Hello guys, I was checking on my log viewer and noticed that UFW is blocking alot of IPs!!!
alot of them and they keep comeing and comeing, I don't know alot about security so I need help, am I under attack of some sort?!
I have qBittorrent installed but even when I closed it the blocking keeps on and on!
this is a sample of the log viewer
Code:
Feb 6 05:39:02 CRON[30920]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete)
Feb 6 05:39:03 kernel: [319683.840346] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=108.13.33.151 DST=192.168.1.2 LEN=134 TOS=0x00 PREC=0x00 TTL=119 ID=29835 PROTO=UDP SPT=52123 DPT=6881 LEN=114
Feb 6 05:39:23 kernel: [319704.354745] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=62.5.129.43 DST=192.168.1.2 LEN=129 TOS=0x00 PREC=0x20 TTL=108 ID=12814 PROTO=UDP SPT=56512 DPT=6881 LEN=109
Feb 6 05:39:43 kernel: [319724.342639] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=88.176.246.119 DST=192.168.1.2 LEN=131 TOS=0x00 PREC=0x00 TTL=114 ID=4366 PROTO=UDP SPT=11447 DPT=6881 LEN=111
Feb 6 05:40:03 kernel: [319743.918348] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=87.117.144.247 DST=192.168.1.2 LEN=145 TOS=0x00 PREC=0x00 TTL=115 ID=20055 PROTO=UDP SPT=54265 DPT=6881 LEN=125
Feb 6 05:40:24 kernel: [319765.118671] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=86.58.65.31 DST=192.168.1.2 LEN=134 TOS=0x00 PREC=0x00 TTL=116 ID=7844 PROTO=UDP SPT=31370 DPT=6881 LEN=114
Feb 6 05:40:44 kernel: [319784.416003] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=137.44.116.190 DST=192.168.1.2 LEN=134 TOS=0x00 PREC=0x00 TTL=106 ID=3663 PROTO=UDP SPT=22548 DPT=6881 LEN=114
Feb 6 05:41:12 kernel: [319812.433248] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=178.212.198.219 DST=192.168.1.2 LEN=131 TOS=0x00 PREC=0x00 TTL=52 ID=64946 PROTO=UDP SPT=21179 DPT=6881 LEN=111
Feb 6 05:41:23 kernel: [319823.985850] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=139.218.179.102 DST=192.168.1.2 LEN=134 TOS=0x00 PREC=0x00 TTL=110 ID=28763 PROTO=UDP SPT=10911 DPT=6881 LEN=114
Feb 6 05:41:43 kernel: [319844.174370] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=46.138.201.144 DST=192.168.1.2 LEN=129 TOS=0x00 PREC=0x20 TTL=50 ID=2762 PROTO=UDP SPT=20719 DPT=6881 LEN=109
Feb 6 05:42:11 kernel: [319871.400059] [UFW BLOCK] IN=eth0 OUT= MAC=00:23:ae:a8:a1:32:b0:48:7a:a3:3f:a5:08:00 SRC=84.212.251.143 DST=192.168.1.2 LEN=134 TOS=0x00 PREC=0x00 TTL=118 ID=4719 PROTO=UDP SPT=49621 DPT=6881 LEN=114
Thanks in advance.
