Ubuntu Networking :: UFW Failing To Log All Connection Attempts?

Feb 17, 2011

I am trying to write a little port knocking daemon that needs to see every failed connection attempt on every port on the system. The primary way to do this (as the Wikipedia page points out) is to monitor the firewall log file. I am using UFW and reading its output in /var/log/kern.log. Typically, when UFW blocks something, it prints a little line like this:

Feb 17 10:42:42 serin kernel: [323588.279588] [UFW BLOCK INPUT]: IN=eth0 OUT= MAC=00:0b:e6:00:85:96:00:09:5b:9f:41:a4:08:00 SRC= DST= LEN=60 TOS=0x00 PREC=0x20 TTL=49 ID=46945 PROTO=TCP SPT=56849 DPT=1723 WINDOW=5840 RES=0x00 SYN URGP=0

But it seems that whenever UFW experiences a significant "load" (my client sends eight packets over the span of about 25 seconds, not too significant if you ask me), it just kind of "gives up" after 10 or so attempts. Log messages stop appearing in kern.log. I know the packets are coming; wireshark confirms this.

It seems to me that a buffer of some sort is filling up, because if I give the system a breather and try sending my sequence again in, say, three minutes, it prints log messages for 10-12 straight attempts before giving up again. I've tried sending packets at longer intervals and reading from other logs like /var/log/messages, but none of this has helped. Does anyone have any idea why UFW would fail to log all blocked connection attempts?

View 1 Replies


Networking :: Firestarter Is Blocking So Many Connection Attempts\ Analyse?

Mar 2, 2010

Since yesterday Firestarter has been prompting me that it is blocking external connection attempts as shown in the picture below:I'm not even going to bother covering the IP addresses because I personally don't see why I should care but as you can see, there has been loads of them attempting to connect to ports 3674 - 3675. I ran nmap and it came back as 631 being the only one open. So then I thought maybe lsof -i would mention much more but all it shown was:

@boris:~$ cat meh
cupsd 1644 root 5u IPv6 14329 0t0 TCP localhost:ipp (LISTEN)


View 1 Replies View Related

Ubuntu Networking :: PPTP Connection Failing With LCP Timeout

Mar 6, 2010

I'm using Kubuntu 9.10, my pppd version is 2.4.5 and pptp is 1.7.2 I'm trying to connect to the iPredator VPN service, but I keep running into problems with LCP. I've tried using knetworkmanager, nm-applet, kvpnc and plain old text-based configuration to no avail. Here's a snippet of pppd's output:


(I've got "defaultroute" in my /etc/ppp/peers/ipred config file.) Any ideas what could be causing this? Could it even be my router? It claims to support PPTP, but considering it claims a lot of other things which aren't true, I wouldn't be surprised if it was the culprit.

View 4 Replies View Related

Ubuntu Networking :: WiFi Network Connection Started Failing

Sep 1, 2010

My ubuntu system has been running really well until this morning - software update prompt appeared on the screen, so I ran with it and let it do its thing. A while after this, my WiFi network connection started failing. I've tried rebooting and then it can take up to five minutes or more for the password (keychain) prompt to appear. Once I have typed in the password the network connection starts to work. Then cuts out. Works. Then fails again.

View 3 Replies View Related

Fedora Networking :: DHCP Lease Renewal Failing On Wired Ethernet Connection?

Aug 1, 2010

I'm running an up-to-date Fedora 12 machine with the Gnome desktop (meaning with Network Manager). My network connection is a wired ethernet to a switch which then connects to a Netgear router. For some reason, this machine can't renew its leases with DHCP, so NetworkManager deactivates eth0, taking my machine off the network. I have to click Network Manager and enable eth0, which seems to work every time.

How can I fix it? Here are the relevant bits from /var/log/messages showing a failed DHCP request and then the successful renewal.

Aug 1 04:00:08 ironton dhclient[12452]: DHCPREQUEST on eth0 to port 67
Aug 1 04:00:08 ironton dhclient[12452]: DHCPNAK from
Aug 1 04:00:08 ironton NetworkManager[1261]: <info> (eth0): DHCPv4 state changed reboot -> expire
Aug 1 04:00:08 ironton NetworkManager[1261]: <info> (eth0): device state change: 8 -> 9 (reason 6)
Aug 1 04:00:08 ironton NetworkManager[1261]: <info> Marking connection 'System eth0' invalid because IP configuration expired.


View 5 Replies View Related

Debian :: Log And Drop Outgoing Connection Attempts

Sep 11, 2015

I would like to log and drop outgoing connection attempts, but the log is not showing the destination IPs.I have the following Iptable rules for my browser:

Code: Select alliptables -N LOGGING
iptables -A OUTPUT -j LOGGING
iptables -A LOGGING -j LOG --log-prefix "browser connections: " --log-level 6
iptables -A LOGGING -j DROP

Only after removing the DROP line it works.

View 14 Replies View Related

Red Hat / Fedora :: Logging Connection Attempts With Iptables

Mar 8, 2010

I'm having a lot of problems getting NIS set up with our firewall. I've looked online and no one seems to have any answers. When the firewall is off, NIS works. When it's on, it doesn't.I would like to know which ports NIS needs by logging connection attempts on the server, since I would swear the right ports seem open already. Right now I'm using this to generate the log entries:

iptables -I INPUT -m state --state NEW -j LOG --log-prefix "New Connection: "
iptables -I OUTPUT -m state --state NEW -j LOG --log-prefix "New Connection: "

However, I think it must only work for successful connections, because I'm not seeing any new entries when I try running the NIS client on another machine (ypbind).

View 5 Replies View Related

General :: Openwsman Connection With SFCB Is Failing?

Jun 3, 2010

First i installed openwsman-server- .2.0-5.el5.i386. Then i installed sblim-sfcb-1.3.7 and sblim provider packages by building the source code. Then i gave cim-xml request directly to SFCB using "wbemcat" and i am able to enumerate classes and its instances. But when i try to give a request to SFCB through Openwsman using the following command "wsman enumerate http://sblim.sf.net/wbem/wscim/1/cim...ComputerSystem --port 5985 -y Basic -u <username> -p <password>" i get a response "wsa:EndpointUnavailable" and in Openwsman log it is displaying the following error message "*** Connection to CIMOM http://localhost:5988 failed with 1null)"

I checked the correctness of the CIM schema specified in the request and both sfcb's and openwsman's configuration files i didn't get any help.

View 3 Replies View Related

Server :: Adding New VM - Failing Console Connection

Jun 21, 2010

I have a KVM server and am trying to add a new VM. The problem is I am unable to connect to the consle to finish the installation. I have put the details of the steps I took and my ssh config file for clarity. It seems I have a problem with a vnc 'security type'.

ssh config
Port 2200
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes .....

$ virt-manager -c qemu+ssh://root@phoenix:2200/system
[Prompt for password and connects OK]

KVM Server
# virt-install --connect qemu:///system -n web -r 1024 --vcpus=1 -f /dev/vms/web_os -s 5 -c ~ecosta/debian-504-amd64-netinst.iso --vnc --noautoconsole --os-type linux --os-variant debianLenny --accelerate --network network:default --hvm
Starting install...
Creating domain... 0 B 00:00
Domain installation still in progress. You can reconnect to the console to complete the installation process.

I can see the new VM but when I chose to open the console, the password is asked again and again without a successful connection to the console. The following is what I found in the log.
virt-manager log: .....

I then tried to make an ssh tunnel and use vncviewer to connect:

$ ssh -p 2200 root@phoenix -N -T -L 5902:localhost:5902

$ vncviewer localhost:2
Connected to RFB server, using protocol version 3.8
Server did not offer supported security type

$ ssvncviewer localhost:2
Proto: RFB 003.008
Connected to RFB server, using protocol version 3.8
Server did not offer supported security type:
sectype[0] 19
Security-Type: 0 (rfbSecTypeInvalid) Latency: 12.40 ms
ShmCleanup called
VNC Viewer exiting.

View 2 Replies View Related

Ubuntu Networking :: 9.04 Printer Has Too Many Failed Attempts?

Mar 27, 2010

Why is it that the darn printer keeps breaking on this thing (Ubuntu) ??? It's either every damn update that keeps messing this up. One computer is bad enough, I can't imagine having to take care of even five with this thing always screwing something up. What the hell is going on??? Yeah I'm tired of this thing always messing up the printer. Please fix this thing, separate the browsers if you have to, do whatever it takes, but please STOP messing up the printers...and I don't even print that often.Oh yeah, when you first start the OS up, the drive seems to go on for a while longer now. I only put the regular updates and don't tweak anything.

View 9 Replies View Related

Debian :: Wireless Connection Dropping Out Constantly Or Failing Authentication?

Mar 12, 2011

Using Wicd and it keeps dropping out or telling me "bad password" when the password is in fact correct. I even know it works because the first couple of times it worked, but the connection wasn't sustained for more than a few seconds each time. My reasoning is my wireless is functional in Ubuntu, there's no reason it shouldn't be in Debian. Wireless network card is ASUS PCE-N13. Ralink driver is installed. WPA-supplicant is installed. Gnome Network Manager is also present, though I've heard that it doesn't support my particular situation.

View 5 Replies View Related

Ubuntu Networking :: Networkmanager - Set The Number Of Attempts At Connecting To A Network

May 6, 2010

set the number of retries networkmanager attempts to connect to a network to infinity?

I live in an area of Australia were wired internet dare not tread (or so say the ISPs). My only real choice is 3G wireless broadband, and even that is iffy at times. Often late at night the network towers do "something" (reset, maintenance, etc. - no idea) and the internet drops out, networkmanager tries to reconnect, fails, tries again, (etc. etc.) until it ultimately gives up, requiring human intervention when the towers are done with whatever it is they are doing. This happens frequently, and I'd like to have networkmanager keep trying "forever" until it connects so I don't have to restart the connection each morning.

Where would such a thing be set? How does networkmanager know when to give up?

View 5 Replies View Related

Networking :: Fetchmail Attempts To Deliver To Non-existent Users With Localhost As Domain

Feb 27, 2010

I'm using slackware 13.0, 32-bit with sendmail, fetchmail, procmail and mutt.This is a recent install of slack, for several years, I have used a similar configuration on ubuntu, but with postfix as the MTA instead of sendmail.My system has one user: tim. Email sent to me at any of my email addresses that have 'tim' has the host component, are received, but along with that delivery is the delivery of an error message. Below is a copy of such a delivery.

View 5 Replies View Related

Networking :: VPN Failing On Ubuntu 10.04?

May 20, 2010

I have just upgraded to Ubuntu 10.04 and need to setup VPN connections to clients.

After configuring one of the vpn connections, I tried to connect but the connection fails with no specific errors.

Looking at the /var/log/messages file I get the entries as follows:
ay 20 13:52:28 machielr-laptop pppd[3362]: Plugin /usr/lib/pppd/2.4.5//nm-pptp-pppd-plugin.so loaded.
May 20 13:52:28 machielr-laptop pppd[3362]: pppd 2.4.5 started by root, uid 0
May 20 13:52:28 machielr-laptop pppd[3362]: Using interface ppp0


View 2 Replies View Related

Ubuntu Networking :: Drag And Drop Failing With VNC?

May 30, 2010

I have been using Ubuntu 10.04 (32 bit) as a headless workstation, running a VNC screen. Worked perfectly for about 3 weeks, then suddenly, I lost the Drag and Drop capability, for all applications.

For example:

Dragging and dropping to move items on the desktop does not work. The item simply pops back to the original location. Dragging and dropping to move items from one folder to another does not work. Same behavior -- the item just pops back to the original location. Dragging and dropping Bookmarks in Firefox does not work. The attempted Drag and Drop is ignored. Copy and paste still works fine. The problem does NOT occur when using an attached monitor (primary display screen :0).

I suspected that the changed behavior was caused by an update (from Ubuntu Update Manager). I confirmed this with the following:

Reinstalled Ubuntu 10.04 fresh from the live cd.
Configured minimal networking and installed VNC server.
Tested Drag and drop -- works okay
Applied pending updates (116) from Ubuntu Update Manager
Tested Drag and drop -- not working

I am using vnc4server and openssh-server installed from the repositories using Synaptic.

View 9 Replies View Related

Ubuntu Networking :: Pptp Connections Keeps Failing

Sep 10, 2010

I got this working om my laptop but on my desktop this keeps going wrong, its an upgraded system to 10.04. Made a standard pptp connection using network-manager (and the connection is 100% fine, working on laptop and on windoooz machine) This is syslog any ideas, i reinstalled network-manager-pptp and pptp-gnome, but no go no go..


View 1 Replies View Related

Ubuntu Networking :: Extracting Files For Ndiswrap Failing

Feb 8, 2010

is that my ar928x atheros wireless connection is severely slow. To fix it I've heard ndiswrap and so I've downloaded the XP driver from HP's support site (a pavilion dv7-1450us Notebook PC) and met a brick wall. The file is sp45222.exe and it contains seemingly no .bin .inf or .sys files that ndiswrap dearly requires. I've tried extracting it on a windows machine with UniExtract. This gives only three files one of which UniExtract can extract into a compilation of folders none of which have the required files. I've also attempted to use cabextract on my Ubuntubox, but not cabs come out. I have unshield, if that's relevant at all. What on Earth am I doing wrong?

View 3 Replies View Related

Ubuntu Networking :: Failing At Fstab For Shared Drive

Dec 20, 2010

I have an external HD attached to my desktop and setup as a shared resource. I want to be able to access it from my laptop as well. After much trying and drinking, I ended up with this in fstab:

//crackbox/seagate /seagate -o

then began giving me an error about not recognizing the file system type. I've been reading everything I can find and trying to get it to work, and have come up with very little. My fstab now contains this line instead of the above:


Now, when I reload fstab with "sudo mount -a", I get this output:


View 9 Replies View Related

Ubuntu Networking :: Gnome Network Manager OpenVPN Failing

May 17, 2010

I am trying to connect to an OpenVPN connection using the gnome-network manager. I'd like to point out that using the configuration file in /etc/openvpn works perfectly but I have no way of knowing if the connection has dropped. When I set up the connection in the nm it connects for a few seconds then fails. The /var/log/messages file shows this:
May 17 08:31:37 lucid64 kernel: [ 4594.043637] tun0: Disabled Privacy Extensions

View 2 Replies View Related

Fedora Networking :: Failing To Configure Dnsmasq?

Jun 11, 2009

I have configured a Fedora 10 server on a mixed Win / ix network but am unable to get DNS to resolve on my Fedora boxes.My DHCP is provided from a D-Link 108G Router - but this will not provide DNS.Therefore I have tried to configure dnsmask to provide just DNS and not DHCP. I can ping around my 192.168.1.x network by IP but not name

View 4 Replies View Related

Fedora Networking :: VPN (vpnc) On 14 X86_64 Failing?

Nov 5, 2010

I have a couple VPNs I use for work, and after installing F14 x86_64 it is failing:

Nov 5 12:40:57 raykj NetworkManager[4106]: <info> VPN service 'vpnc' started (org.freedesktop.NetworkManager.vpnc), PID 4203
Nov 5 12:40:57 raykj NetworkManager[4106]: <info> VPN service 'vpnc' appeared; activating connections


View 2 Replies View Related

Networking :: DHCPD Service Keeps Failing In CentOS 5.4

Jan 21, 2010

I'm having some trouble with getting my DHCP service up and running on my server. Below is my /etc/dhcpd.conf file, which I believe is the right file necessary to get this service up and running correctly. When I do service dhcpd restart it just show in red letter [Failed] next to it.

ddns-update-style interim;
ignore client-updates;
subnet netmask {
# --- default gateway
#option routers;
#option subnet-mask255.0.0.0;

#option nis-domain"domain.org";
#option domain-name"domain.org";
#option domain-name-servers10.7.8.1;

option time-offset-18000;# Eastern Standard Time
#option ntp-servers192.168.1.1;
#option netbios-name-servers192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
#option netbios-node-type 2;

range dynamic-bootp;
default-lease-time 21600;
max-lease-time 43200;

# we want the nameserver to appear at a fixed address
#host ns {
#next-server marvin.redhat.com;
#hardware ethernet 12:34:56:78:AB:CD;
#fixed-address; } }

View 2 Replies View Related

Networking :: Network Service Failing To Start

Mar 5, 2011

I have recently installed CentOS onto an old machine to get it up and running as a basic web/mail server. Originally the Network Interface worked ok, however I have been editing /etc/sysconfig/network-scripts/ifcfg-eth0 to try and set the IP address to be static.Now when I run the 'service network restart' command it won't bring the eth0 interface up and comes up with the following errors;

ifcfg-eth0 Line 3 DEVICE: command not found
missing config file ifcfg-ifcfg-eth0

It doesn't seem to like any of the command words, even though most of these were in the original file that worked and the ones I added to do static I have commented out.

View 4 Replies View Related

Networking :: Red Hat DNS Server Dig+trace Failing Certain Sites Only?

Feb 4, 2011

For some reason my DNS servers aren't able to resolve certain names. Most names resolve fine there are just a few that don't work. Nslookup doesn't work either of course, and curiously neither does "whois".

Here's an example:


dig facebookmail.com +trace
; <<>> DiG 9.2.4 <<>> facebookmail.com +trace
;; global options: printcmd


View 2 Replies View Related

Fedora Networking :: Failing To See Some Wireless Network - F10 On ThinkPad T60?

Jul 21, 2009

I tried fix I pointed here http://fedoramobile.org/Members/MrHappy/troubleshootingNetworkManager fails to see wireless networks with Intel 3945 chipsets(solution deals with the kernel module not with NetworkManager)but nothing to do. My actual problem is I can't see my wireless network but I see just those of my neighbours.I know mine is working because I can connect to using a Mac and windows.

View 5 Replies View Related

Networking :: Failing To Connect To Internet Using Cellphone As A Modem?

Jan 26, 2011

I am unable to connect to internet using my cell phone(sony ericsson X1i xperia). When i connect from wired internet it connects without a problem. What settings should i change/ programmes to execute? Thank u in unticipation

View 3 Replies View Related

CentOS 5 Networking :: Adapter Failing Intermittently On Multiple Machine?

Jan 25, 2011

We have two recently installed centos machines, each running 5.5, and hosting an elastix pabx distro as well as a Virtual PC instance. On both machines, the network adaptor fails completely every week or so. As they are remote machines, the only option we have when this happens is a manual reboot.

I might be barking up the wrong tree here, but the only significant difference on these machines to others we have deployed is the Virtual PC instance. The machines have dual ethernet ports, with one assigned to the virtual PC. When the network failure occurs, it does not effect the virtual machine, which continues along merrily.

My expert colleague does not think so, but can anyone think of any way that our configuration could be causing the problem? If not, does anyone have any ideas on what the problem could be, or where I would start looking for information on the machine to debug the issue?

View 6 Replies View Related

Ubuntu Networking :: Setting Up Bluetooth Connection Between Two Computers Throws Connection Refused (111)

Apr 3, 2011

I'm trying to create a PAN (Personal Area Network) using a laptop (Siragon ML-1040) and my desktop computer, but I get the Connection Refused (111) error.

Blueman doesn't detect any network service between the two computers unless I start PAND on one of them and then it detects the NAP service. That, only after I enable the NAP/Workgroup services on the Services submenu in Blueman. However, it doesn't work neither with the NM plugins or without them (dhclient and that other one I can't remember the name of).

Any clues over here? I'm using pand 4.91 and blueman.

View 3 Replies View Related

Ubuntu Networking :: LinuxWiMAX - Firmware Installation - Modem Works Fine But Failing To Install Drivers

May 17, 2011

I switched from windows to Ubuntu 10.10. But I'm not getting along with it as well as I expected I would Specially cause I'm not getting the best out of it due to limited web connectivity. I used to use a usb WiMax modem back in windows (which is also supposed to be supported by linux as my service provider said) for internet. But I'm having a hard time configuring it on my Ubuntu. The modem works fine but I'm failing to install the drivers [url]. I used my cell as a temporary modem to get help from the web.

I downloaded:-
i2400m firmware 1.5.0
WiMAX Tools 1.4.5
WiMAX Network Service 1.5.2

According to the documentation, I'm supposed to install the linux kernel 2.6.35 which Maverick comes with anyway.

Then comes the part to install the firmware. The command I used was


But unfortunately and annoyingly the result is


I didn't get it. Am I missing any package or something?

View 1 Replies View Related

Ubuntu Networking :: Wireless Network Connection Active But Still Not Internet Connection?

Jan 24, 2010

Its a case of ".... wireless network connection active but still not internet connection .."I am using WEP - 128 key ... Works when I connect directly using ethernet cable ... but not wireless (pci and wireless router)

ubuadmin@ubucomputer:~$ ifconfig

wlan0 Link encap:Ethernet HWaddr 00:06:25:12:83:3b
inet addr: Bcast: Mask:
inet6 addr: fe80::206:25ff:fe12:833b/64 Scope:Link[code].....

View 5 Replies View Related

Copyrights 2005-15 www.BigResource.com, All rights reserved