RE: someone help interpret log messages please

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, Chris. (btw, nice name ;D )

I've a client that uses a Netopia 4622-XL router/firewall, and it's
configured to send ruleset violations to a syslog server.  My guess is that
your "server" is probably running the up2date daemon and that it's this
daemon that is performing the DNS queries.  Either that or maybe you have
some other daemon running???


Cheers!

- Christopher


-----Original Message-----
From: Chris W. Parker [mailto:cparker@xxxxxxxxxxxx]
Sent: Tuesday, December 02, 2003 3:58 PM
To: redhat-list@xxxxxxxxxx
Subject: someone help interpret log messages please


Hello,

At the bottom of this message I've pasted verbatim some lines from a log
on one of my servers. Currently this server is not doing anything and is
not setup to do anything. I used it to test out our new DSL connection
here at work to make sure I could configure the router properly.

I have our router (a Netopia DSL router/modem) sending it's logs via
syslog to the linux server. The linux server is currently the only thing
plugged into that network.

This may be totally normal but it just seems like a waste. I want to
decide whether or not I should continue to have the router send it's log
data to this server. My point for turning on the syslog function on the
router was to hopefully gauge the bandwidth being used by the entire
network once it goes online, but so far it doesn't look promising.

I know that a lot of these messages are regarding DNS, but since nothing
should be happening on the server (afaik there is no activity on the
server, it's just sitting there plugged in) why are the messages being
repeated 100's of times? Does DNS traffic always occur that much?


Thanks for your help.

Chris.



Dec 02 12:47:57 192.168.1.1 dslrouter 2003 protocol:TCP srcIP:
66.15.70.32 dstIP:    66.15.5.176 srcPort: 3645 dstPort:  135 attempt
Dec 02 12:47:57 192.168.1.1 dslrouter 2003 protocol:UDP srcIP:
192.168.1.2 dstIP:        4.2.2.1 srcPort:46599 dstPort:   53 attempt
Dec 02 12:48:00 192.168.1.1 last message repeated 78 times
Dec 02 12:48:06 192.168.1.1 dslrouter 2003 protocol:UDP srcIP:
192.168.1.2 dstIP:        4.2.2.1 srcPort:46600 dstPort:   53 attempt
Dec 02 12:48:10 192.168.1.1 last message repeated 124 times
Dec 02 12:48:15 192.168.1.1 dslrouter 2003 protocol:UDP srcIP:
192.168.1.2 dstIP:        4.2.2.1 srcPort:46601 dstPort:   53 attempt
Dec 02 12:48:29 192.168.1.1 last message repeated 432 times
Dec 02 12:48:34 192.168.1.1 dslrouter 2003 protocol:UDP srcIP:
192.168.1.2 dstIP:        4.2.2.1 srcPort:46602 dstPort:   53 attempt
Dec 02 12:48:47 192.168.1.1 last message repeated 187 times
Dec 02 12:48:47 192.168.1.1 dslrouter 2003 protocol:TCP srcIP:
192.168.1.2 dstIP: 64.215.248.238 srcPort:   22 dstPort:53394 attempt
Dec 02 12:48:47 192.168.1.1 dslrouter 2003 protocol:UDP srcIP:
192.168.1.2 dstIP:        4.2.2.1 srcPort:46602 dstPort:   53 attempt


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux