Ray, I finally got time to do this 'right'.
If you want to take the time to look at it, cool,
there is certainly no urgency on my part.
I rearranged the firewall script a little, partly because
of one of your suggestions and it seems to be performing
very well. Now I have no idea where the New non SYNs are coming from.
I marked them in the log with !!!!!!! to make them a little easier to find.
There are 10 of them in aboyt 12 minutes.
I hope Lotus Notes didn't screw up the log too bad.
#!/bin/bash
#
# firewall_std ( firewall_tmp )
#
# Our Standard firewall with no services open
#
# The opening of sevices comes about from
# /var/www/cgi-bin/permits.rfg,services.rfg
# via firewtmp.py
[ /var/www/cgi-bin/sshconf.rfg ] && . /var/www/cgi-bin/sshconf.rfg
[ /var/www/cgi-bin/firewall.rfg ] && . /var/www/cgi-bin/firewall.rfg
[ /var/www/cgi-bin/log.rfg ] && . /var/www/cgi-bin/log.rfg
# importing this file will give us the interface devices
[ /var/www/cgi-bin/conf.rfg ] && . /var/www/cgi-bin/conf.rfg
# these will give us the address, the net
# the mask and the broadcast
# these might not agree with our conf file after
# network is run, so best to ask the system
XT_IF=`ip addr show $XT_DEVICE |grep inet| grep brd|awk '{print $2}' | \
awk -F / '{print $1}'`
XT_MASK=`ip addr show $XT_DEVICE |grep inet| grep brd|awk '{print $2}' | \
awk -F / '{print $2}'`
XT_BCAST=`ip addr show $XT_DEVICE |grep inet| grep brd|awk '{print $4}'`
IT_IF=`ip addr show $IT_DEVICE | grep inet | awk '{print $2}' | \
awk -F / '{print $1}'`
IT_MASK=`ip addr show $IT_DEVICE | grep inet | awk '{print $2}' | \
awk -F / '{print $2}'`
IT_BCAST=`ip addr show $IT_DEVICE | grep inet | awk '{print $4}'`
IT_NET=`ip route | grep proto | grep $IT_DEVICE|awk '{print $1}'`
XT_GW=`ip route | grep "default via" | awk '{print $3}'`
LOOPBACK=127.0.0.0/8
CLASSA=10.0.0.0/8
CLASSB=172.16.0.0/12
CLASSC=192.168.0.0/16
CLASSD_MULTI=224.0.0.0/4
CLASSE_RESERV=240.0.0.0/5
## get the DNS servers from the system
NSLIST=`cat /etc/resolv.conf|grep nameserver\
|awk '{printf ("%s ", $2) }'`
i=0
for NS in $NSLIST; do
eval DNS${i}=$NS
i=$(( $i + 1 ))
done
IPT=/sbin/iptables
# LOG MARTIANS ( kernel ?? i don't think so )
# echo "1" >/proc/sys/net/ipv4/conf/all/log_martians
# TURN ON FORWARDING
echo "1" >/proc/sys/net/ipv4/ip_forward
# Enable response to ping, handle in iptables
echo "0" >/proc/sys/net/ipv4/icmp_echo_ignore_all
# Disable response to broadcasts ( Smurf attacks )
echo "1" >/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
# Disable redirects
echo "0" >/proc/sys/net/ipv4/conf/all/accept_redirects
# Disable source routing
echo "0" >/proc/sys/net/ipv4/conf/all/accept_source_route
# Bad error message protection
echo "1" >/proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
# INSERT HERE THE ALL OPEN OR ALL CLOSED RULE
# IF permits.rfg = 0 or 9
$IPT -F
$IPT -X
$IPT -t nat -F
$IPT -t nat -X
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT
### Let's always allow ping on the inside
$IPT -A INPUT -j ACCEPT -i $IT_DEVICE -p icmp --icmp-type 0
$IPT -A INPUT -j ACCEPT -i $IT_DEVICE -p icmp --icmp-type 8
### Let us reject Forwarding of NetBios Broadcasts to the outside
$IPT -A FORWARD -i $IT_DEVICE -s $IT_NET -p udp --dport 137:139 -j DROP
$IPT -A FORWARD -i $IT_DEVICE -s $IT_NET -p udp --dport 445 -j DROP
# INSERT PORT FORWARDS HERE
# WE HAVE TO ALLOW CONNECTIONS FOR THOSE PORTS
# BECAUSE WE DISALLOW THEM LATER
# INSERT HERE THE ALL OPEN OR ALL CLOSED RULE
# IF permits.rfg = 8
!!!!!!! Here is the section in question
# LOG and DISALLOW BAD TCP packets, NEW non connections
$IPT -A INPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "IP New
non SYN: "
$IPT -A FORWARD -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "IP New
non SYN: "
$IPT -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
$IPT -A FORWARD -p tcp ! --syn -m state --state NEW -j DROP
# INSERT LOGGING RULES
$IPT -A INPUT -i $XT_DEVICE -p tcp --syn -j LOG --log-prefix "TCP LOG: "
$IPT -A FORWARD -i $XT_DEVICE -p tcp --syn -j LOG --log-prefix "TCP LOG: "
$IPT -A INPUT -i $XT_DEVICE -p ! tcp -j LOG --log-prefix "IP LOG: "
$IPT -A FORWARD -i $XT_DEVICE -p ! tcp -j LOG --log-prefix "IP LOG: "
# ALLOW ALL replies to established connections
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
!!!!!!!!!!!
### Let's always deny access to internal net from outside
$IPT -A FORWARD -i $XT_DEVICE -d $IT_NET -j DROP
# temporary for CM1,2,3
# $IPT -A INPUT -p tcp --dport 21560 -j ACCEPT
# $IPT -A INPUT -p tcp --dport 21563 -j ACCEPT
# ALLOW LOOPBACK
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
# ENABLE NAT
if [ "$MASQ" = "YES" ]; then
$IPT -t nat -A POSTROUTING -o $XT_DEVICE -j SNAT --to-source $XT_IF
fi
# $IPT -t nat -A PREROUTING -p tcp -d $XT_IF2 --dport 22 \
# -j DNAT --to 204.251.57.102:22
# ENABLE A VERY SPECIAL NAT, External to Internal
# This causes internal servers to respond to this machine
# Even though they have different default gateway
if [ "$IMASQ" = "YES" ]; then
$IPT -t nat -A POSTROUTING -o $IT_DEVICE -j SNAT --to-source $IT_IF
fi
# ALLOW DNS to configured domains
[ "$DNS0" ] && $IPT -A INPUT -i $XT_DEVICE -p tcp -s $DNS0 --sport 53 -j ACCEPT
[ "$DNS0" ] && $IPT -A INPUT -i $XT_DEVICE -p udp -s $DNS0 --sport 53 -j ACCEPT
[ "$DNS1" ] && $IPT -A INPUT -i $XT_DEVICE -p tcp -s $DNS1 --sport 53 -j ACCEPT
[ "$DNS1" ] && $IPT -A INPUT -i $XT_DEVICE -p udp -s $DNS1 --sport 53 -j ACCEPT
[ "$DNS2" ] && $IPT -A INPUT -i $XT_DEVICE -p tcp -s $DNS2 --sport 53 -j ACCEPT
[ "$DNS2" ] && $IPT -A INPUT -i $XT_DEVICE -p udp -s $DNS2 --sport 53 -j ACCEPT
# ALLOW DHCP SERVER TO FUNCTION
[ "$DHCPS" = "YES" ] && $IPT -A INPUT -i $IT_DEVICE -p tcp --sport 67 -j ACCEPT
[ "$DHCPS" = "YES" ] && $IPT -A INPUT -i $IT_DEVICE -p tcp --sport 68 -j ACCEPT
[ "$DHCPS" = "YES" ] && $IPT -A INPUT -i $IT_DEVICE -p udp --sport 67 -j ACCEPT
[ "$DHCPS" = "YES" ] && $IPT -A INPUT -i $IT_DEVICE -p udp --sport 68 -j ACCEPT
[ "$DHCPS" = "YES" ] && $IPT -A INPUT -i $IT_DEVICE -p udp --sport 53 -j ACCEPT
# ALLOW SNMP ON INSIDE
$IPT -A INPUT -i $IT_DEVICE -p udp --dport 161 -j ACCEPT
# INSERT IP BLOCKING HERE (firewall.rfg )
# SYN FLOOD PROTECTION
$IPT -N syn-flood
$IPT -A INPUT -i $XT_DEVICE -p tcp --syn -j syn-flood
$IPT -A syn-flood -m limit --limit 8/s --limit-burst 16 -j RETURN
$IPT -A syn-flood -j DROP
# DROP FRAGMENTS, !!! i'm not too sure about this
if [ "$IP_FRAGPACKETS" = "no" ]; then
$IPT -A INPUT -i $XT_DEVICE -f -j LOG --log-prefix "IP FRAG: "
$IPT -A INPUT -i $XT_DEVICE -f -j DROP
fi
# Configurable Permissions Here (permits.rfg & services.rfg)
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p udp --dport 53
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 443
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 80
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 110
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 25
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 23
# Active FTP
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 1025:65535 -m
state --state ESTABLISHED,RELATED
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -p tcp --dport 21 -m state --state
NEW,ESTABLISHED
# Passive FTP
$IPT -A FORWARD -j ACCEPT -i $XT_DEVICE -p tcp --sport 20 -m state --state
ESTABLISHED,RELATED
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 3389
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p tcp --dport 123
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -s $IT_NET -p udp --dport 123
# LETS DO ANTI SPOOFING, SINCE WE CANT DO IN KERNEL
# DUE TO IPSEC
if [ "$LOGMARTIANS" = "yes" ]; then
$IPT -A INPUT -i $XT_DEVICE -s $XT_IF -j LOG --log-prefix "IP Mart: "
$IPT -A INPUT -i $XT_DEVICE -s $CLASSA -j LOG --log-prefix "IP Mart: "
$IPT -A INPUT -i $XT_DEVICE -s $CLASSB -j LOG --log-prefix "IP Mart: "
$IPT -A INPUT -i $XT_DEVICE -s $CLASSC -j LOG --log-prefix "IP Mart: "
$IPT -A INPUT -i $XT_DEVICE -s $CLASSD_MULTI -j LOG --log-prefix "IP Mart: "
$IPT -A INPUT -i $XT_DEVICE -s $CLASSE_RESERV -j LOG --log-prefix "IP Mart: "
$IPT -A INPUT -i $XT_DEVICE -s $LOOPBACK -j LOG --log-prefix "IP Mart: "
$IPT -A INPUT -i $XT_DEVICE -s $XT_BCAST -j LOG --log-prefix "IP Mart: "
fi
if [ ! "$IP_SPOOFING" = "no" ]; then
$IPT -A INPUT -i $XT_DEVICE -s $CLASSA -j DROP
$IPT -A INPUT -i $XT_DEVICE -s $CLASSB -j DROP
$IPT -A INPUT -i $XT_DEVICE -s $CLASSC -j DROP
$IPT -A INPUT -i $XT_DEVICE -s $CLASSD_MULTI -j DROP
$IPT -A INPUT -i $XT_DEVICE -s $CLASSE_RESERV -j DROP
$IPT -A INPUT -i $XT_DEVICE -s $LOOPBACK -j DROP
$IPT -A INPUT -i $XT_DEVICE -s $XT_BCAST -j DROP
$IPT -A FORWARD -i $XT_DEVICE -s $CLASSA -j DROP
$IPT -A FORWARD -i $XT_DEVICE -s $CLASSB -j DROP
$IPT -A FORWARD -i $XT_DEVICE -s $CLASSC -j DROP
$IPT -A FORWARD -i $XT_DEVICE -s $CLASSD_MULTI -j DROP
$IPT -A FORWARD -i $XT_DEVICE -s $CLASSE_RESERV -j DROP
$IPT -A FORWARD -i $XT_DEVICE -s $LOOPBACK -j DROP
$IPT -A FORWARD -i $XT_DEVICE -s $XT_BCAST -j DROP
fi
# ALLOW IPSEC
$IPT -A INPUT -i $XT_DEVICE -p udp --dport 500 -j ACCEPT
$IPT -A INPUT -i $XT_DEVICE -p 50 -j ACCEPT
$IPT -A INPUT -i $XT_DEVICE -p 51 -j ACCEPT
$IPT -A FORWARD -i $XT_DEVICE -p 50 -j ACCEPT
$IPT -A FORWARD -i $XT_DEVICE -p 51 -j ACCEPT
$IPT -A FORWARD -i $IT_DEVICE -p 50 -j ACCEPT
$IPT -A FORWARD -i $IT_DEVICE -p 51 -j ACCEPT
$IPT -A INPUT -i ipsec0 -s any/0 -d any/0 -j ACCEPT
$IPT -A FORWARD -i ipsec0 -s any/0 -d any/0 -j ACCEPT
# ALLOW NETBIOS ON INTERNAL PORT
$IPT -A INPUT -i $IT_DEVICE -p tcp --dport 137 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p udp --dport 137 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p tcp --dport 138 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p udp --dport 138 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p tcp --dport 139 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p udp --dport 139 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p tcp --dport 445 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p udp --dport 445 -j ACCEPT
if [ "$LOGSSH" = "on" ]; then
$IPT -A INPUT -p tcp --dport 22 -j LOG --log-prefix "IP SSH: "
$IPT -A FORWARD -p tcp --dport 22 -j LOG --log-prefix "IP SSH: "
fi
# SSH internal
$IPT -A INPUT -i $IT_DEVICE -p tcp --dport 22 -j ACCEPT
$IPT -A INPUT -i $IT_DEVICE -p udp --dport 22 -j ACCEPT
# SSH per configurator
if [ "$SSH" = "on" ]; then
$IPT -A INPUT -i $XT_DEVICE -p tcp --dport 22 -j ACCEPT
$IPT -A INPUT -i $XT_DEVICE -p udp --dport 22 -j ACCEPT
fi
if [ "$LOGHTTPS" = "on" ]; then
$IPT -A INPUT -p tcp --dport 443 -j LOG --log-prefix "IP HTTPS: "
$IPT -A FORWARD -p tcp --dport 443 -j LOG --log-prefix "IP HTTPS: "
fi
# HTTPS internal
$IPT -A INPUT -i $IT_DEVICE -p tcp --dport 443 -j ACCEPT
# HTTPS per configurator
if [ "$HTTPS" = "on" ]; then
$IPT -A INPUT -i $XT_DEVICE -p tcp --dport 443 -j ACCEPT
fi
# DISALLOW TCP connection attempts from outside
# must specifically allow by port above
$IPT -A INPUT -i $XT_DEVICE -p tcp --syn -j DROP
$IPT -A FORWARD -i $XT_DEVICE -p tcp --syn -j DROP
# ICMP ALLOWs (firewall.rfg)
$IPT -A INPUT -j ACCEPT -i $IT_DEVICE -p icmp --icmp-type 0
$IPT -A INPUT -j ACCEPT -i $IT_DEVICE -p icmp --icmp-type 8
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -p icmp --icmp-type 0
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -p icmp --icmp-type 8
$IPT -A INPUT -j ACCEPT -i $IT_DEVICE -p udp --sport 32769:65535 --dport
33434:33523
$IPT -A FORWARD -j ACCEPT -i $IT_DEVICE -p udp --sport 32769:65535 --dport
33434:33523
$IPT -A INPUT -p icmp -j DROP
$IPT -A FORWARD -p icmp -j DROP
# If the packets make it here, the policy is DROP
# One last chance to log them
if [ "$LOGDENIEDPACKETS" = "on" ]; then
$IPT -A INPUT -j LOG --log-prefix "IP OTHER DENY: "
$IPT -A FORWARD -j LOG --log-prefix "IP OTHER DENY: "
fi
### BYE
Nov 4 09:34:26 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.59.180
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=2567 DF PROTO=TCP SPT=51896
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:34:29 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.59.180
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=2568 DF PROTO=TCP SPT=51896
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:34:35 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.59.180
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=2569 DF PROTO=TCP SPT=51896
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:34:38 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=212 TOS=0x00 PREC=0x00 TTL=110 ID=35639 PROTO=UDP SPT=53
DPT=33086 LEN=192
Nov 4 09:34:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=5343 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:34:47 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.59.180
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=2570 DF PROTO=TCP SPT=51896
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:34:49 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=286 TOS=0x00 PREC=0x00 TTL=110 ID=6201 PROTO=UDP SPT=53
DPT=33087 LEN=266
Nov 4 09:35:03 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=68 TOS=0x00 PREC=0x00 TTL=110 ID=30522 PROTO=UDP SPT=53
DPT=1238 LEN=48
Nov 4 09:35:03 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=154 TOS=0x00 PREC=0x00 TTL=110 ID=33082 PROTO=UDP SPT=53
DPT=1239 LEN=134
Nov 4 09:35:06 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=68 TOS=0x00 PREC=0x00 TTL=110 ID=49466 PROTO=UDP SPT=53
DPT=1238 LEN=48
Nov 4 09:35:06 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.241.210.251
DST=192.168.1.174 LEN=68 TOS=0x00 PREC=0x00 TTL=116 ID=15115 PROTO=UDP SPT=53
DPT=1238 LEN=48
Nov 4 09:35:07 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=68 TOS=0x00 PREC=0x00 TTL=110 ID=53818 PROTO=UDP SPT=53
DPT=1238 LEN=48
Nov 4 09:35:08 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.241.210.251
DST=192.168.1.174 LEN=68 TOS=0x00 PREC=0x00 TTL=116 ID=15168 PROTO=UDP SPT=53
DPT=1238 LEN=48
Nov 4 09:35:11 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=148 TOS=0x00 PREC=0x00 TTL=110 ID=50491 PROTO=UDP SPT=53
DPT=1240 LEN=128
Nov 4 09:35:13 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.241.210.251
DST=192.168.1.174 LEN=68 TOS=0x00 PREC=0x00 TTL=116 ID=15205 PROTO=UDP SPT=53
DPT=1238 LEN=48
Nov 4 09:35:14 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=113 TOS=0x00 PREC=0x00 TTL=110 ID=52028 PROTO=UDP SPT=53
DPT=1241 LEN=93
Nov 4 09:35:18 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=74 TOS=0x00 PREC=0x00 TTL=110 ID=37438 PROTO=UDP SPT=53
DPT=1244 LEN=54
Nov 4 09:35:19 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=76 TOS=0x00 PREC=0x00 TTL=110 ID=45374 PROTO=UDP SPT=53
DPT=1245 LEN=56
Nov 4 09:35:19 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=75 TOS=0x00 PREC=0x00 TTL=110 ID=53310 PROTO=UDP SPT=53
DPT=1246 LEN=55
Nov 4 09:35:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=188 TOS=0x00 PREC=0x00 TTL=110 ID=13120 PROTO=UDP SPT=53
DPT=1248 LEN=168
Nov 4 09:35:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=176 TOS=0x00 PREC=0x00 TTL=110 ID=25152 PROTO=UDP SPT=53
DPT=1250 LEN=156
Nov 4 09:35:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=8671 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:35:25 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=99 TOS=0x00 PREC=0x00 TTL=110 ID=49473 PROTO=UDP SPT=53
DPT=1255 LEN=79
Nov 4 09:35:27 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=122 TOS=0x00 PREC=0x00 TTL=110 ID=10050 PROTO=UDP SPT=53
DPT=1259 LEN=102
Nov 4 09:35:27 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=159 TOS=0x00 PREC=0x00 TTL=110 ID=11074 PROTO=UDP SPT=53
DPT=1260 LEN=139
Nov 4 09:35:30 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=206 TOS=0x00 PREC=0x00 TTL=110 ID=30530 PROTO=UDP SPT=53
DPT=1263 LEN=186
Nov 4 09:36:01 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=19167 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:36:28 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:e0:1e:5f:f4:69:08:00 SRC=65.185.38.65
DST=255.255.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=114 ID=33357 PROTO=UDP
SPT=1028 DPT=137 LEN=58
Nov 4 09:36:28 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=65.185.38.65 DST=66.118.15.67
LEN=78 TOS=0x00 PREC=0x00 TTL=114 ID=33363 PROTO=UDP SPT=1028 DPT=137 LEN=58
Nov 4 09:36:28 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=65.185.38.65 DST=66.118.15.69
LEN=78 TOS=0x00 PREC=0x00 TTL=114 ID=33366 PROTO=UDP SPT=1028 DPT=137 LEN=58
Nov 4 09:36:28 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:e0:1e:5f:f4:69:08:00 SRC=65.185.38.65
DST=255.255.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=114 ID=33387 PROTO=UDP
SPT=1028 DPT=137 LEN=58
Nov 4 09:36:42 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=23007 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:37:14 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=194.250.0.67 DST=66.118.15.69
LEN=96 TOS=0x00 PREC=0x00 TTL=45 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76
Nov 4 09:37:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=29407 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
!!!!!!Here is a New non SYN
Nov 4 09:37:53 NLynxGW kernel: IP New non SYN: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=56.0.78.82 DST=66.118.15.69
LEN=40 TOS=0x00 PREC=0x00 TTL=114 ID=64142 PROTO=TCP SPT=80 DPT=1230 WINDOW=0
RES=0x00 RST URGP=0
Nov 4 09:38:01 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=33759 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
!!!!!!Here is a New non SYN
Nov 4 09:38:23 NLynxGW kernel: IP New non SYN: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=56.0.78.82 DST=66.118.15.69
LEN=40 TOS=0x00 PREC=0x00 TTL=114 ID=5647 PROTO=TCP SPT=80 DPT=1229 WINDOW=0
RES=0x00 RST URGP=0
Nov 4 09:38:42 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=41183 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
!!!!!!Here is a New non SYN
Nov 4 09:38:50 NLynxGW kernel: IP New non SYN: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=56.0.78.69 DST=66.118.15.69
LEN=40 TOS=0x00 PREC=0x00 TTL=114 ID=37197 PROTO=TCP SPT=80 DPT=1233 WINDOW=0
RES=0x00 RST URGP=0
Nov 4 09:39:19 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=244 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=224
Nov 4 09:39:19 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=234 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=214
Nov 4 09:39:19 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:39:19 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
!!!!!!Here is a New non SYN
Nov 4 09:39:20 NLynxGW kernel: IP New non SYN: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=56.0.78.69 DST=66.118.15.69
LEN=40 TOS=0x00 PREC=0x00 TTL=114 ID=42857 PROTO=TCP SPT=80 DPT=1232 WINDOW=0
RES=0x00 RST URGP=0
Nov 4 09:39:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=206.137.240.8 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=54 ID=45023 PROTO=ICMP TYPE=3 CODE=1
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:39:26 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=196
Nov 4 09:39:34 NLynxGW last message repeated 4 times
Nov 4 09:39:34 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:39:43 NLynxGW last message repeated 7 times
Nov 4 09:40:00 NLynxGW kernel: hda: hda1
Nov 4 09:40:00 NLynxGW kernel: hda: hda1
Nov 4 09:40:00 NLynxGW kernel: EXT2-fs warning: maximal mount count reached,
running e2fsck is recommended
Nov 4 09:40:01 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=21250 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:40:05 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=64.32.48.21
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=52 ID=19462 DF PROTO=TCP SPT=3445
DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
Nov 4 09:40:06 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.134 LEN=285 TOS=0x00 PREC=0x00 TTL=110 ID=7799 PROTO=UDP SPT=53
DPT=1027 LEN=265
Nov 4 09:40:08 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=64.32.48.21
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=52 ID=20810 DF PROTO=TCP SPT=3445
DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
Nov 4 09:40:11 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=44034 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:40:14 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=64.32.48.21
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=52 ID=23528 DF PROTO=TCP SPT=3445
DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
Nov 4 09:40:32 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=46338 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:40:54 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.119.238.78
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=117 ID=48010 DF PROTO=TCP SPT=3729
DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:40:57 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.119.238.78
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=117 ID=58763 DF PROTO=TCP SPT=3729
DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:41:02 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=205 TOS=0x00 PREC=0x00 TTL=110 ID=9858 PROTO=UDP SPT=53
DPT=3002 LEN=185
Nov 4 09:41:03 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.119.238.78
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=117 ID=44684 DF PROTO=TCP SPT=3729
DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:41:07 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=113 TOS=0x00 PREC=0x00 TTL=110 ID=33410 PROTO=UDP SPT=53
DPT=3004 LEN=93
Nov 4 09:41:07 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=130 TOS=0x00 PREC=0x00 TTL=110 ID=35202 PROTO=UDP SPT=53
DPT=3005 LEN=110
Nov 4 09:41:11 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=22787 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:41:15 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.119.238.78
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=117 ID=20368 DF PROTO=TCP SPT=3729
DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
!!!!!!Here is a New non SYN
Nov 4 09:41:24 NLynxGW kernel: IP New non SYN: IN=eth0 OUT=eth1
SRC=209.119.238.78 DST=192.168.1.7 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=36350
PROTO=TCP SPT=3729 DPT=25 WINDOW=0 RES=0x00 RST URGP=0
Nov 4 09:41:35 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=224 TOS=0x00 PREC=0x00 TTL=110 ID=35206 PROTO=UDP SPT=53
DPT=33088 LEN=204
Nov 4 09:41:35 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=36107 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=0
Nov 4 09:41:36 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=36688 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=256
Nov 4 09:41:37 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=37180 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=512
Nov 4 09:41:38 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=37729 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=768
Nov 4 09:41:39 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=38140 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=1024
Nov 4 09:41:40 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=38506 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=1280
Nov 4 09:41:40 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=237 TOS=0x00 PREC=0x00 TTL=110 ID=16519 PROTO=UDP SPT=53
DPT=33089 LEN=217
Nov 4 09:41:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=38933 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=1536
Nov 4 09:41:42 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.35.100
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39333 PROTO=ICMP TYPE=0
CODE=0 ID=1914 SEQ=1792
Nov 4 09:41:52 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:41:52 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:41:53 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=36099 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:42:12 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=117 TOS=0x00 PREC=0x00 TTL=110 ID=52876 PROTO=UDP SPT=53
DPT=3010 LEN=97
Nov 4 09:42:17 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=123 TOS=0x00 PREC=0x00 TTL=110 ID=26253 PROTO=UDP SPT=53
DPT=3014 LEN=103
Nov 4 09:42:18 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=99 TOS=0x00 PREC=0x00 TTL=110 ID=29581 PROTO=UDP SPT=53
DPT=33090 LEN=79
Nov 4 09:42:18 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39268 PROTO=ICMP TYPE=0
CODE=0 ID=2426 SEQ=0
Nov 4 09:42:19 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39269 PROTO=ICMP TYPE=0
CODE=0 ID=2426 SEQ=256
Nov 4 09:42:20 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39270 PROTO=ICMP TYPE=0
CODE=0 ID=2426 SEQ=512
Nov 4 09:42:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39271 PROTO=ICMP TYPE=0
CODE=0 ID=2426 SEQ=768
Nov 4 09:42:26 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=58
Nov 4 09:42:30 NLynxGW last message repeated 3 times
Nov 4 09:42:31 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=36355 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:42:33 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=196
Nov 4 09:42:39 NLynxGW last message repeated 3 times
Nov 4 09:42:40 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=99 TOS=0x00 PREC=0x00 TTL=110 ID=20884 PROTO=UDP SPT=53
DPT=3021 LEN=79
Nov 4 09:42:40 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=104 TOS=0x00 PREC=0x00 TTL=110 ID=21140 PROTO=UDP SPT=53
DPT=3022 LEN=84
Nov 4 09:42:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=196
Nov 4 09:42:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:42:43 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:42:44 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=132 TOS=0x00 PREC=0x00 TTL=110 ID=21653 PROTO=UDP SPT=53
DPT=3025 LEN=112
Nov 4 09:42:44 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:42:50 NLynxGW last message repeated 5 times
Nov 4 09:42:51 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.129 LEN=348 TOS=0x00 PREC=0x00 TTL=110 ID=46741 PROTO=UDP SPT=53
DPT=1120 LEN=328
Nov 4 09:43:09 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=121 TOS=0x00 PREC=0x00 TTL=110 ID=43415 PROTO=UDP SPT=53
DPT=3030 LEN=101
Nov 4 09:43:11 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=36611 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:43:32 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=244 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=224
Nov 4 09:43:32 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=234 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=214
Nov 4 09:43:45 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=136 TOS=0x00 PREC=0x00 TTL=110 ID=52893 PROTO=UDP SPT=53
DPT=2951 LEN=116
Nov 4 09:43:45 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=134 TOS=0x00 PREC=0x00 TTL=110 ID=53149 PROTO=UDP SPT=53
DPT=2952 LEN=114
Nov 4 09:43:45 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=156 TOS=0x00 PREC=0x00 TTL=110 ID=55197 PROTO=UDP SPT=53
DPT=2951 LEN=136
Nov 4 09:43:45 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=154 TOS=0x00 PREC=0x00 TTL=110 ID=55453 PROTO=UDP SPT=53
DPT=2952 LEN=134
Nov 4 09:43:51 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=36867 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:43:54 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.129 LEN=252 TOS=0x00 PREC=0x00 TTL=110 ID=12705 PROTO=UDP SPT=53
DPT=1123 LEN=232
Nov 4 09:43:55 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.129 LEN=114 TOS=0x00 PREC=0x00 TTL=110 ID=26017 PROTO=UDP SPT=53
DPT=1125 LEN=94
Nov 4 09:44:14 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=86 TOS=0x00 PREC=0x00 TTL=110 ID=31906 PROTO=UDP SPT=53
DPT=3040 LEN=66
Nov 4 09:44:33 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=37635 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:44:39 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=117 TOS=0x00 PREC=0x00 TTL=110 ID=29092 PROTO=UDP SPT=53
DPT=3044 LEN=97
Nov 4 09:44:47 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=244 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=224
Nov 4 09:44:47 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=234 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=214
Nov 4 09:44:47 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:44:47 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:44:48 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.169 LEN=190 TOS=0x00 PREC=0x00 TTL=110 ID=5031 PROTO=UDP SPT=53
DPT=1570 LEN=170
Nov 4 09:44:48 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.248.3
DST=192.168.1.169 LEN=103 TOS=0x00 PREC=0x00 TTL=110 ID=26231 PROTO=UDP SPT=53
DPT=1571 LEN=83
Nov 4 09:44:48 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.241.210.251
DST=192.168.1.169 LEN=103 TOS=0x00 PREC=0x00 TTL=116 ID=26233 PROTO=UDP SPT=53
DPT=1571 LEN=83
Nov 4 09:44:49 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.191
DST=192.168.1.169 LEN=103 TOS=0x00 PREC=0x00 TTL=110 ID=26234 PROTO=UDP SPT=53
DPT=1571 LEN=83
!!!!!!Here is a New non SYN
Nov 4 09:44:53 NLynxGW kernel: IP New non SYN: IN=eth1 OUT=eth0
SRC=192.168.1.133 DST=207.229.152.40 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=61696
DF PROTO=TCP SPT=1035 DPT=80 WINDOW=8383 RES=0x00 ACK FIN URGP=0
Nov 4 09:44:54 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.133 LEN=121 TOS=0x00 PREC=0x00 TTL=110 ID=63911 PROTO=UDP SPT=53
DPT=1046 LEN=101
!!!!!!Here is a New non SYN
Nov 4 09:44:55 NLynxGW kernel: IP New non SYN: IN=eth1 OUT=eth0
SRC=192.168.1.133 DST=207.229.152.40 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=65280
DF PROTO=TCP SPT=1035 DPT=80 WINDOW=8383 RES=0x00 ACK FIN URGP=0
Nov 4 09:44:58 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=196
!!!!!!Here is a New non SYN
Nov 4 09:44:59 NLynxGW kernel: IP New non SYN: IN=eth1 OUT=eth0
SRC=192.168.1.133 DST=207.229.152.40 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=769 DF
PROTO=TCP SPT=1035 DPT=80 WINDOW=8383 RES=0x00 ACK FIN URGP=0
Nov 4 09:45:00 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=196
Nov 4 09:45:04 NLynxGW last message repeated 2 times
Nov 4 09:45:04 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=80 TOS=0x00 PREC=0x00 TTL=110 ID=5034 PROTO=UDP SPT=53
DPT=3051 LEN=60
Nov 4 09:45:06 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=196
Nov 4 09:45:06 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
!!!!!!Here is a New non SYN
Nov 4 09:45:07 NLynxGW kernel: IP New non SYN: IN=eth1 OUT=eth0
SRC=192.168.1.133 DST=207.229.152.40 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=1025
DF PROTO=TCP SPT=1035 DPT=80 WINDOW=8383 RES=0x00 ACK FIN URGP=0
Nov 4 09:45:08 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.184 LEN=166 TOS=0x00 PREC=0x00 TTL=110 ID=41898 PROTO=UDP SPT=53
DPT=3054 LEN=146
Nov 4 09:45:08 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:45:11 NLynxGW last message repeated 3 times
Nov 4 09:45:12 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=42243 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:45:13 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:45:15 NLynxGW last message repeated 2 times
!!!!!!Here is a New non SYN
Nov 4 09:45:23 NLynxGW kernel: IP New non SYN: IN=eth1 OUT=eth0
SRC=192.168.1.133 DST=207.229.152.40 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=1281
DF PROTO=TCP SPT=1035 DPT=80 WINDOW=8383 RES=0x00 ACK FIN URGP=0
Nov 4 09:45:43 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=24.201.61.65
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=1444 DF PROTO=TCP SPT=1298
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:45:46 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=24.201.61.65
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=1950 DF PROTO=TCP SPT=1298
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:45:51 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=42499 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:45:52 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=24.201.61.65
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=2901 DF PROTO=TCP SPT=1298
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
!!!!!!Here is a New non SYN
Nov 4 09:45:55 NLynxGW kernel: IP New non SYN: IN=eth1 OUT=eth0
SRC=192.168.1.133 DST=207.229.152.40 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=1793
DF PROTO=TCP SPT=1035 DPT=80 WINDOW=8383 RES=0x00 ACK FIN URGP=0
Nov 4 09:46:31 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=42755 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:47:11 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=43011 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:47:51 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=46083 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:48:31 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=46339 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:48:53 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=244 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=224
Nov 4 09:48:53 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=234 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=214
Nov 4 09:48:56 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.60.49
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=15092 DF PROTO=TCP SPT=52078
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:48:59 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.60.49
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=15093 DF PROTO=TCP SPT=52078
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:49:05 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.60.49
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=15094 DF PROTO=TCP SPT=52078
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:49:12 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=46595 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:49:17 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=209.236.60.49
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=15095 DF PROTO=TCP SPT=52078
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:49:51 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=46851 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:49:55 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=43342 DF PROTO=TCP SPT=2753
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:49:56 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:49:58 NLynxGW last message repeated 7 times
Nov 4 09:49:58 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=43343 DF PROTO=TCP SPT=2753
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:49:58 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:49:59 NLynxGW last message repeated 6 times
Nov 4 09:50:00 NLynxGW kernel: hda: hda1
Nov 4 09:50:00 NLynxGW kernel: hda: hda1
Nov 4 09:50:00 NLynxGW kernel: EXT2-fs warning: maximal mount count reached,
running e2fsck is recommended
Nov 4 09:50:00 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:50:00 NLynxGW last message repeated 4 times
Nov 4 09:50:04 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=43344 DF PROTO=TCP SPT=2753
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:16 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=43345 DF PROTO=TCP SPT=2753
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:20 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20012 DF PROTO=TCP SPT=3227
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:23 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20013 DF PROTO=TCP SPT=3227
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:29 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20014 DF PROTO=TCP SPT=3227
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:31 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=31174 DF PROTO=TCP SPT=3501
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:32 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=47107 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:50:34 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=31175 DF PROTO=TCP SPT=3501
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:40 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=31176 DF PROTO=TCP SPT=3501
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:40 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=43346 DF PROTO=TCP SPT=2753
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:41 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20015 DF PROTO=TCP SPT=3227
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:50:52 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=31177 DF PROTO=TCP SPT=3501
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:51:05 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20016 DF PROTO=TCP SPT=3227
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:51:11 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=47363 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:51:16 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=31178 DF PROTO=TCP SPT=3501
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:51:28 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=43347 DF PROTO=TCP SPT=2753
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:51:51 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=47619 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:51:53 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=20017 DF PROTO=TCP SPT=3227
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:52:04 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=80.48.248.33
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=31179 DF PROTO=TCP SPT=3501
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:52:25 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=118 TOS=0x00 PREC=0x00 TTL=110 ID=10475 PROTO=UDP SPT=53
DPT=33091 LEN=98
Nov 4 09:52:25 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=148 TOS=0x00 PREC=0x00 TTL=110 ID=11499 PROTO=UDP SPT=53
DPT=33091 LEN=128
Nov 4 09:52:30 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=239 TOS=0x00 PREC=0x00 TTL=110 ID=62187 PROTO=UDP SPT=53
DPT=33092 LEN=219
Nov 4 09:52:31 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=47875 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:53:11 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=48131 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:53:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=48387 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:53:42 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=48643 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:53:47 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.174 LEN=84 TOS=0x00 PREC=0x00 TTL=110 ID=42229 PROTO=UDP SPT=53
DPT=1275 LEN=64
Nov 4 09:53:50 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=244 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=224
Nov 4 09:53:50 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=234 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=214
Nov 4 09:53:52 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:53:52 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:53:55 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.161 LEN=188 TOS=0x00 PREC=0x00 TTL=110 ID=14583 PROTO=UDP SPT=53
DPT=1053 LEN=168
Nov 4 09:53:55 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.191
DST=192.168.1.161 LEN=101 TOS=0x00 PREC=0x00 TTL=110 ID=37719 PROTO=UDP SPT=53
DPT=1054 LEN=81
Nov 4 09:53:55 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.248.3
DST=192.168.1.161 LEN=101 TOS=0x00 PREC=0x00 TTL=110 ID=37721 PROTO=UDP SPT=53
DPT=1054 LEN=81
Nov 4 09:53:55 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.241.210.251
DST=192.168.1.161 LEN=101 TOS=0x00 PREC=0x00 TTL=116 ID=37723 PROTO=UDP SPT=53
DPT=1054 LEN=81
Nov 4 09:54:05 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=143 TOS=0x00 PREC=0x00 TTL=110 ID=60920 PROTO=UDP SPT=53
DPT=33094 LEN=123
Nov 4 09:54:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=48899 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:54:29 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=22123 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:54:32 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=22817 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:54:38 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=24320 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:54:43 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=202.41.82.27
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=56590 DF PROTO=TCP SPT=3580
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:54:47 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=202.41.82.27
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=56591 DF PROTO=TCP SPT=3580
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:54:50 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=26797 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:54:52 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=202.41.82.27
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=56592 DF PROTO=TCP SPT=3580
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:54:53 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=27446 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:54:59 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=28635 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:01 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=49155 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:55:04 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=202.41.82.27
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=56593 DF PROTO=TCP SPT=3580
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:55:11 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=31262 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:14 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=31909 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:20 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.69.218.193
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=243 ID=33228 DF PROTO=TCP SPT=4388
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:25 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=34244 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:28 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=34426 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:28 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=202.41.82.27
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=56594 DF PROTO=TCP SPT=3580
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:55:35 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=34896 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:35 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.129 LEN=188 TOS=0x00 PREC=0x00 TTL=110 ID=15108 PROTO=UDP SPT=53
DPT=1128 LEN=168
Nov 4 09:55:35 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.248.3
DST=192.168.1.129 LEN=101 TOS=0x00 PREC=0x00 TTL=110 ID=39652 PROTO=UDP SPT=53
DPT=1129 LEN=81
Nov 4 09:55:35 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.241.210.251
DST=192.168.1.129 LEN=101 TOS=0x00 PREC=0x00 TTL=116 ID=39653 PROTO=UDP SPT=53
DPT=1129 LEN=81
Nov 4 09:55:35 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.191
DST=192.168.1.129 LEN=101 TOS=0x00 PREC=0x00 TTL=110 ID=39654 PROTO=UDP SPT=53
DPT=1129 LEN=81
Nov 4 09:55:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=49411 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:55:48 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=35720 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:48 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=134 TOS=0x00 PREC=0x00 TTL=110 ID=38149 PROTO=UDP SPT=53
DPT=3064 LEN=114
Nov 4 09:55:48 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=136 TOS=0x00 PREC=0x00 TTL=110 ID=38405 PROTO=UDP SPT=53
DPT=3065 LEN=116
Nov 4 09:55:48 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=154 TOS=0x00 PREC=0x00 TTL=110 ID=39685 PROTO=UDP SPT=53
DPT=3064 LEN=134
Nov 4 09:55:48 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=156 TOS=0x00 PREC=0x00 TTL=110 ID=39941 PROTO=UDP SPT=53
DPT=3065 LEN=136
Nov 4 09:55:49 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=217.36.247.20
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=60581 DF PROTO=TCP
SPT=32832 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:55:51 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.154 LEN=163 TOS=0x00 PREC=0x00 TTL=110 ID=53765 PROTO=UDP SPT=53
DPT=3066 LEN=143
Nov 4 09:55:51 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=35899 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:52 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=217.36.247.20
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=37030 DF PROTO=TCP
SPT=32832 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:55:58 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=36300 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:55:58 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=217.36.247.20
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=47783 DF PROTO=TCP
SPT=32832 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:02 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=33363 DF PROTO=TCP
SPT=17834 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:05 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=26196 DF PROTO=TCP
SPT=17834 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:11 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=37058 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:56:11 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=48982 DF PROTO=TCP
SPT=17834 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:12 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=217.36.247.20
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=62377 DF PROTO=TCP
SPT=32832 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:14 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=37267 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:56:16 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=202.41.82.27
DST=192.168.1.7 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=56595 DF PROTO=TCP SPT=3580
DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 4 09:56:21 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=61.155.70.19
DST=192.168.1.7 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=37587 DF PROTO=TCP SPT=4053
DPT=25 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 4 09:56:22 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=49667 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:56:23 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=7516 DF PROTO=TCP SPT=17834
DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:47 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=62568 DF PROTO=TCP
SPT=17834 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:50 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=41834 DF PROTO=TCP
SPT=17834 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:56:56 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=27501 DF PROTO=TCP
SPT=17834 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:57:01 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=49923 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:57:08 NLynxGW kernel: TCP LOG: IN=eth0 OUT=eth1 SRC=200.32.99.242
DST=192.168.1.7 LEN=44 TOS=0x00 PREC=0x00 TTL=119 ID=3443 DF PROTO=TCP SPT=17834
DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Nov 4 09:57:24 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=212 TOS=0x00 PREC=0x00 TTL=110 ID=22038 PROTO=UDP SPT=53
DPT=33096 LEN=192
Nov 4 09:57:24 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.51.101
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=51 ID=34946 PROTO=ICMP TYPE=0
CODE=0 ID=15226 SEQ=0
Nov 4 09:57:25 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.51.101
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=51 ID=35653 PROTO=ICMP TYPE=0
CODE=0 ID=15226 SEQ=256
Nov 4 09:57:26 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.51.101
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=51 ID=36337 PROTO=ICMP TYPE=0
CODE=0 ID=15226 SEQ=512
Nov 4 09:57:27 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=216.239.51.101
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=51 ID=37029 PROTO=ICMP TYPE=0
CODE=0 ID=15226 SEQ=768
Nov 4 09:57:37 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=58
Nov 4 09:57:40 NLynxGW last message repeated 2 times
Nov 4 09:57:40 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=208.243.249.253
DST=192.168.1.143 LEN=99 TOS=0x00 PREC=0x00 TTL=110 ID=3609 PROTO=UDP SPT=53
DPT=33097 LEN=79
Nov 4 09:57:40 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39272 PROTO=ICMP TYPE=0
CODE=0 ID=15482 SEQ=0
Nov 4 09:57:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=58
Nov 4 09:57:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=50179 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
Nov 4 09:57:41 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39273 PROTO=ICMP TYPE=0
CODE=0 ID=15482 SEQ=256
Nov 4 09:57:42 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39274 PROTO=ICMP TYPE=0
CODE=0 ID=15482 SEQ=512
Nov 4 09:57:43 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39275 PROTO=ICMP TYPE=0
CODE=0 ID=15482 SEQ=768
Nov 4 09:57:44 NLynxGW kernel: IP LOG: IN=eth0 OUT=eth1 SRC=204.152.189.116
DST=192.168.1.143 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=39276 PROTO=ICMP TYPE=0
CODE=0 ID=15482 SEQ=1024
Nov 4 09:57:49 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=216 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=196
Nov 4 09:57:58 NLynxGW last message repeated 4 times
Nov 4 09:57:58 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:08:02:10:10:1d:08:00 SRC=66.118.15.75 DST=66.118.15.79
LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=137 LEN=76
Nov 4 09:58:07 NLynxGW last message repeated 7 times
Nov 4 09:58:21 NLynxGW kernel: IP LOG: IN=eth0 OUT=
MAC=00:04:e2:10:4a:68:00:e0:1e:5f:f4:69:08:00 SRC=63.121.22.5 DST=66.118.15.69
LEN=56 TOS=0x00 PREC=0x00 TTL=21 ID=50435 PROTO=ICMP TYPE=3 CODE=3
[SRC=66.118.15.69 DST=63.121.22.5 LEN=204 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF
PROTO=UDP SPT=500 DPT=500 LEN=184 ]
-------------------------------------------------------
This SF.net email is sponsored by: ApacheCon, November 18-21 in
Las Vegas (supported by COMDEX), the only Apache event to be
fully supported by the ASF. http://www.apachecon.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
