Webmaster Security

#Log_14 - Daily Samples from PF

Submitted by BURST, , Thread ID: 113922

Thread Closed
30-12-2018, 05:53 AM
#1
Several versions of PF currently run on OpenBSD, FreeBSD, NetBSD, DragonflyBSD and Mac OS X 10.6. See pf for details on how to configure this. (http://www.openbsd.org/faq/pf/logging.html)
Code:
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.793256 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815379950 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.815208 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815379973 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.844763 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815380002 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.867973 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815380026 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.892592 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815380050 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.916465 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815380074 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.945039 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815380102 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.966970 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2450721 win 73 <nop,nop,timestamp 1815380125 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:53:25.968177 rule 2/(match) pass in on xl0: 205.174.165.231.50425 > 192.168.2.10.22: . ack 2451361 win 73 <nop,nop,timestamp 1815380125 17589621,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:54:39.257554 rule 3/(match) pass out on xl0: 192.168.2.10.22 > 205.174.165.231.56038: . ack 53376 win 16416 <nop,nop,timestamp 4232982920 1815453138,[|tcp]> (DF) [tos 0x10]
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.265470 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 57
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.267876 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 57
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.270532 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 73
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.273141 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 105
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.275813 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 105
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.278266 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 105
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.281040 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 105
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.283846 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 105
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.286602 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 105
Mar 30 15:55:20 enigma pf: Mar 30 15:55:14.289160 rule 3/(match) pass out on xl0: 192.168.2.10.1514 > 192.168.2.26.3875: udp 97
Mar 30 15:55:19 enigma pf: Mar 30 15:48:02.810188 rule 2/(match) pass in on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo reply
Mar 30 15:55:19 enigma pf: Mar 30 15:48:03.688233 rule 3/(match) pass out on xl0: 192.168.2.10 > 192.168.2.1: icmp: 192.168.2.10 udp port 137 unreachable
Mar 30 15:55:19 enigma pf: Mar 30 15:48:03.820068 rule 3/(match) pass out on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo request
Mar 30 15:55:19 enigma pf: Mar 30 15:48:03.820087 rule 2/(match) pass in on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo request
Mar 30 15:55:19 enigma pf: Mar 30 15:48:03.820115 rule 3/(match) pass out on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo reply
Mar 30 15:55:19 enigma pf: Mar 30 15:48:03.820129 rule 2/(match) pass in on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo reply
Mar 30 15:55:19 enigma pf: Mar 30 15:48:04.830069 rule 3/(match) pass out on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo request
Mar 30 15:55:19 enigma pf: Mar 30 15:48:04.830088 rule 2/(match) pass in on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo request
Mar 30 15:55:19 enigma pf: Mar 30 15:48:04.830118 rule 3/(match) pass out on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo reply
Mar 30 15:55:19 enigma pf: Mar 30 15:48:04.830132 rule 2/(match) pass in on lo0: 127.0.0.1 > 127.0.0.1: icmp: echo reply
[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]

RE: #Log_14 - Daily Samples from PF

#2
In dapibus augue non sapien. Mauris suscipit, ligula sit amet pharetra semper, nibh ante cursus purus, vel sagittis velit mauris vel metus. Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Fusce suscipit libero eget elit. Aliquam id dolor

Users browsing this thread: 1 Guest(s)