from:"Daniele De Lorenzi"

Re: [Efw-user] Logwatch summary doesn't match firewall log

2018-05-23 Thread Daniele De Lorenzi

Hi Brad,

we have verified and opened an issue on our bugtracker
https://jira.endian.com/browse/CORE-2487

Thank you very much for your report!

Daniele


From: Brad Morgan 
> Date: 2018-05-22 0:16 GMT+02:00
> Subject: [Efw-user] Logwatch summary doesn't match firewall log
> To: efw-user@lists.sourceforge.net
>
>
> I’m trying to reconcile a discrepancy in the logwatch summary with the
> contents of the /var/log/firewall log file.
>
>
>
> The summary (below) shows 32 packets dropped but the firewall log file
> (5.8MB) has 27,822 lines (3,242 for port 3389). I can provide the .log file
> if needed. Why doesn’t the logwatch show thousands of dropped packets?
>
>
>
> If the summary isn’t looking at the firewall log, what is it looking at?
> How can I feed the firewall.log file into logwatch to get a proper summary?
>
>
>
> We were being attacked at a fairly high rate on port 3389 and the internal
> systems the ports forwarded to were suffering (we have a /29 block of
> addresses). I have temporarily turned off the port forwards so now the
> firewall is blocking the traffic. I’m trying to determine the best solution
> for blocking the unwanted attacks at the firewall while still allowing the
> legitimate users access to the systems.
>
>
>
> ### Logwatch 7.3.6 (05/19/07) 
>
> Processing Initiated: Mon May 21 01:25:02 2018
>
>Date Range Processed: yesterday
>
>   ( 2018-May-20 )
>
>   Period is day.
>
>   Detail Level of Output: 0
>
>   Type of Output: unformatted
>
>Logfiles for Host: wscfw.westsidecares.local
>
> ##
>
>  - iptables firewall Begin 
>
>
>
> Listed by source hosts:
>
>
>
> Dropped 32 packets on interface eth1
>
>From 10.1.10.1 - 3 packets to igmp(0)
>
>From 23.23.241.229 - 2 packets to tcp(3389)
>
>From 23.24.132.201 - 1 packet to tcp(23)
>
>From 23.24.142.198 - 2 packets to igmp(0)
>
>From 46.174.191.29 - 1 packet to tcp(8080)
>
>From 49.51.85.194 - 2 packets to tcp(3389)
>
>From 51.15.146.248 - 3 packets to tcp(3389)
>
>From 90.151.207.87 - 1 packet to tcp(23)
>
>From 107.155.164.102 - 2 packets to tcp(8141,8802)
>
>From 113.197.36.89 - 1 packet to tcp(3389)
>
>From 129.205.143.58 - 1 packet to tcp(23)
>
>From 139.60.160.173 - 2 packets to tcp(3389)
>
>From 162.244.34.113 - 1 packet to tcp(3389)
>
>From 185.244.25.136 - 1 packet to udp(53413)
>
>From 195.29.61.46 - 3 packets to tcp(3389)
>
>From 200.116.108.65 - 1 packet to tcp(3389)
>
>From 212.129.41.52 - 1 packet to tcp(22)
>
>From 212.154.6.104 - 1 packet to tcp(23)
>
>From 218.204.51.186 - 3 packets to tcp(3389)
>
>
>
>  -- iptables firewall End -
>
>  ## Logwatch End #
>
>
>
>
>
>
>
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Efw-user mailing list
> Efw-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/efw-user
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user

Re: [Efw-user] Installation on kvm

2019-01-29 Thread Daniele De Lorenzi

I think it might be the ISO corrupted could you please try to re-download
the ISO?
We also using KVM with Virtio and it works smoothly

Daniele

On Mon, Jan 28, 2019 at 7:27 PM albi  wrote:

> > which configuration you have done on this VM? I mean for the HDD which
> > controller have you set? virtio, SATA, IDE?
>
> I think Virtio. I used profile ubuntu 14.04, but I think I tried  linux
> general too.
>
>
> ALBI...
>
>
>
> ___
> Efw-user mailing list
> Efw-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/efw-user
>


-- 
:: Endian
:: Securing everyThing

:: Daniele De Lorenzi
:: Phone +39 0471 631763
:: Fax +39 0471 631764
:: http://www.endian.com
:: d.delore...@endian.com
___
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user

Re: [Efw-user] Installation on kvm

2019-01-28 Thread Daniele De Lorenzi

Hi Albi,

which configuration you have done on this VM? I mean for the HDD which
controller have you set? virtio, SATA, IDE?

Daniele

On Sat, Jan 26, 2019 at 3:06 PM albi  wrote:

> I tried to install efw on kvm via virt-manager, but after installation
> system does not boot.
> Hangs directly on access to harddisk.
> Any tips how can make it run?
>
>
>
> ALBI...
>
>
> ___
> Efw-user mailing list
> Efw-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/efw-user
>


-- 
:: Endian
:: Securing everyThing

:: Daniele De Lorenzi
:: Phone +39 0471 631763
:: Fax +39 0471 631764
:: http://www.endian.com
:: d.delore...@endian.com
___
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user

Re: [Efw-user] Installation hang

2019-02-03 Thread Daniele De Lorenzi

Usually this is caused by UEFI,
If the motherboard have UEFI enabled, please try to disable it

Daniele

On Mon, Feb 4, 2019 at 7:25 AM Solet  wrote:

> I have attempted installing both 3.3 and 3.2 on a  GIGABYTE B360N WIFI
> LGA 1151 (300 Series)
> <https://www.newegg.com/Product/Product.aspx?Item=N82E16813145066>motherboard
> running an intel celeron g4920. has 4 gig of kingston ram and a kingston
> ssd-- i know the box is sound because i'm able to install ubuntu (whatever
> the latest lts was) on it and run that just fine.
>
> when i attempt to install efw i get to the grub screen and hit enter. i
> get a black screen, or a black screen that reads "Booting `boot'" both hang
> indefinitely. Very occasionally i will get the indefinite hang for a few
> minutes before a sustained pc beep "scream" that does not stop until i cut
> power to the box.
>
> I am at a total loss. i have confirmed the install media (flash drive)
> multiple times. i have rebuilt it multiple times various different ways,
> the most recent being dd if=/path/to/my.iso of=/dev/sdb so i knew i was
> getting a clean iso transfer.
>
>
> ideas?
>
>
> <http://www.avg.com/email-signature?utm_medium=email_source=link_campaign=sig-email_content=webmail>
>  Virus-free.
> www.avg.com
> <http://www.avg.com/email-signature?utm_medium=email_source=link_campaign=sig-email_content=webmail>
> <#m_232746905974265402_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
> ___
> Efw-user mailing list
> Efw-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/efw-user
>


-- 
:: Endian
:: Securing everyThing

:: Daniele De Lorenzi
:: Phone +39 0471 631763
:: Fax +39 0471 631764
:: http://www.endian.com
:: d.delore...@endian.com
___
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user

Re: [Efw-user] Logwatch summary doesn't match firewall log

Re: [Efw-user] Installation on kvm

Re: [Efw-user] Installation on kvm

Re: [Efw-user] Installation hang

4 matches

Site Navigation

Mail list logo

Footer information