Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Getting Iptables New not syn log message more time
Special Forums IP Networking Getting Iptables New not syn log message more time Post 302540765 by pasindu on Thursday 21st of July 2011 01:59:16 PM
Old 07-21-2011
Getting Iptables New not syn log message more time
Hi guys,

I having Iptables log message. It's coming more time. It's can't handle to linux squid.

Firewall -> 192.168.102.2 <iptables>
squid -> 192.168.102.2 <transparent proxy (port 3128)>

error ->
Jul 21 23:58:16 mig [559289.955344] New not syn:IN= OUT=eth0 SRC=192.168.102.2 DST=192.168.102.96 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=53063 DF PROTO=TCP SPT=3128 DPT=1638 WINDOW=11680 RES=0x00 ACK URGP=0

<This message getting all 192.168.102.0/32 network ip's>

getting above message more and move time. can't handle. full network getting slow .squid bandwidth not utilize. but internet slow.
 

9 More Discussions You Might Find Interesting

1. Programming

Getting an ACK for RAW SYN packet

Hi, I'm trying to create a RAW TCP SYN packet and send it from one Linux machine to another. I know the packet I have created is well formed and is received by the peer. Now what I want is to get an ACK for my SYN. I want the peer's Network protocol stack to send me an ACK for that. I know... (17 Replies)
Discussion started by: zampya
17 Replies

2. Linux

Security issue with TCP SYN packets on Linux

Hi all, A security scanner has been done on a linux server and have found that The remote host does not discard RCP SYN packets which have the FIN flag set. It tells that I need to request a patch which I haven't found yet. I have Red Hat Linux release 7.0 (Guinness) Kernel 2.2.16-22... (2 Replies)
Discussion started by: bert.n
2 Replies

3. Shell Programming and Scripting

syn

suppose I have data in a log file in the below format date|time|name|email|address|SSN date|time|name|email|address|SSN date|time|name|email|address|SSN is it possible to create a search engine which takes input as three filters out of which two filters should be optional? say i give... (4 Replies)
Discussion started by: wannalearn
4 Replies

4. UNIX for Advanced & Expert Users

What is FIN/ACK/SYN

Please tell me details about terms FIN, ACK, SYN, RST; used in TCP based communication. Also tell me any RFC or other document which tell me details about these terms. (1 Reply)
Discussion started by: mansoorulhaq
1 Replies

5. Shell Programming and Scripting

Redirecting STDERR message to STDOUT & file at same time

Friends I have to redirect STDERR messages both to screen and also capture the same in a file. 2 > &1 | tee file works but it also displays the non error messages to file, while i only need error messages. Can anyone help?? (10 Replies)
Discussion started by: vikashtulsiyan
10 Replies

6. UNIX for Dummies Questions & Answers

Display message on screen and flat file at same time

Hi guys, I have a script that call another, the other displays de message and I can print directly to the flat file, but in one command I am searchig that this message can be displayed in the screen and in the flat file in one command. I am doing something like this: var=$(./Example.sh)... (2 Replies)
Discussion started by: pipoca
2 Replies

7. UNIX for Dummies Questions & Answers

plug in for syn on

I am using vim version 7.1.314.It don't have syn on.Is there any plug in available for syn on or I have to update the version. (2 Replies)
Discussion started by: karthigayan
2 Replies

8. Solaris

TCP SYN timer

Can anybody please tell me how I can figure out on a solaris server how long it would take a TCP SYN request to timeout before it gets a SYN_ACK back? Thanks, (3 Replies)
Discussion started by: Pouchie1
3 Replies

9. Shell Programming and Scripting

How can view log messages between two time frame from /var/log/message or any type of log files

How can view log messages between two time frame from /var/log/message or any type of log files. when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval. Could you pls give me the command? (1 Reply)
Discussion started by: johnveslin
1 Replies

LEARN ABOUT DEBIAN

cisco_ios2dlf

CISCO_IOS2DLF.IN(1)					  LogReport's Lire Documentation				       CISCO_IOS2DLF.IN(1)

NAME

       cisco_ios2dlf - convert cisco logs to dlf format

SYNOPSIS

       cisco_ios2dlf

DESCRIPTION

       This script expects syslog-type logs from a CISCO IOS router on stdin.  These look like e.g.

	Jul  3 00:00:39 router 40108: 4d09h: %SEC-6-IPACCESSLOGP:
	 list FR_VA_in permitted udp 192.168.19.1(137) (Serial0/0.2 DLCI 120)
	 -> 192.168.19.255(137), 2 packets
	Jul  3 00:02:39 router 40109: 4d09h: %SEC-6-IPACCESSLOGP: list FR_VA_in
	 permitted udp 192.168.80.42(138) (Serial0/0.2 DLCI 120) ->
	 192.60.60.148(138), 1 packet
	Jul  3 00:02:39 router 40110: 4d09h: %SEC-6-IPACCESSLOGDP: list FR_VA_in
	 permitted icmp 192.168.80.82 (Serial0/0.2 DLCI 120) -> 149.1.1.1 (8/0),
	 1 packet

       or

	Aug 19 04:02:34 gateway.foo.bar 218963: Aug 19 04:02:32.977:
	 %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
	 to down
	Aug 19 04:02:34 gateway.foo.bar 218964: Aug 19 04:02:33.262:
	 %ISDN-6-DISCONNECT: Interface BRI0:1  disconnected from 172605440 acme,
	 call lasted 42 seconds
	Aug 19 04:02:35 gateway.foo.bar 218965: Aug 19 04:02:33.266:
	 %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
	Aug 19 04:02:38 gateway.foo.bar 218966: Aug 19 04:02:36.103:
	 %SEC-6-IPACCESSLOGP: list 102 denied tcp 100.198.139.148(4652) ->
	 100.193.176.49(80), 1 packet
	Aug 19 04:02:45 gateway.foo.bar 218967: Aug 19 04:02:43.543:
	 %ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 86 changed to down
	Aug 19 04:02:53 gateway.foo.bar 218968: Aug 19 04:02:51.471:
	 %SEC-6-IPACCESSLOGP: list 102 denied tcp 100.74.103.1(2162) ->
	 100.193.176.98(80), 1 packet

       The outputted dlf files look like:

	994118619 permitted icmp 192.168.80.9 - Serial0/0.2 DLCI_120
	 192.168.19.1 - 1
	994118619 permitted udp 192.168.19.1 138 Serial0/0.2 DLCI_120
	 192.168.19.255 138 1

EXAMPLES

       To process a log as produced by Cisco IOS:

	$ cisco_ios2dlf < cisco.log

       cisco_ios2dlf will be rarely used on its own, but is more likely called by lr_log2report:

	$ lr_log2report cisco_ios < /var/log/cisco.log

AUTHORS

       Francis J. Lacoste based on initial code by Joost Bekkers <joost@jodocus.org>

VERSION

       $Id: cisco_ios2dlf.in,v 1.8 2006/07/23 13:16:35 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2001 Joost Bekkers <joost@jodocus.org> Copyright (C) 2002 Stichting LogReport Foundation <logreport@logreport.org>

       This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
       the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

Lire 2.1.1							    2006-07-23						       CISCO_IOS2DLF.IN(1)
All times are GMT -4. The time now is 03:48 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy