:19:07 home snort[17400]: Emergency Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 10:19:07 home snort[17400]: rpc_decode arguments:
Oct 12 10:19:07 home snort[17400]: Ports to decode RPC on: 111 32771
Oct 12 10:19:07 home snort[17400]: alert_fragments: INACTIVE
Oct 12 10:19:07 home snort[17400]: alert_large_fragments: ACTIVE
Oct 12 10:19:07 home snort[17400]: alert_incomplete: ACTIVE
Oct 12 10:19:07 home snort[17400]: alert_multiple_requests: ACTIVE
Oct 12 10:19:07 home snort[17400]: telnet_decode arguments:
Oct 12 10:19:07 home snort[17400]: Ports to decode telnet on: 21 23 25 119
Oct 12 10:19:07 home snort[17400]: Portscan Detection Config:
 
Old 10-12-2008, 12:12 AM   #2
callagga
Member
 
Registered: Jan 2008
Posts: 36

Original Poster
Rep: Reputation: 15
logs continued 1
Oct 12 10:19:07 home snort[17400]: Detect Protocols: TCP UDP ICMP IP
Oct 12 10:19:07 home snort[17400]: Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan
Oct 12 10:19:07 home snort[17400]: Sensitivity Level: Low
Oct 12 10:19:07 home snort[17400]: Memcap (in bytes): 10000000
Oct 12 10:19:07 home snort[17400]: Number of Nodes: 36900
Oct 12 10:19:07 home snort[17400]:
Oct 12 10:19:07 home snort[17400]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1.
Oct 12 10:19:07 home snort[17400]: Warning: flowbits key 'community_uri.size.1050' is set but not ever checked.
Oct 12 10:19:07 home snort[17400]:
Oct 12 10:19:07 home snort[17400]: +-----------------------[thresholding-config]----------------------------------
Oct 12 10:19:07 home snort[17400]: | memory-cap : 1048576 bytes
Oct 12 10:19:07 home snort[17400]: +-----------------------[thresholding-global]----------------------------------
Oct 12 10:19:07 home snort[17400]: | none
Oct 12 10:19:07 home snort[17400]: +-----------------------[thresholding-local]-----------------------------------
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=3527 type=Limit tracking=dst count=5 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=100000877 type=Limit tracking=src count=1 seconds=300
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=2000049 type=Limit tracking=dst count=1 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=100000161 type=Both tracking=dst count=100 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=100000160 type=Both tracking=src count=300 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=100000208 type=Threshold tracking=src count=50 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=3000001 type=Threshold tracking=src count=6 seconds=30
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=2000031 type=Limit tracking=dst count=1 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=2000048 type=Limit tracking=dst count=1 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=100000162 type=Both tracking=src count=100 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=3000002 type=Threshold tracking=src count=6 seconds=30
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=2001906 type=Both tracking=src count=5 seconds=60
Oct 12 10:19:07 home snort[17400]: | gen-id=1 sig-id=100000159 type=Both tracking=src count=100 seconds=60
Oct 12 10:19:08 home snort[17400]: | gen-id=1 sig-id=100000158 type=Both tracking=src count=100 seconds=60
Oct 12 10:19:08 home snort[17400]: | gen-id=1 sig-id=100000163 type=Both tracking=src count=100 seconds=60
Oct 12 10:19:08 home snort[17400]: | gen-id=1 sig-id=3152 type=Threshold tracking=src count=5 seconds=2
Oct 12 10:19:08 home snort[17400]: | gen-id=1 sig-id=3273 type=Threshold tracking=src count=5 seconds=2
Oct 12 10:19:08 home snort[17400]: | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60
Oct 12 10:19:08 home snort[17400]: | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60
Oct 12 10:19:08 home snort[17400]: +-----------------------[suppression]------------------------------------------
Oct 12 10:19:08 home snort[17400]: | none
Oct 12 10:19:08 home snort[17400]: -------------------------------------------------------------------------------
Oct 12 10:19:08 home snort[17400]: Rule application order: ->activation->dynamic->drop->alert->pass->log
Oct 12 10:19:08 home snort[17400]: Log directory = /var/log/snort
Oct 12 10:19:08 home snort[17400]: Snort initialization completed successfully (pid=17400)
Oct 12 10:19:09 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 10:19:09 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 10:19:09 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 10:43:56 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 10:43:56 home dhclient: DHCPACK from 10.1.1.1
Oct 12 10:43:56 home dhclient: bound to 10.1.1.2 -- renewal in 1514 seconds.
<<cut repeating bits to reduce size>
Oct 12 11:15:21 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 11:15:21 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 11:15:21 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 11:16:01 home kernel: e100: eth0: e100_watchdog: link down
Oct 12 11:16:11 home kernel: e100: eth0: e100_watchdog: link up, 100Mbps, full-duplex
Oct 12 11:16:32 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 11:16:32 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 11:16:32 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 11:16:53 home dnsmasq[3379]: DHCPDISCOVER(eth1) 00:12:5a:b9:1d:14
Oct 12 11:16:53 home dnsmasq[3379]: DHCPOFFER(eth1) 10.1.1.111 00:12:5a:b9:1d:14
Oct 12 11:16:53 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.111 00:12:5a:b9:1d:14
Oct 12 11:16:53 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.111 00:12:5a:b9:1d:14
Oct 12 11:17:26 home adsl-stop: Killing pppd
Oct 12 11:17:26 home pppd[16525]: Terminating on signal 15
Oct 12 11:17:26 home pppd[16525]: Connect time 58.8 minutes.
Oct 12 11:17:26 home pppd[16525]: Sent 242498 bytes, received 470452 bytes.
Oct 12 11:17:26 home snort[17400]: pcap_loop: recvfrom: Network is down
Oct 12 11:17:26 home snort[17400]: Final Flow Statistics
Oct 12 11:17:26 home snort[17400]: Frag3 statistics:
Oct 12 11:17:26 home snort[17400]: Total Fragments: 0
Oct 12 11:17:26 home snort[17400]: Frags Reassembled: 0
Oct 12 11:17:26 home snort[17400]: Discards: 0
Oct 12 11:17:26 home snort[17400]: Memory Faults: 0
Oct 12 11:17:26 home snort[17400]: Timeouts: 0
Oct 12 11:17:26 home snort[17400]: Overlaps: 0
Oct 12 11:17:26 home snort[17400]: Anomalies: 0
Oct 12 11:17:26 home snort[17400]: Alerts: 0
Oct 12 11:17:26 home snort[17400]: FragTrackers Added: 0
Oct 12 11:17:26 home snort[17400]: FragTrackers Dumped: 0
Oct 12 11:17:26 home snort[17400]: FragTrackers Auto Freed: 0
Oct 12 11:17:26 home snort[17400]: Frag Nodes Inserted: 0
Oct 12 11:17:26 home snort[17400]: Frag Nodes Deleted: 0
Oct 12 11:17:26 home snort[17400]: ===============================================================================
Oct 12 11:17:26 home snort[17400]: INFO => [Alert_FWsam](FWsamCheckOut) Disconnecting from host 127.0.0.1.
Oct 12 11:17:26 home snort[17400]: Snort exiting
Oct 12 11:17:26 home kernel: device ppp0 left promiscuous mode
Oct 12 11:17:26 home kernel: audit(1223774246.763:7): dev=ppp0 prom=0 old_prom=256 auid=4294967295
Oct 12 11:17:26 home adsl-stop: Killing adsl-connect
Oct 12 11:17:26 home NET: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 12 11:17:29 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 11:17:29 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 11:17:31 home pppd[16525]: Terminating on signal 15
Oct 12 11:17:32 home pppd[16525]: Connection terminated.
Oct 12 11:17:32 home pppd[16525]: Modem hangup
Oct 12 11:17:34 home pppd[9884]: pppd 2.4.3 started by root, uid 0
Oct 12 11:17:34 home pppd[9884]: Using interface ppp0
Oct 12 11:17:34 home pppd[9884]: Connect: ppp0 <--> /dev/pts/2
Oct 12 11:17:34 home pppoe[9885]: PPP session is 31
Oct 12 11:17:36 home pppd[9884]: PAP authentication succeeded
Oct 12 11:17:36 home pppd[9884]: local IP address 123.233.121.32
Oct 12 11:17:36 home pppd[9884]: remote IP address 10.20.20.210
Oct 12 11:17:36 home pppd[9884]: primary DNS address 203.12.160.35
Oct 12 11:17:36 home pppd[9884]: secondary DNS address 203.12.160.36
Oct 12 11:17:36 home NET: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
Oct 12 11:17:36 home firewall: succeeded
Oct 12 11:17:37 home pppd[16525]: Exit.
Oct 12 11:17:37 home pppoe[16526]: read (asyncReadFromPPP): Session 337: Input/output error
Oct 12 11:17:37 home pppoe[16526]: Sent PADT
Oct 12 11:17:47 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 11:17:47 home dnsmasq[3379]: using nameserver 203.12.160.36#53
Oct 12 11:17:47 home dnsmasq[3379]: using nameserver 203.12.160.35#53
Oct 12 11:17:53 home firewall: succeeded
Oct 12 11:18:04 home firewall: succeeded
Oct 12 11:18:04 home snort: snort shutdown failed
Oct 12 11:18:05 home kernel: device ppp0 entered promiscuous mode
Oct 12 11:18:05 home kernel: audit(1223774285.080:8): dev=ppp0 prom=256 old_prom=0 auid=4294967295
Oct 12 11:18:05 home snort[10663]: Initializing daemon mode
Oct 12 11:18:05 home snort[10664]: PID path stat checked out ok, PID path set to /var/run/
Oct 12 11:18:05 home snort[10664]: Writing PID "10664" to file "/var/run//snort_ppp0.pid"
Oct 12 11:18:05 home snort[10664]: Parsing Rules file /etc/snort.conf
Oct 12 11:18:05 home snort[10664]: ,-----------[Flow Config]----------------------
Oct 12 11:18:05 home snort[10664]: | Stats Interval: 0
Oct 12 11:18:05 home snort[10664]: | Hash Method: 2
Oct 12 11:18:05 home snort[10664]: | Memcap: 10485760
Oct 12 11:18:05 home snort[10664]: | Rows : 4099
Oct 12 11:18:05 home snort[10664]: | Overhead Bytes: 16400(%0.16)
Oct 12 11:18:05 home snort[10664]: `----------------------------------------------
Oct 12 11:18:05 home snort[10664]: Frag3 global config:
Oct 12 11:18:05 home snort[10664]: Max frags: 65536
Oct 12 11:18:05 home snort[10664]: Fragment memory cap: 4194304 bytes
Oct 12 11:18:05 home snort[10664]: Frag3 engine config:
Oct 12 11:18:05 home snort[10664]: Target-based policy: FIRST
Oct 12 11:18:05 home snort[10664]: Fragment timeout: 60 seconds
Oct 12 11:18:05 home snort[10664]: Fragment min_ttl: 1
Oct 12 11:18:05 home snort: snort startup succeeded
Oct 12 11:18:05 home snort[10664]: Fragment ttl_limit: 5
Oct 12 11:18:05 home snort[10664]: Fragment Problems: 1
Oct 12 11:18:05 home snort[10664]: Bound Addresses: 0.0.0.0/0.0.0.0
Oct 12 11:18:05 home snort[10664]: Stream4 config:
Oct 12 11:18:05 home snort[10664]: Stateful inspection: ACTIVE
Oct 12 11:18:05 home snort[10664]: Session statistics: INACTIVE
Oct 12 11:18:05 home snort[10664]: Session timeout: 30 seconds
Oct 12 11:18:05 home snort[10664]: Session memory cap: 8388608 bytes
Oct 12 11:18:05 home snort[10664]: Session count max: 8192 sessions
Oct 12 11:18:05 home snort[10664]: Session cleanup count: 5
Oct 12 11:18:05 home snort[10664]: State alerts: INACTIVE
Oct 12 11:18:05 home snort[10664]: Evasion alerts: INACTIVE
Oct 12 11:18:05 home snort[10664]: Scan alerts: INACTIVE
Oct 12 11:18:05 home snort[10664]: Log Flushed Streams: INACTIVE
Oct 12 11:18:05 home snort[10664]: MinTTL: 1
Oct 12 11:18:05 home snort[10664]: TTL Limit: 5
Oct 12 11:18:05 home snort[10664]: Async Link: 0
Oct 12 11:18:05 home snort[10664]: State Protection: 0
Oct 12 11:18:05 home snort[10664]: Self preservation threshold: 50
Oct 12 11:18:05 home snort[10664]: Self preservation period: 90
Oct 12 11:18:05 home snort[10664]: Suspend threshold: 200
Oct 12 11:18:05 home snort[10664]: Suspend period: 30
Oct 12 11:18:05 home snort[10664]: Enforce TCP State: INACTIVE
Oct 12 11:18:05 home snort[10664]: Midstream Drop Alerts: INACTIVE
Oct 12 11:18:05 home snort[10664]: Server Data Inspection Limit: -1
Oct 12 11:18:05 home snort[10664]: WARNING /etc/snort.conf(373) => flush_behavior set in config file, using old static flushpoints (0)
Oct 12 11:18:05 home snort[10664]: Stream4_reassemble config:
Oct 12 11:18:05 home snort[10664]: Server reassembly: INACTIVE
Oct 12 11:18:05 home snort[10664]: Client reassembly: ACTIVE
Oct 12 11:18:05 home snort[10664]: Reassembler alerts: ACTIVE
Oct 12 11:18:05 home snort[10664]: Zero out flushed packets: INACTIVE
Oct 12 11:18:05 home snort[10664]: Flush stream on alert: INACTIVE
Oct 12 11:18:05 home snort[10664]: flush_data_diff_size: 500
Oct 12 11:18:05 home snort[10664]: Reassembler Packet Preferance : Favor Old
Oct 12 11:18:05 home snort[10664]: Packet Sequence Overlap Limit: -1
Oct 12 11:18:05 home snort[10664]: Flush behavior: Small (<255 bytes)
Oct 12 11:18:05 home snort[10664]: Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 11:18:05 home snort[10664]: Emergency Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 11:18:05 home snort[10664]: rpc_decode arguments:
Oct 12 11:18:05 home snort[10664]: Ports to decode RPC on: 111 32771
Oct 12 11:18:05 home snort[10664]: alert_fragments: INACTIVE
Oct 12 11:18:05 home snort[10664]: alert_large_fragments: ACTIVE
Oct 12 11:18:05 home snort[10664]: alert_incomplete: ACTIVE
Oct 12 11:18:05 home snort[10664]: alert_multiple_requests: ACTIVE
Oct 12 11:18:05 home snort[10664]: telnet_decode arguments:
Oct 12 11:18:05 home snort[10664]: Ports to decode telnet on: 21 23 25 119
Oct 12 11:18:05 home snort[10664]: Portscan Detection Config:
Oct 12 11:18:05 home snort[10664]: Detect Protocols: TCP UDP ICMP IP
Oct 12 11:18:05 home snort[10664]: Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan
Oct 12 11:18:05 home snort[10664]: Sensitivity Level: Low
Oct 12 11:18:05 home snort[10664]: Memcap (in bytes): 10000000
Oct 12 11:18:05 home snort[10664]: Number of Nodes: 36900
Oct 12 11:18:05 home snort[10664]:
Oct 12 11:18:05 home snort[10664]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1.
Oct 12 11:18:05 home snort[10664]: Warning: flowbits key 'community_uri.size.1050' is set but not ever checked.
Oct 12 11:18:05 home snort[10664]:
Oct 12 11:18:05 home snort[10664]: +-----------------------[thresholding-config]----------------------------------
Oct 12 11:18:05 home snort[10664]: | memory-cap : 1048576 bytes
Oct 12 11:18:05 home snort[10664]: +-----------------------[thresholding-global]----------------------------------
Oct 12 11:18:05 home snort[10664]: | none
Oct 12 11:18:05 home snort[10664]: +-----------------------[thresholding-local]-----------------------------------
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2000048 type=Limit tracking=dst count=1 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000159 type=Both tracking=src count=100 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=3273 type=Threshold tracking=src count=5 seconds=2
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000161 type=Both tracking=dst count=100 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2001906 type=Both tracking=src count=5 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000158 type=Both tracking=src count=100 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000877 type=Limit tracking=src count=1 seconds=300
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000163 type=Both tracking=src count=100 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000160 type=Both tracking=src count=300 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=3152 type=Threshold tracking=src count=5 seconds=2
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2000049 type=Limit tracking=dst count=1 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=3000002 type=Threshold tracking=src count=6 seconds=30
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=3527 type=Limit tracking=dst count=5 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000162 type=Both tracking=src count=100 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=100000208 type=Threshold tracking=src count=50 seconds=60
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=3000001 type=Threshold tracking=src count=6 seconds=30
Oct 12 11:18:05 home snort[10664]: | gen-id=1 sig-id=2000031 type=Limit tracking=dst count=1 seconds=60
Oct 12 11:18:05 home snort[10664]: +-----------------------[suppression]------------------------------------------
Oct 12 11:18:05 home snort[10664]: | none
Oct 12 11:18:05 home snort[10664]: -------------------------------------------------------------------------------
Oct 12 11:18:05 home snort[10664]: Rule application order: ->activation->dynamic->drop->alert->pass->log
Oct 12 11:18:05 home snort[10664]: Log directory = /var/log/snort
Oct 12 11:18:06 home snort[10664]: Snort initialization completed successfully (pid=10664)
Oct 12 11:19:52 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 11:19:52 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 11:19:52 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 11:35:39 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 11:35:39 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 11:35:39 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 11:36:42 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 11:36:42 home dhclient: DHCPNAK from 10.1.1.1
Oct 12 11:36:42 home dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 6
Oct 12 11:36:43 home dhclient: DHCPOFFER from 10.1.1.1
Oct 12 11:36:43 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 11:36:44 home dhclient: DHCPACK from 10.1.1.1
Oct 12 11:36:44 home NET: /sbin/dhclient-script : updated /etc/resolv.conf
Oct 12 11:36:44 home dhclient: bound to 10.1.1.2 -- renewal in 1707 seconds.
Oct 12 11:36:53 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 11:36:53 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 12:05:11 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:05:11 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:05:11 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 12:21:23 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:21:23 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:21:23 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:21:26 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0
Oct 12 12:21:26 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0 fredslaptop
Oct 12 12:21:45 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:21:45 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:21:45 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:22:30 home dnsmasq[3379]: DHCPINFORM(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0
Oct 12 12:22:30 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0 fredslaptop
Oct 12 12:22:33 home dnsmasq[3379]: DHCPINFORM(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0
Oct 12 12:22:33 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0 fredslaptop
Oct 12 12:22:44 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:22:44 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:22:44 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:23:22 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:23:22 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:23:22 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:24:26 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:24:26 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:24:26 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:25:48 home sshd(pam_unix)[3273]: session opened for user root by (uid=0)
Oct 12 12:26:22 home kernel: e100: eth0: e100_watchdog: link down
Oct 12 12:26:23 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:26:23 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:26:23 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:26:30 home kernel: e100: eth0: e100_watchdog: link up, 100Mbps, full-duplex
Oct 12 12:26:57 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:26:57 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:26:57 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:28:16 home pppd[9884]: No response to 5 echo-requests
Oct 12 12:28:16 home pppd[9884]: Serial link appears to be disconnected.
Oct 12 12:28:16 home pppd[9884]: Connect time 70.7 minutes.
Oct 12 12:28:16 home pppd[9884]: Sent 184987 bytes, received 449269 bytes.
Oct 12 12:28:16 home snort[10664]: pcap_loop: recvfrom: Network is down
 
Old 10-12-2008, 12:13 AM   #3
callagga
Member
 
Registered: Jan 2008
Posts: 36

Original Poster
Rep: Reputation: 15
logs continued 2
Oct 12 12:28:16 home snort[10664]: Final Flow Statistics
Oct 12 12:28:16 home snort[10664]: Frag3 statistics:
Oct 12 12:28:16 home snort[10664]: Total Fragments: 0
Oct 12 12:28:16 home snort[10664]: Frags Reassembled: 0
Oct 12 12:28:16 home snort[10664]: Discards: 0
Oct 12 12:28:16 home snort[10664]: Memory Faults: 0
Oct 12 12:28:16 home snort[10664]: Timeouts: 0
Oct 12 12:28:16 home snort[10664]: Overlaps: 0
Oct 12 12:28:16 home snort[10664]: Anomalies: 0
Oct 12 12:28:16 home snort[10664]: Alerts: 0
Oct 12 12:28:16 home snort[10664]: FragTrackers Added: 0
Oct 12 12:28:16 home snort[10664]: FragTrackers Dumped: 0
Oct 12 12:28:16 home snort[10664]: FragTrackers Auto Freed: 0
Oct 12 12:28:16 home snort[10664]: Frag Nodes Inserted: 0
Oct 12 12:28:16 home snort[10664]: Frag Nodes Deleted: 0
Oct 12 12:28:16 home snort[10664]: ===============================================================================
Oct 12 12:28:16 home snort[10664]: INFO => [Alert_FWsam](FWsamCheckOut) Disconnecting from host 127.0.0.1.
Oct 12 12:28:16 home kernel: device ppp0 left promiscuous mode
Oct 12 12:28:16 home kernel: audit(1223778496.384:9): dev=ppp0 prom=0 old_prom=256 auid=4294967295
Oct 12 12:28:16 home snort[10664]: Snort exiting
Oct 12 12:28:16 home NET: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 12 12:28:19 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:28:19 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 12:28:21 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:28:21 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:28:21 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 12:28:22 home pppd[9884]: Connection terminated.
Oct 12 12:28:22 home pppd[9884]: Modem hangup
Oct 12 12:28:23 home adsl-stop: Killing pppd
Oct 12 12:28:23 home pppd[9884]: Terminating on signal 15
Oct 12 12:28:23 home pppd[9884]: Exit.
Oct 12 12:28:23 home pppoe[9885]: read (asyncReadFromPPP): Session 31: Input/output error
Oct 12 12:28:23 home pppoe[9885]: Sent PADT
Oct 12 12:28:23 home adsl-connect: ADSL connection lost; attempting re-connection.
Oct 12 12:28:23 home adsl-stop: Killing adsl-connect
Oct 12 12:28:30 home pppd[3489]: pppd 2.4.3 started by root, uid 0
Oct 12 12:28:30 home pppd[3489]: Using interface ppp0
Oct 12 12:28:30 home pppd[3489]: Connect: ppp0 <--> /dev/pts/2
Oct 12 12:28:30 home pppoe[3490]: PPP session is 31
Oct 12 12:28:32 home pppd[3489]: PAP authentication succeeded
Oct 12 12:28:32 home pppd[3489]: local IP address 123.233.121.32
Oct 12 12:28:32 home pppd[3489]: remote IP address 10.20.20.210
Oct 12 12:28:32 home pppd[3489]: primary DNS address 203.12.160.35
Oct 12 12:28:32 home pppd[3489]: secondary DNS address 203.12.160.36
Oct 12 12:28:32 home NET: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf

Oct 12 12:28:33 home firewall: succeeded
Oct 12 12:28:40 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:28:40 home dnsmasq[3379]: using nameserver 203.12.160.36#53
Oct 12 12:28:40 home dnsmasq[3379]: using nameserver 203.12.160.35#53
Oct 12 12:28:49 home firewall: succeeded
Oct 12 12:29:00 home firewall: succeeded
Oct 12 12:29:01 home snort: snort shutdown failed
Oct 12 12:29:01 home kernel: device ppp0 entered promiscuous mode
Oct 12 12:29:01 home kernel: audit(1223778541.246:10): dev=ppp0 prom=256 old_prom=0 auid=4294967295
Oct 12 12:29:01 home snort[4338]: Initializing daemon mode
Oct 12 12:29:01 home snort[4339]: PID path stat checked out ok, PID path set to /var/run/
Oct 12 12:29:01 home snort[4339]: Writing PID "4339" to file "/var/run//snort_ppp0.pid"
Oct 12 12:29:01 home snort[4339]: Parsing Rules file /etc/snort.conf
Oct 12 12:29:01 home snort[4339]: ,-----------[Flow Config]----------------------
Oct 12 12:29:01 home snort[4339]: | Stats Interval: 0
Oct 12 12:29:01 home snort[4339]: | Hash Method: 2
Oct 12 12:29:01 home snort[4339]: | Memcap: 10485760
Oct 12 12:29:01 home snort[4339]: | Rows : 4099
Oct 12 12:29:01 home snort[4339]: | Overhead Bytes: 16400(%0.16)
Oct 12 12:29:01 home snort[4339]: `----------------------------------------------
Oct 12 12:29:01 home snort[4339]: Frag3 global config:
Oct 12 12:29:01 home snort[4339]: Max frags: 65536
Oct 12 12:29:01 home snort[4339]: Fragment memory cap: 4194304 bytes
Oct 12 12:29:01 home snort[4339]: Frag3 engine config:
Oct 12 12:29:01 home snort[4339]: Target-based policy: FIRST
Oct 12 12:29:01 home snort[4339]: Fragment timeout: 60 seconds
Oct 12 12:29:01 home snort[4339]: Fragment min_ttl: 1
Oct 12 12:29:01 home snort[4339]: Fragment ttl_limit: 5
Oct 12 12:29:01 home snort[4339]: Fragment Problems: 1
Oct 12 12:29:01 home snort: snort startup succeeded
Oct 12 12:29:01 home snort[4339]: Bound Addresses: 0.0.0.0/0.0.0.0
Oct 12 12:29:01 home snort[4339]: Stream4 config:
Oct 12 12:29:01 home snort[4339]: Stateful inspection: ACTIVE
Oct 12 12:29:01 home snort[4339]: Session statistics: INACTIVE
Oct 12 12:29:01 home snort[4339]: Session timeout: 30 seconds
Oct 12 12:29:01 home snort[4339]: Session memory cap: 8388608 bytes
Oct 12 12:29:01 home snort[4339]: Session count max: 8192 sessions
Oct 12 12:29:01 home snort[4339]: Session cleanup count: 5
Oct 12 12:29:01 home snort[4339]: State alerts: INACTIVE
Oct 12 12:29:01 home snort[4339]: Evasion alerts: INACTIVE
Oct 12 12:29:01 home snort[4339]: Scan alerts: INACTIVE
Oct 12 12:29:01 home snort[4339]: Log Flushed Streams: INACTIVE
Oct 12 12:29:01 home snort[4339]: MinTTL: 1
Oct 12 12:29:01 home snort[4339]: TTL Limit: 5
Oct 12 12:29:01 home snort[4339]: Async Link: 0
Oct 12 12:29:01 home snort[4339]: State Protection: 0
Oct 12 12:29:01 home snort[4339]: Self preservation threshold: 50
Oct 12 12:29:01 home snort[4339]: Self preservation period: 90
Oct 12 12:29:01 home snort[4339]: Suspend threshold: 200
Oct 12 12:29:01 home snort[4339]: Suspend period: 30
Oct 12 12:29:01 home snort[4339]: Enforce TCP State: INACTIVE
Oct 12 12:29:01 home snort[4339]: Midstream Drop Alerts: INACTIVE
Oct 12 12:29:01 home snort[4339]: Server Data Inspection Limit: -1
Oct 12 12:29:01 home snort[4339]: WARNING /etc/snort.conf(373) => flush_behavior set in config file, using old static flushpoints (0)
Oct 12 12:29:01 home snort[4339]: Stream4_reassemble config:
Oct 12 12:29:01 home snort[4339]: Server reassembly: INACTIVE
Oct 12 12:29:01 home snort[4339]: Client reassembly: ACTIVE
Oct 12 12:29:01 home snort[4339]: Reassembler alerts: ACTIVE
Oct 12 12:29:01 home snort[4339]: Zero out flushed packets: INACTIVE
Oct 12 12:29:01 home snort[4339]: Flush stream on alert: INACTIVE
Oct 12 12:29:01 home snort[4339]: flush_data_diff_size: 500
Oct 12 12:29:01 home snort[4339]: Reassembler Packet Preferance : Favor Old
Oct 12 12:29:01 home snort[4339]: Packet Sequence Overlap Limit: -1
Oct 12 12:29:01 home snort[4339]: Flush behavior: Small (<255 bytes)
Oct 12 12:29:01 home snort[4339]: Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 12:29:01 home snort[4339]: Emergency Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 12:29:01 home snort[4339]: rpc_decode arguments:
Oct 12 12:29:01 home snort[4339]: Ports to decode RPC on: 111 32771
Oct 12 12:29:01 home snort[4339]: alert_fragments: INACTIVE
Oct 12 12:29:01 home snort[4339]: alert_large_fragments: ACTIVE
Oct 12 12:29:01 home snort[4339]: alert_incomplete: ACTIVE
Oct 12 12:29:01 home snort[4339]: alert_multiple_requests: ACTIVE
Oct 12 12:29:01 home snort[4339]: telnet_decode arguments:
Oct 12 12:29:01 home snort[4339]: Ports to decode telnet on: 21 23 25 119
Oct 12 12:29:01 home snort[4339]: Portscan Detection Config:
Oct 12 12:29:01 home snort[4339]: Detect Protocols: TCP UDP ICMP IP
Oct 12 12:29:01 home snort[4339]: Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan
Oct 12 12:29:01 home snort[4339]: Sensitivity Level: Low
Oct 12 12:29:01 home snort[4339]: Memcap (in bytes): 10000000
Oct 12 12:29:01 home snort[4339]: Number of Nodes: 36900
Oct 12 12:29:01 home snort[4339]:
Oct 12 12:29:01 home snort[4339]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1.
Oct 12 12:29:01 home snort[4339]: Warning: flowbits key 'community_uri.size.1050' is set but not ever checked.
Oct 12 12:29:01 home snort[4339]:
Oct 12 12:29:01 home snort[4339]: +-----------------------[thresholding-config]----------------------------------
Oct 12 12:29:01 home snort[4339]: | memory-cap : 1048576 bytes
Oct 12 12:29:01 home snort[4339]: +-----------------------[thresholding-global]----------------------------------
Oct 12 12:29:01 home snort[4339]: | none
Oct 12 12:29:01 home snort[4339]: +-----------------------[thresholding-local]-----------------------------------
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=3527 type=Limit tracking=dst count=5 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=3000001 type=Threshold tracking=src count=6 seconds=30
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=3273 type=Threshold tracking=src count=5 seconds=2
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=3000002 type=Threshold tracking=src count=6 seconds=30
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2000048 type=Limit tracking=dst count=1 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=3152 type=Threshold tracking=src count=5 seconds=2
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2000049 type=Limit tracking=dst count=1 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000159 type=Both tracking=src count=100 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000877 type=Limit tracking=src count=1 seconds=300
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2001906 type=Both tracking=src count=5 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000163 type=Both tracking=src count=100 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2000031 type=Limit tracking=dst count=1 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000161 type=Both tracking=dst count=100 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000158 type=Both tracking=src count=100 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000160 type=Both tracking=src count=300 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000162 type=Both tracking=src count=100 seconds=60
Oct 12 12:29:01 home snort[4339]: | gen-id=1 sig-id=100000208 type=Threshold tracking=src count=50 seconds=60
Oct 12 12:29:01 home snort[4339]: +-----------------------[suppression]------------------------------------------
Oct 12 12:29:01 home snort[4339]: | none
Oct 12 12:29:01 home snort[4339]: -------------------------------------------------------------------------------
Oct 12 12:29:01 home snort[4339]: Rule application order: ->activation->dynamic->drop->alert->pass->log
Oct 12 12:29:01 home snort[4339]: Log directory = /var/log/snort
Oct 12 12:29:02 home snort[4339]: Snort initialization completed successfully (pid=4339)
Oct 12 12:30:06 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 12:30:06 home dhclient: DHCPNAK from 10.1.1.1
Oct 12 12:30:06 home dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 8
Oct 12 12:30:08 home dhclient: DHCPOFFER from 10.1.1.1
Oct 12 12:30:08 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 12:30:08 home dhclient: DHCPACK from 10.1.1.1
Oct 12 12:30:08 home NET: /sbin/dhclient-script : updated /etc/resolv.conf
Oct 12 12:30:08 home dhclient: bound to 10.1.1.2 -- renewal in 1761 seconds.
Oct 12 12:30:11 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:30:11 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 12:37:51 home sshd(pam_unix)[26534]: session opened for user root by (uid=0)
Oct 12 12:38:15 home collabnet_subversion: succeeded


=== RESTARTED MODEM TO GET CONNECTIVITY WORKING ===


Oct 12 12:45:46 home kernel: e100: eth0: e100_watchdog: link down
Oct 12 12:45:52 home kernel: e100: eth0: e100_watchdog: link up, 100Mbps, full-duplex
Oct 12 12:47:19 home adsl-stop: Killing pppd
Oct 12 12:47:19 home pppd[3489]: Terminating on signal 15
Oct 12 12:47:19 home pppd[3489]: Connect time 18.8 minutes.
Oct 12 12:47:19 home pppd[3489]: Sent 226009 bytes, received 801744 bytes.
Oct 12 12:47:19 home snort[4339]: pcap_loop: recvfrom: Network is down
Oct 12 12:47:19 home snort[4339]: Final Flow Statistics
Oct 12 12:47:19 home snort[4339]: Frag3 statistics:
Oct 12 12:47:19 home snort[4339]: Total Fragments: 0
Oct 12 12:47:19 home snort[4339]: Frags Reassembled: 0
Oct 12 12:47:19 home snort[4339]: Discards: 0
Oct 12 12:47:19 home snort[4339]: Memory Faults: 0
Oct 12 12:47:19 home snort[4339]: Timeouts: 0
Oct 12 12:47:19 home snort[4339]: Overlaps: 0
Oct 12 12:47:19 home snort[4339]: Anomalies: 0
Oct 12 12:47:19 home snort[4339]: Alerts: 0
Oct 12 12:47:19 home snort[4339]: FragTrackers Added: 0
Oct 12 12:47:19 home snort[4339]: FragTrackers Dumped: 0
Oct 12 12:47:19 home snort[4339]: FragTrackers Auto Freed: 0
Oct 12 12:47:19 home snort[4339]: Frag Nodes Inserted: 0
Oct 12 12:47:19 home adsl-stop: Killing adsl-connect
Oct 12 12:47:19 home snort[4339]: Frag Nodes Deleted: 0
Oct 12 12:47:19 home snort[4339]: ===============================================================================
Oct 12 12:47:19 home snort[4339]: INFO => [Alert_FWsam](FWsamCheckOut) Disconnecting from host 127.0.0.1.
Oct 12 12:47:19 home snort[4339]: Snort exiting
Oct 12 12:47:19 home kernel: device ppp0 left promiscuous mode
Oct 12 12:47:19 home kernel: audit(1223779639.400:11): dev=ppp0 prom=0 old_prom=256 auid=4294967295
Oct 12 12:47:19 home NET: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 12 12:47:24 home pppd[3489]: Terminating on signal 15
Oct 12 12:47:24 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:47:24 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 12:47:25 home pppd[3489]: Connection terminated.
Oct 12 12:47:25 home pppd[3489]: Modem hangup
Oct 12 12:47:26 home pppd[28773]: pppd 2.4.3 started by root, uid 0
Oct 12 12:47:26 home pppd[28773]: Using interface ppp0
Oct 12 12:47:26 home pppd[28773]: Connect: ppp0 <--> /dev/pts/4
Oct 12 12:47:26 home pppoe[28774]: PPP session is 31
Oct 12 12:47:28 home pppd[28773]: PAP authentication succeeded
Oct 12 12:47:28 home pppd[28773]: local IP address 123.233.121.32
Oct 12 12:47:28 home pppd[28773]: remote IP address 10.20.20.210
Oct 12 12:47:28 home pppd[28773]: primary DNS address 203.12.160.35
Oct 12 12:47:28 home pppd[28773]: secondary DNS address 203.12.160.36
Oct 12 12:47:28 home NET: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
Oct 12 12:47:29 home firewall: succeeded
Oct 12 12:47:30 home pppd[3489]: Exit.
Oct 12 12:47:30 home pppoe[3490]: read (asyncReadFromPPP): Session 31: Input/output error
Oct 12 12:47:30 home pppoe[3490]: Sent PADT
Oct 12 12:47:37 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:47:37 home dnsmasq[3379]: using nameserver 203.12.160.36#53
Oct 12 12:47:37 home dnsmasq[3379]: using nameserver 203.12.160.35#53
Oct 12 12:47:45 home firewall: succeeded
Oct 12 12:48:07 home adsl-stop: Killing pppd
Oct 12 12:48:07 home pppd[28773]: Terminating on signal 15
Oct 12 12:48:07 home pppd[28773]: Connect time 0.7 minutes.
Oct 12 12:48:07 home pppd[28773]: Sent 179 bytes, received 0 bytes.
Oct 12 12:48:07 home adsl-stop: Killing adsl-connect
Oct 12 12:48:07 home NET: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 12 12:48:12 home pppd[28773]: Terminating on signal 15
Oct 12 12:48:13 home pppd[28773]: Connection terminated.
Oct 12 12:48:13 home pppd[28773]: Modem hangup
Oct 12 12:48:14 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:48:14 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 12:48:14 home pppd[29351]: pppd 2.4.3 started by root, uid 0
Oct 12 12:48:14 home pppd[29351]: Using interface ppp0
Oct 12 12:48:14 home pppd[29351]: Connect: ppp0 <--> /dev/pts/2
Oct 12 12:48:14 home pppoe[29352]: PPP session is 31
Oct 12 12:48:16 home pppd[29351]: PAP authentication succeeded
Oct 12 12:48:16 home pppd[29351]: local IP address 123.233.121.32
Oct 12 12:48:16 home pppd[29351]: remote IP address 10.20.20.210
Oct 12 12:48:16 home pppd[29351]: primary DNS address 203.12.160.35
Oct 12 12:48:16 home pppd[29351]: secondary DNS address 203.12.160.36
Oct 12 12:48:16 home NET: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
Oct 12 12:48:17 home firewall: succeeded
Oct 12 12:48:18 home pppd[28773]: Exit.
Oct 12 12:48:18 home pppoe[28774]: read (asyncReadFromPPP): Session 31: Input/output error
Oct 12 12:48:18 home pppoe[28774]: Sent PADT
Oct 12 12:48:23 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:48:23 home dnsmasq[3379]: using nameserver 203.12.160.36#53
Oct 12 12:48:23 home dnsmasq[3379]: using nameserver 203.12.160.35#53
Oct 12 12:48:54 home adsl-stop: Killing pppd
Oct 12 12:48:54 home pppd[29351]: Terminating on signal 15
Oct 12 12:48:54 home pppd[29351]: Connect time 0.7 minutes.
Oct 12 12:48:54 home pppd[29351]: Sent 179 bytes, received 0 bytes.
Oct 12 12:48:54 home adsl-stop: Killing adsl-connect
Oct 12 12:48:54 home NET: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 12 12:48:59 home pppd[29351]: Terminating on signal 15
Oct 12 12:49:00 home dnsmasq[3379]: reading /etc/resolv.conf
 
Old 10-12-2008, 12:13 AM   #4
callagga
Member
 
Registered: Jan 2008
Posts: 36

Original Poster
Rep: Reputation: 15
logs continued 3
Oct 12 12:49:00 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 12:49:00 home pppd[29351]: Connection terminated.
Oct 12 12:49:00 home pppd[29351]: Modem hangup
Oct 12 12:49:01 home pppd[29728]: pppd 2.4.3 started by root, uid 0
Oct 12 12:49:01 home pppd[29728]: Using interface ppp0
Oct 12 12:49:01 home pppd[29728]: Connect: ppp0 <--> /dev/pts/4
Oct 12 12:49:01 home pppoe[29729]: PPP session is 31
Oct 12 12:49:04 home pppd[29728]: PAP authentication succeeded
Oct 12 12:49:04 home pppd[29728]: local IP address 123.233.121.32
Oct 12 12:49:04 home pppd[29728]: remote IP address 10.20.20.210
Oct 12 12:49:04 home pppd[29728]: primary DNS address 203.12.160.35
Oct 12 12:49:04 home pppd[29728]: secondary DNS address 203.12.160.36
Oct 12 12:49:04 home NET: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
Oct 12 12:49:04 home firewall: succeeded
Oct 12 12:49:05 home pppd[29351]: Exit.
Oct 12 12:49:05 home pppoe[29352]: read (asyncReadFromPPP): Session 31: Input/output error
Oct 12 12:49:05 home pppoe[29352]: Sent PADT
Oct 12 12:49:16 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:49:16 home dnsmasq[3379]: using nameserver 203.12.160.36#53
Oct 12 12:49:16 home dnsmasq[3379]: using nameserver 203.12.160.35#53
Oct 12 12:49:41 home adsl-stop: Killing pppd
Oct 12 12:49:41 home pppd[29728]: Terminating on signal 15
Oct 12 12:49:41 home pppd[29728]: Connect time 0.7 minutes.
Oct 12 12:49:41 home pppd[29728]: Sent 179 bytes, received 0 bytes.
Oct 12 12:49:41 home adsl-stop: Killing adsl-connect
Oct 12 12:49:41 home NET: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 12 12:49:46 home pppd[29728]: Terminating on signal 15
Oct 12 12:49:46 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:49:46 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 12:49:47 home pppd[29728]: Connection terminated.
Oct 12 12:49:47 home pppd[29728]: Modem hangup
Oct 12 12:49:49 home pppd[30104]: pppd 2.4.3 started by root, uid 0
Oct 12 12:49:49 home pppd[30104]: Using interface ppp0
Oct 12 12:49:49 home pppd[30104]: Connect: ppp0 <--> /dev/pts/2
Oct 12 12:49:49 home pppoe[30105]: PPP session is 660
Oct 12 12:49:51 home pppd[30104]: PAP authentication succeeded
Oct 12 12:49:51 home pppd[30104]: local IP address 123.233.121.32
Oct 12 12:49:51 home pppd[30104]: remote IP address 10.20.20.210
Oct 12 12:49:51 home pppd[30104]: primary DNS address 203.12.160.35
Oct 12 12:49:51 home pppd[30104]: secondary DNS address 203.12.160.36
Oct 12 12:49:51 home NET: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
Oct 12 12:49:51 home firewall: succeeded
Oct 12 12:49:52 home pppd[29728]: Exit.
Oct 12 12:49:52 home pppoe[29729]: read (asyncReadFromPPP): Session 31: Input/output error
Oct 12 12:49:52 home pppoe[29729]: Sent PADT
Oct 12 12:49:54 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 12:49:54 home dnsmasq[3379]: using nameserver 203.12.160.36#53
Oct 12 12:49:54 home dnsmasq[3379]: using nameserver 203.12.160.35#53

Oct 12 12:50:18 home firewall: succeeded
Oct 12 12:50:19 home snort: snort shutdown failed
Oct 12 12:50:19 home kernel: device ppp0 entered promiscuous mode
Oct 12 12:50:19 home kernel: audit(1223779819.589:12): dev=ppp0 prom=256 old_prom=0 auid=4294967295
Oct 12 12:50:19 home snort[30884]: Initializing daemon mode
Oct 12 12:50:19 home snort[30885]: PID path stat checked out ok, PID path set to /var/run/
Oct 12 12:50:19 home snort[30885]: Writing PID "30885" to file "/var/run//snort_ppp0.pid"
Oct 12 12:50:19 home snort[30885]: Parsing Rules file /etc/snort.conf
Oct 12 12:50:19 home snort[30885]: ,-----------[Flow Config]----------------------
Oct 12 12:50:19 home snort[30885]: | Stats Interval: 0
Oct 12 12:50:19 home snort[30885]: | Hash Method: 2
Oct 12 12:50:19 home snort[30885]: | Memcap: 10485760
Oct 12 12:50:19 home snort[30885]: | Rows : 4099
Oct 12 12:50:19 home snort[30885]: | Overhead Bytes: 16400(%0.16)
Oct 12 12:50:19 home snort[30885]: `----------------------------------------------
Oct 12 12:50:19 home snort[30885]: Frag3 global config:
Oct 12 12:50:19 home snort[30885]: Max frags: 65536
Oct 12 12:50:19 home snort[30885]: Fragment memory cap: 4194304 bytes
Oct 12 12:50:19 home snort[30885]: Frag3 engine config:
Oct 12 12:50:19 home snort[30885]: Target-based policy: FIRST
Oct 12 12:50:19 home snort[30885]: Fragment timeout: 60 seconds
Oct 12 12:50:19 home snort[30885]: Fragment min_ttl: 1
Oct 12 12:50:19 home snort[30885]: Fragment ttl_limit: 5
Oct 12 12:50:19 home snort[30885]: Fragment Problems: 1
Oct 12 12:50:19 home snort[30885]: Bound Addresses: 0.0.0.0/0.0.0.0
Oct 12 12:50:19 home snort[30885]: Stream4 config:
Oct 12 12:50:19 home snort: snort startup succeeded
Oct 12 12:50:19 home snort[30885]: Stateful inspection: ACTIVE
Oct 12 12:50:19 home snort[30885]: Session statistics: INACTIVE
Oct 12 12:50:19 home snort[30885]: Session timeout: 30 seconds
Oct 12 12:50:19 home snort[30885]: Session memory cap: 8388608 bytes
Oct 12 12:50:19 home snort[30885]: Session count max: 8192 sessions
Oct 12 12:50:19 home snort[30885]: Session cleanup count: 5
Oct 12 12:50:19 home snort[30885]: State alerts: INACTIVE
Oct 12 12:50:19 home snort[30885]: Evasion alerts: INACTIVE
Oct 12 12:50:19 home snort[30885]: Scan alerts: INACTIVE
Oct 12 12:50:19 home snort[30885]: Log Flushed Streams: INACTIVE
Oct 12 12:50:19 home snort[30885]: MinTTL: 1
Oct 12 12:50:19 home snort[30885]: TTL Limit: 5
Oct 12 12:50:19 home snort[30885]: Async Link: 0
Oct 12 12:50:19 home snort[30885]: State Protection: 0
Oct 12 12:50:19 home snort[30885]: Self preservation threshold: 50
Oct 12 12:50:19 home snort[30885]: Self preservation period: 90
Oct 12 12:50:19 home snort[30885]: Suspend threshold: 200
Oct 12 12:50:19 home snort[30885]: Suspend period: 30
Oct 12 12:50:19 home snort[30885]: Enforce TCP State: INACTIVE
Oct 12 12:50:19 home snort[30885]: Midstream Drop Alerts: INACTIVE
Oct 12 12:50:19 home snort[30885]: Server Data Inspection Limit: -1
Oct 12 12:50:19 home snort[30885]: WARNING /etc/snort.conf(373) => flush_behavior set in config file, using old static flushpoints (0)
Oct 12 12:50:19 home snort[30885]: Stream4_reassemble config:
Oct 12 12:50:19 home snort[30885]: Server reassembly: INACTIVE
Oct 12 12:50:19 home snort[30885]: Client reassembly: ACTIVE
Oct 12 12:50:19 home snort[30885]: Reassembler alerts: ACTIVE
Oct 12 12:50:19 home snort[30885]: Zero out flushed packets: INACTIVE
Oct 12 12:50:19 home snort[30885]: Flush stream on alert: INACTIVE
Oct 12 12:50:19 home snort[30885]: flush_data_diff_size: 500
Oct 12 12:50:19 home snort[30885]: Reassembler Packet Preferance : Favor Old
Oct 12 12:50:19 home snort[30885]: Packet Sequence Overlap Limit: -1
Oct 12 12:50:19 home snort[30885]: Flush behavior: Small (<255 bytes)
Oct 12 12:50:19 home snort[30885]: Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 12:50:19 home snort[30885]: Emergency Ports: 21 23 25 42 53 80 110 111 135 136 137 139 143 445 513 1433 1521 3306
Oct 12 12:50:19 home snort[30885]: rpc_decode arguments:
Oct 12 12:50:19 home snort[30885]: Ports to decode RPC on: 111 32771
Oct 12 12:50:19 home snort[30885]: alert_fragments: INACTIVE
Oct 12 12:50:19 home snort[30885]: alert_large_fragments: ACTIVE
Oct 12 12:50:19 home snort[30885]: alert_incomplete: ACTIVE
Oct 12 12:50:19 home snort[30885]: alert_multiple_requests: ACTIVE
Oct 12 12:50:19 home snort[30885]: telnet_decode arguments:
Oct 12 12:50:19 home snort[30885]: Ports to decode telnet on: 21 23 25 119
Oct 12 12:50:19 home snort[30885]: Portscan Detection Config:
Oct 12 12:50:19 home snort[30885]: Detect Protocols: TCP UDP ICMP IP
Oct 12 12:50:19 home snort[30885]: Detect Scan Type: portscan portsweep decoy_portscan distributed_portscan
Oct 12 12:50:19 home snort[30885]: Sensitivity Level: Low
Oct 12 12:50:19 home snort[30885]: Memcap (in bytes): 10000000
Oct 12 12:50:19 home snort[30885]: Number of Nodes: 36900
Oct 12 12:50:19 home snort[30885]:
Oct 12 12:50:19 home snort[30885]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 127.0.0.1.
Oct 12 12:50:20 home snort[30885]: Warning: flowbits key 'community_uri.size.1050' is set but not ever checked.
Oct 12 12:50:20 home snort[30885]:
Oct 12 12:50:20 home snort[30885]: +-----------------------[thresholding-config]----------------------------------
Oct 12 12:50:20 home snort[30885]: | memory-cap : 1048576 bytes
Oct 12 12:50:20 home snort[30885]: +-----------------------[thresholding-global]----------------------------------
Oct 12 12:50:20 home snort[30885]: | none
Oct 12 12:50:20 home snort[30885]: +-----------------------[thresholding-local]-----------------------------------
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000877 type=Limit tracking=src count=1 seconds=300
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2001906 type=Both tracking=src count=5 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000160 type=Both tracking=src count=300 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000159 type=Both tracking=src count=100 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=3527 type=Limit tracking=dst count=5 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000158 type=Both tracking=src count=100 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2000048 type=Limit tracking=dst count=1 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000208 type=Threshold tracking=src count=50 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=3000001 type=Threshold tracking=src count=6 seconds=30
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=3152 type=Threshold tracking=src count=5 seconds=2
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000163 type=Both tracking=src count=100 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000162 type=Both tracking=src count=100 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2000031 type=Limit tracking=dst count=1 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=100000161 type=Both tracking=dst count=100 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=3273 type=Threshold tracking=src count=5 seconds=2
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=2000049 type=Limit tracking=dst count=1 seconds=60
Oct 12 12:50:20 home snort[30885]: | gen-id=1 sig-id=3000002 type=Threshold tracking=src count=6 seconds=30
Oct 12 12:50:20 home snort[30885]: +-----------------------[suppression]------------------------------------------
Oct 12 12:50:20 home snort[30885]: | none
Oct 12 12:50:20 home snort[30885]: -------------------------------------------------------------------------------
Oct 12 12:50:20 home snort[30885]: Rule application order: ->activation->dynamic->drop->alert->pass->log
Oct 12 12:50:20 home snort[30885]: Log directory = /var/log/snort
Oct 12 12:50:20 home snort[30885]: Snort initialization completed successfully (pid=30885)

Oct 12 12:54:29 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.3 00:0a:e4:d2:2d:f0
Oct 12 12:54:29 home dnsmasq[3379]: DHCPNAK(eth1) 10.1.1.3 00:0a:e4:d2:2d:f0 lease not found
Oct 12 12:54:30 home dnsmasq[3379]: DHCPDISCOVER(eth1) 00:0a:e4:d2:2d:f0
Oct 12 12:54:30 home dnsmasq[3379]: DHCPOFFER(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0
Oct 12 12:54:30 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0
Oct 12 12:54:30 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0 fredslaptop
Oct 12 12:59:29 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 12:59:29 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 12:59:29 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 13:10:24 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:10:24 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:10:24 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 13:10:35 home dnsmasq[3379]: DHCPINFORM(eth1) 10.1.1.159 00:16:e6:4f:a9:26
Oct 12 13:10:35 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.159 00:16:e6:4f:a9:26 greg-6b5fc2d66f
Oct 12 13:10:38 home dnsmasq[3379]: DHCPINFORM(eth1) 10.1.1.159 00:16:e6:4f:a9:26
Oct 12 13:10:38 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.159 00:16:e6:4f:a9:26 greg-6b5fc2d66f
Oct 12 13:10:52 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:10:52 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:10:52 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 13:13:10 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:13:10 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:13:10 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 13:13:14 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.159 00:16:e6:4f:a9:26
Oct 12 13:13:14 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.159 00:16:e6:4f:a9:26 greg-6b5fc2d66f
Oct 12 13:13:18 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:13:18 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:13:18 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 13:13:20 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.108 00:19:e3:dc:d0:a5
Oct 12 13:13:20 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.108 00:19:e3:dc:d0:a5 AppleTV
Oct 12 13:13:25 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.198 00:0e:08:ce:1b:ab
Oct 12 13:13:25 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.198 00:0e:08:ce:1b:ab SipuraSPA
Oct 12 13:13:28 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:13:28 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:13:28 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 13:13:42 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:13:42 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:13:42 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 13:20:39 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:20:39 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:20:39 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 13:21:44 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:21:44 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:21:44 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 13:23:05 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 13:23:05 home dhclient: DHCPNAK from 10.1.1.1
Oct 12 13:23:05 home dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5
Oct 12 13:23:07 home dhclient: DHCPOFFER from 10.1.1.1
Oct 12 13:23:07 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 12 13:23:07 home dhclient: DHCPACK from 10.1.1.1

<< CONNECTIVITY ISSUE AGAIN AROUND THIS TIME - COULD HAVE BEEN EARLIER >>

Oct 12 13:23:07 home NET: /sbin/dhclient-script : updated /etc/resolv.conf
Oct 12 13:23:07 home dhclient: bound to 10.1.1.2 -- renewal in 1427 seconds.
Oct 12 13:23:19 home dnsmasq[3379]: reading /etc/resolv.conf
Oct 12 13:23:19 home dnsmasq[3379]: ignoring nameserver 10.1.1.1 - local interface
Oct 12 13:23:48 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.145 00:17:f2:f1:ab:58
Oct 12 13:23:48 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.145 00:17:f2:f1:ab:58 Macintosh-2
Oct 12 13:46:43 home dnsmasq[3379]: DHCPREQUEST(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0
Oct 12 13:46:43 home dnsmasq[3379]: DHCPACK(eth1) 10.1.1.4 00:0a:e4:d2:2d:f0 fredslaptop
Oct 12 13:46:54 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:46:54 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:46:54 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
<<cut repeating bits to reduce size>
Oct 12 13:48:15 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:48:15 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:48:15 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available
Oct 12 13:48:30 home dhclient: DHCPREQUEST on eth0 to 10.1.1.1 port 67
Oct 12 13:48:30 home dnsmasq[3379]: DHCPREQUEST(lo) 10.1.1.2 00:07:e3:cc:eb:12
Oct 12 13:48:30 home dnsmasq[3379]: DHCPNAK(lo) 10.1.1.2 00:07:e3:cc:eb:12 address not available

<< RESTARTED CLARK CONNECTED THIS TIME, AND THIS GOT CONNECTIVITY WORKING AGAIN >>



MODEM LOGS
================================================================================
<< SECTION 1 - LEADING UP TO THE POINT I FOUND CONNECTIVITY DOWN >>
Jan 1 12:00:12> NTP Polling Timer for DHCP Started succesfully.
Jan 1 12:00:12> DSL Polling Timer Started succesfully.
Jan 1 12:00:12> Firewall NAT service started
Jan 1 12:00:15> starting on port 80
Jan 1 12:00:15> netfilter PSD loaded - (c) astaro AG
Jan 1 12:00:15> Initializing the WAN Bridge.
Jan 1 12:00:15> Please set the MAC Address for the WAN Bridge.
Jan 1 12:00:15> Set the Environment variable 'wan_br_mac'.
Jan 1 12:00:15> xx.xx.xx.xx.xx.xx
Jan 1 12:00:15> Mounted root (squashfs filesystem) readonly.
Jan 1 12:00:15> Mounted devfs on /dev
Jan 1 12:00:15> 64k freed
Jan 1 12:00:15> Algorithmics/MIPS FPU Emulator v1.5
Jan 1 12:00:15> registered device TI Avalanche SAR
Jan 1 12:00:15> Ohio250(7200/7100A2) detected
Jan 1 12:00:15> DSP binary filesize = 356930 bytes
Jan 1 12:00:15> env var DSL_BIT_TMODE is set
Jan 1 12:00:15> Setting mode to 0xffff
Jan 1 12:00:15> version:[6.00.01.00]
Jan 1 12:00:15> Disable_igmp_snooping_register!!!
Jan 1 12:00:15> Setting mode to 0xffff
Jan 1 12:00:15> Default Asymmetric MTU for nas0 1500
Jan 1 12:00:15> Registering protocol inspector: 0x94175218 for VCC:0x9425ca00
Jan 1 12:00:15> Default Asymmetric MTU for br0 1500
Jan 1 12:00:16> Bridge Created: br0
Jan 1 12:00:16> 2
Jan 1 12:00:16> Bridge Created: br1
Jan 1 12:00:16> Bridge Interface Added: eth0
Jan 1 12:00:17> Bridge Interface Added: nas0
Jan 1 12:00:17> Add Bridge Iface Error: 1
Jan 1 12:00:17> Duplicate Bridge Iface: nas0
Jan 1 12:00:17> Default Asymmetric MTU for br1 1500
Jan 1 12:00:17> 2
Jan 1 12:00:22> DSL Carrier is down

Jan 1 12:01:50> DSL in Sync
Jan 1 12:01:52> DSL Carrier is up
Jan 1 12:01:52> sar read trained mode (5)(ADSL_2plus)
Jan 1 12:01:53> pingStat 2, oamHdr 230 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 200 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 280 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 240 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 260 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 600 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 230 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 800230 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 2B0 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 330 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 3B0 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 8002B0 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 800330 result 0
Jan 1 12:01:53> pingStat 2, oamHdr 8003B0 result 0
Jan 1 12:01:53> get 0xF at Addr 0xA30085B0

Jan 1 12:08:44> get 0xF at Addr 0xA30085B0
Jan 1 12:08:44> get 0xF at Addr 0xA30085B0
Jan 1 12:08:44> get 0xF at Addr 0xA30085B0
Jan 1 12:08:44> get 0xF at Addr 0xA30085B0
Jan 1 12:08:44> get 0xF at Addr 0xA30085B0
Jan 1 12:08:44> get 0xF at Addr 0xA30085B0
Jan 1 12:08:44> get 0xF at Addr 0xA30085B0

<< INTERNET CONNECTIVITY STOPS - NOTHING IN MODEM LOG REALLY>>

<< RESTART ADSL MODEM >>

Jan 1 12:00:12> NTP Polling Timer for DHCP Started succesfully.
Jan 1 12:00:12> DSL Polling Timer Started succesfully.
Jan 1 12:00:12> Firewall NAT service started
Jan 1 12:00:15> starting on port 80
Jan 1 12:00:15> netfilter PSD loaded - (c) astaro AG
Jan 1 12:00:15> Initializing the WAN Bridge.
Jan 1 12:00:15> Please set the MAC Address for the WAN Bridge.
Jan 1 12:00:15> Set the Environment variable 'wan_br_mac'.
Jan 1 12:00:15> xx.xx.xx.xx.xx.xx
Jan 1 12:00:15> Mounted root (squashfs filesystem) readonly.
Jan 1 12:00:15> Mounted devfs on /dev
Jan 1 12:00:15> 64k freed
Jan 1 12:00:15> Algorithmics/MIPS FPU Emulator v1.5
Jan 1 12:00:15> registered device TI Avalanche SAR
Jan 1 12:00:15> Ohio250(7200/7100A2) detected
Jan 1 12:00:15> DSP binary filesize = 356930 bytes
Jan 1 12:00:15> env var DSL_BIT_TMODE is set
Jan 1 12:00:15> Setting mode to 0xffff
Jan 1 12:00:15> version:[6.00.01.00]
Jan 1 12:00:15> Disable_igmp_snooping_register!!!
Jan 1 12:00:15> Setting mode to 0xffff
Jan 1 12:00:15> Default Asymmetric MTU for nas0 1500
Jan 1 12:00:15> Registering protocol inspector: 0x94175218 for VCC:0x9425ca00
Jan 1 12:00:15> Default Asymmetric MTU for br0 1500
Jan 1 12:00:16> Bridge Created: br0
Jan 1 12:00:16> 2
Jan 1 12:00:16> Bridge Created: br1
Jan 1 12:00:16> Bridge Interface Added: eth0
Jan 1 12:00:17> Bridge Interface Added: nas0
Jan 1 12:00:17> Add Bridge Iface Error: 1
Jan 1 12:00:17> Duplicate Bridge Iface: nas0
Jan 1 12:00:17> Default Asymmetric MTU for br1 1500
Jan 1 12:00:17> 2
Jan 1 12:00:22> DSL Carrier is down
Jan 1 12:01:02> DSL in Sync
Jan 1 12:01:02> DSL Carrier is up
Jan 1 12:01:02> sar read trained mode (5)(ADSL_2plus)
Jan 1 12:01:03> pingStat 2, oamHdr 230 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 200 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 280 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 240 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 260 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 600 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 230 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 800230 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 2B0 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 330 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 3B0 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 8002B0 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 800330 result 0
Jan 1 12:01:03> pingStat 2, oamHdr 8003B0 result 0
Jan 1 12:01:03> get 0xF at Addr 0xA30085B0
Jan 1 12:01:52> get 0xF at Addr 0xA30085B0
Jan 1 12:01:52> get 0xF at Addr 0xA30085B0
Jan 1 12:01:52> get 0xF at Addr 0xA30085B0
Jan 1 12:01:52> get 0xF at Addr 0xA30085B0
Jan 1 12:01:52> get 0xF at Addr 0xA30085B0
Jan 1 12:01:52> get 0xF at Addr 0xA30085B0
Jan 1 12:01:52> get 0xF at Addr 0xA30085B0

MODEM DETAILS
==============
D-LINK, MODEL = DSL-504T
MODE = ADSL2+(MULTI-MODE)

ADSL status shows the ADSL physical layer status.
ADSL Firmware Version: 6.00.01.00 - 6.00.01.00 - 6.00.04.00 Annex A - 01.07.2b - 0.54
ADSL Software Version: V3.02B01T01.AU-A.20061225
Line State Connected
Modulation ADSL_2plus
Annex Mode Annex A
Max Tx Power -38 dBm/Hz

SNR Margin
Downstream 9dB
Upstream 8dB

Line Attenuation
Downstream 32dB
Upstream 16dB

Data Rate
Downstream 10306kbps
Upstream 1023kbps
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
pppoe-server and pppd lyub0mir Linux - Server 1 04-08-2009 08:20 AM
after pppoe-start connects I have no connectivity cmyster Slackware 6 08-09-2007 05:55 AM
Losing Connectivity EviLBoX Linux - Networking 6 10-17-2006 01:28 AM
Linux Server Occasionally losing connectivity bennydtown Linux - Networking 5 09-20-2004 11:00 AM
No external connectivity thru ADSL-PPPoE g_rat Linux - Networking 3 03-19-2002 10:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:28 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration