IPFV загадил весь лог tcpflags 0x11<FIN,ACK>
Добавлено: 2015-02-02 14:29:45
Доброго времени суток, all.
С недавнего времени весь /var/log/messages загажен вот такими вот сообщениями:
Если в jail 217.23.80.9 остановить nginx, то продолжает гадить
Подскажите, как избавиться? Иначе он мне забивает весь /var моментом...
С недавнего времени весь /var/log/messages загажен вот такими вот сообщениями:
Код: Выделить всё
Feb 2 14:22:07 tengwar kernel: TCP: [213.80.179.16]:50054 to [217.23.80.9]:80 tcpflags 0x4<RST>; syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted by remote endpoint
Feb 2 14:22:07 tengwar kernel: TCP: [188.168.232.198]:40513 to [217.23.80.9]:80 tcpflags 0x18<PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received 52 bytes of data after socket was closed, sending RST and removing tcpcb
Feb 2 14:22:07 tengwar kernel: TCP: [213.80.200.10]:47676 to [217.23.80.9]:80 tcpflags 0x18<PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received 188 bytes of data after socket was closed, sending RST and removing tcpcb
Feb 2 14:22:07 tengwar kernel: TCP: [213.80.200.10]:47676 to [217.23.80.9]:80 tcpflags 0x11<FIN,ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
Feb 2 14:22:07 tengwar kernel: TCP: [188.168.233.87]:44545 to [217.23.80.9]:80 tcpflags 0x18<PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received 94 bytes of data after socket was closed, sending RST and removing tcpcb
Feb 2 14:22:07 tengwar kernel: TCP: [213.80.200.10]:47349 to [217.23.80.9]:80 tcpflags 0x18<PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received 188 bytes of data after socket was closed, sending RST and removing tcpcb
Feb 2 14:22:07 tengwar kernel: TCP: [188.168.233.87]:44545 to [217.23.80.9]:80 tcpflags 0x11<FIN,ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
Feb 2 14:22:07 tengwar kernel: TCP: [213.80.200.10]:47349 to [217.23.80.9]:80 tcpflags 0x11<FIN,ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
^C
Код: Выделить всё
Feb 2 14:29:00 tengwar kernel: TCP: [100.64.36.131]:2853 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [213.80.195.116]:54201 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [188.244.225.165]:50714 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [100.64.24.254]:38416 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [188.244.225.29]:34758 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [188.244.225.83]:58589 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [100.64.94.205]:49287 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [188.168.244.104]:58768 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [100.66.0.187]:50992 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [213.80.176.211]:42997 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
Feb 2 14:29:00 tengwar kernel: TCP: [100.64.135.48]:50926 to [217.23.80.9]:80 tcpflags 0x2<SYN>; tcp_input: Connection attempt to closed port
^C