system log entries Asus AC86U

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

unclebuk

Senior Member
Can someone assist me to understand what the attached system log entries (in bold font) are indicating. Is it a security issue or something that requires my intervention?? There are literally 100's of these entries today.
xxx.27.88.57 is my ISP IP address.

Thanks in advance.


Apr 4 15:37:11 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=45.146.165.205 DST=xxx.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=59673 PROTO=TCP SPT=8080 DPT=10336 SEQ=642488640 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 4 15:37:18 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=208.100.26.228 DST=xxx.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=34072 PROTO=TCP SPT=44822 DPT=8000 SEQ=1988936289 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 4 15:37:43 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=182.254.145.229 DST=xxx.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=49109 PROTO=TCP SPT=45308 DPT=2375 SEQ=3452694187 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 4 15:37:51 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=183.136.225.42 DST=xxx.27.88.57 LEN=44 TOS=0x00 PREC=0x00 TTL=110 ID=59702 PROTO=TCP SPT=54744 DPT=9876 SEQ=1458188920 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405B4) MARK=0x8000000
Apr 4 15:37:57 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=45.146.165.205 DST=XXX.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=58719 PROTO=TCP SPT=8080 DPT=10055 SEQ=4123695649 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
 

degrub

Very Senior Member
you can do a whois search

most likely script kiddies probing .
Make sure you have "drop all unsolicited packets" set on and remote management turned off and no ports opened in the router firewall for outside access to an internal server on your lan.
 

dave14305

Part of the Furniture
They come from Skynet, if that isn’t clear (since you don’t mention that you have Skynet installed).
 

unclebuk

Senior Member
you can do a whois search

most likely script kiddies probing .
Make sure you have "drop all unsolicited packets" set on and remote management turned off and no ports opened in the router firewall for outside access to an internal server on your lan.
Hi, ok, thanks for the info.

The "drop all unsolicited packets" setting on Asus AC86U with merlin is in the AiProtection section or is there another setting for this?
 

bluzfanmr1

Senior Member
Yes, I have skynet installed.
Skynet will roll up those entries into a one line summary at the top of each hour. It is part of the stats piece of Skynet.
 

unclebuk

Senior Member
I get this error message about skynet swap file:

FW Version; 384.18_0 (Jun 28 2020) (4.1.27)
Install Dir; /tmp/mnt/Asus-entware/skynet (13.3G / 14.4G Space Available)
SWAP File; /tmp/mnt/Asus-entware/myswap.swp (256.3M)

SWAP File Too Small - 1GB Minimum Required - Please Fix Immediately!

The usb drive is 13Gb, how do I increase the swap file from 256Mb to 1 Gb?


Thanks.
 

ColinTaylor

Part of the Furniture
Use amtm to delete the current swap file and create a new one.
 

unclebuk

Senior Member
Now I see this:

[*] Lock File Detected (start skynetloc=/tmp/mnt/Asus-entware/skynet) (pid=2637)
[*] Locked Processes Generally Take 1-2 Minutes To Complete And May Result In Temporarily "

IPTables Rules | [Failed]
 
Similar threads

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top