SSH Port 22 has been opened by me for purpose of troubleshooting the ClamAV issues. Will ask for a specific IP from the Zentyal support. Closing it now.
Den tis 3 sep. 2019 14:48Gene Heskett via clamav-users < [email protected]> skrev: > On Tuesday 03 September 2019 06:20:58 G.W. Haywood via clamav-users > wrote: > > > Hi there, > > > > On Tue, 3 Sep 2019, Birger Birger via clamav-users wrote: > > > Sep 3 10:43:22 zentyal kernel: [266193.080510] zentyal-firewall > > > drop IN= OUT=eth0 SRC=192.168.1.30 DST=104.16.218.84 LEN=40 TOS=0x00 > > > PREC=0x00 TTL=64 ID=52480 DF PROTO=TCP SPT=51666 DPT=80 WINDOW=9057 > > > RES=0x00 ACK FIN URGP=0 MARK=0x1 > > > > That's a Cloudflare destination IP. You see it in your freshclam log. > > Cloudflare delivers the ClamAV data and you're dropping packets sent > > to it from 192.168.1.30. I guess that's your immediate problem. > > > > Another question about "Ubuntu Syslog". > > > > > Sep 3 10:41:17 zentyal kernel: [266068.432972] zentyal-firewall > > > drop IN=eth0 OUT= MAC=00:0c:29:be:5d:f2:00:1d:aa:69:86:78:08:00 > > > SRC=112.85.42.229 DST=192.168.1.30 LEN=67 TOS=0x00 PREC=0x00 TTL=46 > > > ID=58277 DF PROTO=TCP SPT=14305 DPT=22 WINDOW=229 RES=0x00 ACK PSH > > > UR$ > > > > The IP address 112.85.42.229 appears to be in Shanghai, and it appears > > that it's trying to make SSH connections to 192.168.1.30. If that > > were my router, I would not let these attempts through it. > > > That router is passing stuff that should never get past it UNLESS you > have set a Port Forward NAT. If you have NOT set that up, it will get > you hacked, so apply a hammer to "take it out of the gene pool" and > deposit the remains in the outgoing trash forthwith and replace it with > something you can reflash to dd-wrt. Nothing comes in thru dd-wrt that > you don't specifically allow, and has stood guard here for nearly 20 > years now. Unlike guard dogs, it never sleeps. > > > I repeat that I sugggest you upgrade ClamAV to the latest version. > > > Cheers, Gene Heskett > -- > "There are four boxes to be used in defense of liberty: > soap, ballot, jury, and ammo. Please use in that order." > -Ed Howdershelt (Author) > If we desire respect for the law, we must first make the law respectable. > - Louis D. Brandeis > Genes Web page <http://geneslinuxbox.net:6309/gene> > > _______________________________________________ > > clamav-users mailing list > [email protected] > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
