Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ...
- [UFW AUDIT] IN= OUT=eth0 SRC=176.58.105.134 DST=194.238.48.2 LEN=76 TOS=0x10 PREC=0x00 TTL=64 ID=32137 DF PROTO=UDP SPT=36231 DPT=123 LEN=56
- [UFW ALLOW] IN= OUT=eth0 SRC=176.58.105.134 DST=194.238.48.2 LEN=76 TOS=0x10 PREC=0x00 TTL=64 ID=32137 DF PROTO=UDP SPT=36231 DPT=123 LEN=56
- [UFW AUDIT] IN= OUT=lo SRC=192.168.192.254 DST=192.168.192.254 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=54579 DF PROTO=TCP SPT=59488 DPT=30002 WINDOW=32792 RES=0x00 SYN URGP=0
- [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=192.168.192.254 DST=192.168.192.254 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=54579 DF PROTO=TCP SPT=59488 DPT=30002 WINDOW=32792 RES=0x00 SYN URGP=0
- [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=192.168.192.254 DST=192.168.192.254 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=4319 DF PROTO=TCP SPT=59489 DPT=30002 WINDOW=32792 RES=0x00 SYN URGP=0
- ...
- ufw-before-logging-input all -- anywhere anywhere
- ufw-after-logging-input all -- anywhere anywhere
- ufw-before-logging-forward all -- anywhere anywhere
- ufw-after-logging-forward all -- anywhere anywhere
- ufw-before-logging-output all -- anywhere anywhere
- ufw-after-logging-output all -- anywhere anywhere
- Chain ufw-after-logging-forward (1 references)
- LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
- Chain ufw-after-logging-input (1 references)
- LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
- Chain ufw-after-logging-output (1 references)
- LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
- ufw-logging-deny all -- anywhere anywhere ctstate INVALID
- Chain ufw-before-logging-forward (1 references)
- LOG all -- anywhere anywhere ctstate NEW limit: avg 3/min burst 10 LOG level warning prefix "[UFW AUDIT] "
- Chain ufw-before-logging-input (1 references)
- LOG all -- anywhere anywhere ctstate NEW limit: avg 3/min burst 10 LOG level warning prefix "[UFW AUDIT] "
- Chain ufw-before-logging-output (1 references)
- LOG all -- anywhere anywhere ctstate NEW limit: avg 3/min burst 10 LOG level warning prefix "[UFW AUDIT] "
- Chain ufw-logging-allow (0 references)
- LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
- Chain ufw-logging-deny (2 references)
- LOG all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 LOG level warning prefix "[UFW AUDIT INVALID] "
- LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
- ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10
- LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] "
- Chain ufw-user-logging-forward (0 references)
- Chain ufw-user-logging-input (0 references)
- Chain ufw-user-logging-output (1 references)
- # rules.before
- # ....
- # allow all on loopback
- -A ufw-before-input -i lo -j ACCEPT
- -A ufw-before-output -o lo -j ACCEPT
- # ....
- Mar 17 21:02:21 pc kernel: [133419.183616] [UFW AUDIT] IN=wlp2s0 OUT= MAC= SRC=192.168.1.2 DST=224.0.0.251 LEN=146 TOS=0x00 PREC=0x00 TTL=255 ID=22456 DF PROTO=UDP SPT=5353 DPT=5353 LEN=126
- # allow MULTICAST mDNS for service discovery (be sure the MULTICAST line above
- # is uncommented)
- -A ufw-before-input -p udp -d 224.0.0.251 --dport 5353 -j ACCEPT
- sudo ufw deny 5353
Add Comment
Please, Sign In to add comment