Hi,
My kernel logs is full of firewall logs. Is this normal?
[ 2729.381856] turris-00000000: IN=eth1 OUT= MAC=d8:58:d7:00:5a:fa:70:ca:9b:a7:9a:d9:08:00 SRC=213.207.237.143 DST=[my WAN IP] LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=29490 PROTO=TCP SPT=11612 DPT=7547 WINDOW=27357 RES=0x00 SYN URGP=0
One every second. and the destination is my WAN IP address.
I noticed that in system log:
ucollect[2575]: Failed to resolve uplink api.turris.cz:5679: Try again
Should the DNS start before uCollect?
Hi Leonardo,
I have same mess in my firewall log … did you find what is that? and how can we turn it off?
or anybody else can help?
thanks
No. Still getting them.
If that’s your public IP… https://securityintelligence.com/mirai-evolving-new-attack-reveals-use-of-port-7547/
Is there a way to filter off firewall logs from wan?
I get hundreds of entries, making impossible to read the logs without filters.
definitely is something “wrong” with ucollect, because if you disable “data collection” in Foris your mess in firewall log will be gone.
See this reply from retired Turris developer.
https://forum.test.turris.cz/t/how-to-disable-pppoe-wan-messages-in-kernel-log/5360/2?u=pepe
thank you, but unfortunately I’m a newbie with linux/wrt and its impossible for me to change syslog-ng filters :-/
I was surprised when I restored TO to factory default, after that turned on data collection and my kernel log was full of this logs with various DPT (I don’t use torrent on any devices). and also I see hundreds records in the log but if I look on nic.cz webpage where should be my TO firewall logs (graphs, logged sessions etc) I see only few (less than 10 per day)