[Dshield] IPCop, The Web parser, and me. (long: Sorry!)

Wayne Larmon wlarmon at dshield.org
Sun Aug 17 17:37:54 GMT 2003


> Ok, I'm in a bit of a quandry here; I'm using IPCop V1.3P3 as the
> basis for my firewall; it uses IPTables.  There are no native clients
> availabe for IPCop v1.3 or higher (there was a client that would
> work with the old IPChains versions of IPCop, prior to 1.3).

Were you using one of the third party *NIX clients for IPCOP from
http://www.dshield.org/linux_clients.php#ipcop ?

If you'll send me a copy of your IPCop log off list (as an attachment), then
I'll see if I can write a new converter for our *NIX Framework line of
clients.

If you are using the Windows CVTWIN, with Kiwi Syslog Daemon,
(http://www.dshield.org/windows_clients.php) then I can do a new converter
for that too.

Wayne Larmon
DShield.org
wlarmon at dshield.org

> So, I'm trying to use the web parser to input my logs, and I
> am only getting rejection of the logs notices.  Here's a copy
> of my logs (with only my IP being masked out; this is a valid
> log that was rejected by the web parser).  Sorry it's so long, but
> I'm trying to make my point here:
> -------------------------------------------------------------------------
> 00:07:17 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=212.70.37.155 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=106 ID=64135
> DF PROTO=TCP SPT=3817 DPT=17300 WINDOW=8760 RES=0x00 SYN URGP=0
> 00:07:49 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=40190
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 00:27:29 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=64.156.39.12 DST=XX.XX.XX.XX LEN=574 TOS=0x00 PREC=0x00
> TTL=116 ID=9785
> PROTO=UDP SPT=666 DPT=1026 LEN=554
> 00:28:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 00:39:44 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=410
> 01:13:21 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=35169
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 01:31:33 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 01:50:18 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=24.88.36.241 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=114 ID=37323
> DF PROTO=TCP SPT=4782 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0
> 01:51:22 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30111 DPT=1026 LEN=410
> 01:57:24 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=63268 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 02:00:09 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=52198 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 02:10:33 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=58772 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 02:12:18 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.72.82.222 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=113 ID=49210
> DF PROTO=TCP SPT=4020 DPT=17300 WINDOW=64800 RES=0x00 SYN URGP=0
> 02:14:01 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00 TTL=243 ID=9599
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 02:20:54 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=8450 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 02:24:30 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=374
> 02:25:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.5.141.119 DST=XX.XX.XX.XX LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=47256
> DF PROTO=TCP SPT=2237 DPT=21 WINDOW=55168 RES=0x00 SYN URGP=0
> 02:25:46 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.5.141.119 DST=XX.XX.XX.XX LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=47597
> DF PROTO=TCP SPT=2237 DPT=21 WINDOW=55168 RES=0x00 SYN URGP=51074
> 02:25:51 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.5.141.119 DST=XX.XX.XX.XX LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=47801
> DF PROTO=TCP SPT=2237 DPT=21 WINDOW=55168 RES=0x00 SYN URGP=0
> 02:31:18 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=10268 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 02:46:42 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=45264 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 03:00:41 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=61.154.122.251 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00
> TTL=43 ID=0 DF
> PROTO=TCP SPT=1528 DPT=1080 WINDOW=31704 RES=0x00 SYN URGP=0
> 03:00:57 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=61.154.122.251 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00
> TTL=43 ID=0 DF
> PROTO=TCP SPT=1529 DPT=6588 WINDOW=31704 RES=0x00 SYN URGP=0
> 03:02:03 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=55222 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 03:14:28 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30111 DPT=1026 LEN=410
> 03:16:32 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 03:17:27 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=61670 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 03:18:01 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=53881
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 03:32:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=26108 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 03:48:12 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=26330 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 03:50:16 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=66.7.146.30 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00 TTL=48
> ID=48999 DF
> PROTO=TCP SPT=59027 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0
> 03:50:19 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=66.7.146.30 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00 TTL=48
> ID=49000 DF
> PROTO=TCP SPT=59027 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0
> 04:03:33 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=35310 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 04:07:51 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 04:18:57 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=45892 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 04:20:04 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=30922
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 04:22:23 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=56926 PROTO=TCP SPT=54480 DPT=1080 WINDOW=16384 RES=0x00 SYN URGP=0
> 04:22:23 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=27196 PROTO=TCP SPT=28156 DPT=3128 WINDOW=16384 RES=0x00 SYN URGP=0
> 04:22:23 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=35466 PROTO=TCP SPT=32718 DPT=4588 WINDOW=16384 RES=0x00 SYN URGP=0
> 04:22:23 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=58642 PROTO=TCP SPT=11465 DPT=1075 WINDOW=16384 RES=0x00 SYN URGP=0
> 04:22:23 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=25181 PROTO=TCP SPT=24303 DPT=6588 WINDOW=16384 RES=0x00 SYN URGP=0
> 04:34:18 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=6448 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 04:38:38 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 04:49:39 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=8772 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 04:58:52 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 05:05:04 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=20240 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 05:20:28 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=24968 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 05:26:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=17197
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 05:35:49 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=37312 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 05:50:28 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 05:51:13 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=54496 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 06:02:21 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 06:06:34 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=6586 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 06:21:58 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=6382 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 06:27:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=15915
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 06:37:19 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=18420 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 06:42:34 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=374
> 06:52:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=33276 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 07:08:04 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=55118 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 07:23:28 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=62634 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 07:27:07 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 07:31:16 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=41647
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 07:34:17 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=410
> 07:38:52 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=23938 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 07:54:13 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=49434 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 08:01:47 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.78.137.69 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=113 ID=13614
> DF PROTO=TCP SPT=2564 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0
> 08:09:34 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=55662 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 08:24:58 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=16214 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 08:25:42 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 08:36:19 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=29720
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 08:40:22 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=36500 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 08:49:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30113 DPT=1026 LEN=374
> 08:55:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=63598 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 09:06:08 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=64.27.29.46 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF
> PROTO=TCP SPT=1084 DPT=1080 WINDOW=31704 RES=0x00 SYN URGP=0
> 09:11:07 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=12948 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 09:17:23 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 09:26:28 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=37444 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 09:39:05 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=53964
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 09:57:16 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=35618 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 10:11:03 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 10:12:37 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=11296 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 10:16:30 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30113 DPT=1026 LEN=374
> 10:28:01 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=62550 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 10:41:34 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00 TTL=243 ID=1364
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 10:43:25 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=29986 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 10:43:58 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=61.154.122.251 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00
> TTL=43 ID=0 DF
> PROTO=TCP SPT=1457 DPT=1080 WINDOW=31704 RES=0x00 SYN URGP=0
> 10:58:46 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=44696 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 11:03:44 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=374
> 11:12:30 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=40128
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:13:33 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=47163
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:14:13 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=25866 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 11:14:37 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=54638
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:15:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=60985
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:16:47 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=687 DF
> PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:17:50 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00 TTL=9 ID=5822
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:18:54 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=14428
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:20:00 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=20965
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:21:04 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=27799
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:22:08 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=34835
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:23:13 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=41847
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:24:19 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=47716
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:25:25 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=53341
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:26:29 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00
> TTL=9 ID=58979
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:27:32 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=198.82.162.213 DST=XX.XX.XX.XX LEN=76 TOS=0x00 PREC=0x00 TTL=9 ID=1023
> DF PROTO=UDP SPT=123 DPT=1119 LEN=56
> 11:28:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=7630 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:29:37 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=50774 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 11:30:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=60790 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:32:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=51860 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:34:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=57754 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:36:08 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30111 DPT=1026 LEN=410
> 11:36:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=54719 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:40:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=21662 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:42:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=4743 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:44:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.67.67.17 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=56
> ID=57602 DF
> PROTO=TCP SPT=443 DPT=1213 WINDOW=32120 RES=0x00 ACK FIN URGP=0
> 11:47:40 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=39963
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 11:55:29 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 12:00:23 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=29766 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 12:27:16 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=65.54.228.90 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=32023
> PROTO=TCP SPT=80 DPT=1573 WINDOW=0 RES=0x00 RST URGP=0
> 12:38:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=45768 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 12:47:59 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=374
> 12:50:46 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=40225
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 13:01:45 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30113 DPT=1026 LEN=374
> 13:34:42 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=211.238.132.173 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00 TTL=44
> ID=20479 DF PROTO=TCP SPT=4330 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
> 13:38:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=64.156.39.12 DST=XX.XX.XX.XX LEN=564 TOS=0x00 PREC=0x00
> TTL=107 ID=40412
> PROTO=UDP SPT=666 DPT=1026 LEN=544
> 13:53:30 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=16346
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 13:59:06 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=2366
> DF PROTO=TCP SPT=3055 DPT=57 WINDOW=8192 RES=0x00 SYN URGP=0
> 13:59:09 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=32062
> DF PROTO=TCP SPT=3055 DPT=57 WINDOW=8192 RES=0x00 SYN URGP=0
> 13:59:15 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=47679
> DF PROTO=TCP SPT=3055 DPT=57 WINDOW=8192 RES=0x00 SYN URGP=0
> 13:59:27 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=1602
> DF PROTO=TCP SPT=3055 DPT=57 WINDOW=8192 RES=0x00 SYN URGP=0
> 13:59:51 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=35910
> DF PROTO=TCP SPT=3440 DPT=21 WINDOW=8192 RES=0x00 SYN URGP=0
> 13:59:54 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=3655
> DF PROTO=TCP SPT=3440 DPT=21 WINDOW=8192 RES=0x00 SYN URGP=0
> 14:00:00 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=16968
> DF PROTO=TCP SPT=3440 DPT=21 WINDOW=8192 RES=0x00 SYN URGP=0
> 14:00:12 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=216.229.14.18 DST=XX.XX.XX.XX LEN=44 TOS=0x00 PREC=0x00
> TTL=108 ID=23627
> DF PROTO=TCP SPT=3440 DPT=21 WINDOW=8192 RES=0x00 SYN URGP=0
> 14:25:47 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30111 DPT=1026 LEN=410
> 14:33:02 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=374
> 14:58:40 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=20818
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 15:24:07 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=64.39.236.210 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00
> TTL=49 ID=46134
> DF PROTO=TCP SPT=1806 DPT=53 WINDOW=32120 RES=0x00 SYN URGP=0
> 15:42:15 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=4.63.224.255 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=112 ID=15963
> DF PROTO=TCP SPT=3452 DPT=1 WINDOW=16384 RES=0x00 SYN URGP=0
> 15:48:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 15:58:25 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=27106 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 15:59:41 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=63561
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 15:59:46 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=48414 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 16:00:35 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=56926 PROTO=TCP SPT=38603 DPT=1080 WINDOW=16384 RES=0x00 SYN URGP=0
> 16:00:35 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=58642 PROTO=TCP SPT=16040 DPT=1075 WINDOW=16384 RES=0x00 SYN URGP=0
> 16:00:35 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=35466 PROTO=TCP SPT=3521 DPT=4588 WINDOW=16384 RES=0x00 SYN URGP=0
> 16:00:35 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=25181 PROTO=TCP SPT=55654 DPT=6588 WINDOW=16384 RES=0x00 SYN URGP=0
> 16:00:35 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=200.152.97.160 DST=XX.XX.XX.XX LEN=40 TOS=0x10 PREC=0x00 TTL=236
> ID=27196 PROTO=TCP SPT=54439 DPT=3128 WINDOW=16384 RES=0x00 SYN URGP=0
> 16:01:31 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=39972 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 16:12:40 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=56280 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 16:15:16 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 16:55:13 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=40706 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 17:05:01 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=33549
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 17:09:55 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=52230 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 17:10:34 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30111 DPT=1026 LEN=410
> 17:26:35 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=44222 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 17:40:25 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=11406 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 17:42:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=22486 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 17:43:32 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.0.82.21 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00 TTL=117
> ID=27609 DF
> PROTO=TCP SPT=4952 DPT=57 WINDOW=16384 RES=0x00 SYN URGP=0
> 17:43:35 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.0.82.21 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00 TTL=117
> ID=28269 DF
> PROTO=TCP SPT=4952 DPT=57 WINDOW=16384 RES=0x00 SYN URGP=0
> 17:43:41 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.0.82.21 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00 TTL=117
> ID=29599 DF
> PROTO=TCP SPT=4952 DPT=57 WINDOW=16384 RES=0x00 SYN URGP=0
> 17:57:19 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=61.154.122.251 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00
> TTL=43 ID=0 DF
> PROTO=TCP SPT=1485 DPT=6588 WINDOW=31704 RES=0x00 SYN URGP=0
> 18:06:33 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=19804
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 18:17:22 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=12.5.50.82 DST=XX.XX.XX.XX LEN=43 TOS=0x00 PREC=0x00 TTL=16 ID=0
> PROTO=TCP SPT=31464 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0
> 18:28:36 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=24.97.227.150 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00
> TTL=50 ID=27518
> DF PROTO=TCP SPT=52723 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
> 18:28:39 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=24.97.227.150 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00
> TTL=50 ID=27519
> DF PROTO=TCP SPT=52723 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
> 18:28:55 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=67.164.251.254 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00 TTL=111
> ID=56358 DF PROTO=TCP SPT=1347 DPT=17300 WINDOW=64240 RES=0x00 SYN URGP=0
> 18:30:09 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=394 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30113 DPT=1026 LEN=374
> 18:42:24 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 18:45:45 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=66.12.127.142 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=114 ID=30662
> DF PROTO=TCP SPT=1888 DPT=57 WINDOW=64240 RES=0x00 SYN URGP=0
> 18:45:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=66.12.127.142 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=114 ID=31192
> DF PROTO=TCP SPT=1888 DPT=57 WINDOW=64240 RES=0x00 SYN URGP=0
> 18:45:54 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=66.12.127.142 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=114 ID=32184
> DF PROTO=TCP SPT=1888 DPT=57 WINDOW=64240 RES=0x00 SYN URGP=0
> 19:09:51 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=35223
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 19:21:05 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=195.238.3.12 DST=XX.XX.XX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=48941
> DF PROTO=TCP SPT=14175 DPT=25 WINDOW=33580 RES=0x00 RST URGP=0
> 19:30:44 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=349 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=329
> 20:13:40 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=59312
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 20:21:08 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30099 DPT=1026 LEN=299
> 21:17:49 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 21:18:44 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=40218
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 21:25:38 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=64.222.179.211 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00 TTL=113
> ID=17964 DF PROTO=TCP SPT=3375 DPT=3410 WINDOW=16384 RES=0x00 SYN URGP=0
> 21:33:10 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=211.160.164.45 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00
> TTL=35 ID=31403
> DF PROTO=TCP SPT=4131 DPT=21 WINDOW=32120 RES=0x00 SYN URGP=0
> 21:33:13 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=211.160.164.45 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00
> TTL=35 ID=31627
> DF PROTO=TCP SPT=4131 DPT=21 WINDOW=32120 RES=0x00 SYN URGP=0
> 21:33:19 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=211.160.164.45 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00
> TTL=35 ID=32850
> DF PROTO=TCP SPT=4131 DPT=21 WINDOW=32120 RES=0x00 SYN URGP=0
> 21:33:31 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=211.160.164.45 DST=XX.XX.XX.XX LEN=60 TOS=0x00 PREC=0x00
> TTL=35 ID=34806
> DF PROTO=TCP SPT=4131 DPT=21 WINDOW=32120 RES=0x00 SYN URGP=0
> 22:07:52 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 22:08:43 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.114.26.67 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=113 ID=19456
> DF PROTO=TCP SPT=2453 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=44203
> 22:08:46 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.114.26.67 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=113 ID=19606
> DF PROTO=TCP SPT=2453 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=44203
> 22:08:52 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.114.26.67 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=113 ID=19955
> DF PROTO=TCP SPT=2453 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0
> 22:20:32 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=43288
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 22:30:48 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=172.154.123.228 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=115 ID=330
> DF PROTO=TCP SPT=3733 DPT=901 WINDOW=16384 RES=0x00 SYN URGP=0
> 22:32:33 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 22:55:53 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> 23:20:45 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=68.37.38.118 DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00
> TTL=112 ID=17610
> DF PROTO=TCP SPT=2668 DPT=17300 WINDOW=16384 RES=0x00 SYN URGP=0
> 23:25:14 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=80.15.37.23 DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00
> TTL=243 ID=32076
> PROTO=UDP SPT=32783 DPT=1026 LEN=564
> 23:50:41 INPUT IN=eth1 OUT= MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00
> SRC=218.15.192.64 DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00
> TTL=44 ID=0 DF
> PROTO=UDP SPT=30112 DPT=1026 LEN=299
> ------------------------------------------------------------------
> ----------
> --------
> And then this is what I get back (with a few mungings)
> ------------------------------------------------------------------
> ----------
> --------
>
>                Authorized Userid: MYUserID
>                           Format: IPTABLES
>                         Timezone: +05:00
>
>                    Lines in file: 196
>                   Lines rejected: 196
> Unique lines written to database: 1
>   identical lines are added up on import.
>
>   rejected lines (up to 10)
>   -> IPCop firewall log
>
>   -> Date: 15 August
>
>   -> 00:07:17 INPUT IN=eth1 OUT=
> MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00 SRC=212.70.37.155
> DST=XX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00 TTL=106 ID=64135 DF PROTO=TCP
> SPT=3817 DPT=17300 WINDOW=8760 RES=0x00 SYN URGP=0
>
>   -> 00:07:49 INPUT IN=eth1 OUT=
> MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00 SRC=80.15.37.23
> DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00 TTL=243 ID=40190 PROTO=UDP
> SPT=32783 DPT=1026 LEN=564
>
>   -> 00:27:29 INPUT IN=eth1 OUT=
> MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00 SRC=64.156.39.12
> DST=XX.XX.XX.XX LEN=574 TOS=0x00 PREC=0x00 TTL=116 ID=9785
> PROTO=UDP SPT=666
> DPT=1026 LEN=554
>
>   -> 00:28:43 INPUT IN=eth1 OUT=
> MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00 SRC=218.15.192.64
> DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00 TTL=44 ID=0 DF PROTO=UDP
> SPT=30112 DPT=1026 LEN=299
>
>   -> 00:39:44 INPUT IN=eth1 OUT=
> MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00 SRC=218.15.192.64
> DST=XX.XX.XX.XX LEN=430 TOS=0x00 PREC=0x00 TTL=44 ID=0 DF PROTO=UDP
> SPT=30099 DPT=1026 LEN=410
>
>   -> 01:13:21 INPUT IN=eth1 OUT=
> MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00 SRC=80.15.37.23
> DST=XX.XX.XX.XX LEN=584 TOS=0x00 PREC=0x00 TTL=243 ID=35169 PROTO=UDP
> SPT=32783 DPT=1026 LEN=564
>
>   -> 01:31:33 INPUT IN=eth1 OUT=
> MAC=00:00:e8:e1:d7:a2:00:02:4b:7a:5a:8c:08:00 SRC=218.15.192.64
> DST=XX.XX.XX.XX LEN=319 TOS=0x00 PREC=0x00 TTL=44 ID=0 DF PROTO=UDP
> SPT=30099 DPT=1026 LEN=299
>
>
> Lines written to database (up to 10):
>
>
>
>   Thanks a lot for your input
>
>
>
> Subject: FORMAT IPTABLES USERID 48354514 TZ +05:00 WEBSUBMIT XX.XX.XX.XX
> From: me at myemail.address
> PGP: NO
> ------------------------------------------------------------------
> ----------
> -
> So, why am I getting NOTHING accepted?  I'm not munging, by the way, for
> my input; I'm only munging for this email address, everything else is
> fine.
>
> When I put one of these lines through the parser checker, it seems to be
> ok, although there is a field with a lot of the extra information.  Anyone
> have a clue as to what's wrong?
>
> Bill Ward





More information about the list mailing list