Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 2 subscribers
  • Views 1157 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

stange entries in kernel.log confd-debug.log

ciscoman
Hi,
looking through some logs, I found some strange entries:

Any idea what this means?[SIZE="1"][SIZE="1"]
2013:02:21-09:35:50 ASG-01-1 kernel: [27911926.426122] __ratelimit: 18 callbacks suppressed
2013:02:21-09:35:56 ASG-01-1 kernel: [27911931.894332] __ratelimit: 18 callbacks suppressed
2013:02:21-09:36:01 ASG-01-1 kernel: [27911936.946636] __ratelimit: 18 callbacks suppressed
2013:02:21-09:36:06 ASG-01-1 kernel: [27911942.422988] __ratelimit: 18 callbacks suppressed
2013:02:21-09:36:11 ASG-01-1 kernel: [27911947.458616] __ratelimit: 18 callbacks suppressed

[/SIZE][/SIZE]
Same question here. According to wikipedia: IP address spoofing in denial-of-service attacks. But this IP is simply not known or routed[SIZE="1"]
2013:02:21-00:21:56 ASG-01-1 kernel: [27878699.838896] __ratelimit: 18 callbacks suppressed
2013:02:21-00:21:56 ASG-01-1 kernel: [27878699.838899] martian source 192.168.196.48 from 0.0.0.0, on dev eth2
2013:02:21-00:21:56 ASG-01-1 kernel: [27878699.838900] ll header: ff:ff:ff:ff:ff:ff:00:00:00:00:f6:00:08:00
2013:02:21-00:21:56 ASG-01-1 kernel: [27878700.003119] martian source 192.168.196.48 from 0.0.0.0, on dev eth2
2013:02:21-00:21:56 ASG-01-1 kernel: [27878700.003121] ll header: ff:ff:ff:ff:ff:ff:00:00:00:00:f6:01:08:00
2013:02:21-00:21:56 ASG-01-1 kernel: [27878700.303022] martian source 192.168.196.48 from 0.0.0.0, on dev eth2
2013:02:21-00:21:56 ASG-01-1 kernel: [27878700.303024] ll header: ff:ff:ff:ff:ff:ff:00:00:00:00:f6:01:08:00
2013:02:21-00:21:56 ASG-01-1 kernel: [27878700.338854] martian source 192.168.196.48 from 0.0.0.0, on dev eth2
2013:02:21-00:21:56 ASG-01-1 kernel: [27878700.338856] ll header: ff:ff:ff:ff:ff:ff:00:00:00:00:f6:00:08:00
2013:02:21-00:21:57 ASG-01-1 kernel: [27878700.803819] martian source 192.168.196.48 from 0.0.0.0, on dev eth2
2013:02:21-00:21:57 ASG-01-1 kernel: [27878700.803821] ll header: ff:ff:ff:ff:ff:ff:00:00:00:00:f6:01:08:00
2013:02:21-00:21:57 ASG-01-1 kernel: [27878700.838728] martian source 192.168.196.48 from 0.0.0.0, on dev eth2[/SIZE]



There is a SUM 4.0 running only for monitoring. Why is every request logged?
[SIZE="1"]2013:02:21-00:48:14 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get_product_details"
2013:02:21-00:48:14 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get_object"
2013:02:21-00:48:14 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get"
2013:02:21-00:48:15 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get"
2013:02:21-00:48:15 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get"
2013:02:21-00:48:15 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get"
2013:02:21-00:48:15 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get"
2013:02:21-00:48:16 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get"
2013:02:21-00:48:16 ASG-01-1 confd[3290]: D sys::AUTOLOAD:285() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" lock="none
" method="get"[/SIZE]

Best Regards,
ciscoman

ASG; HA mode; v8.3x


This thread was automatically locked due to age.