Script ใข้งาน cpu หนัก

thaiman2521 · September 19, 2005, 9:19am

[root@ns root]# dmesg
DPT=138 LEN=218
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33323 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:f1:8f:7a:08:00 SRC=202.xxx.xxx.138 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=39163 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33325 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:27:ae:0a:08:00 SRC=202.xxx.xxx.24 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=1275 PROTO=UDP SPT=138 DPT=138 LEN=209
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=57646 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=61.152.158.123 DST=202.xxx.xxx.160 LEN=339 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=UDP SPT=34723 DPT=1027 LEN=319
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33327 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=202.xxx.xxx.184 DST=202.xxx.xxx.255 LEN=96 TOS=0x00 PREC=0x00 TTL=128 ID=35019 PROTO=UDP SPT=137 DPT=137 LEN=76
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33329 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=1416 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=202.xxx.xxx.184 DST=202.xxx.xxx.255 LEN=237 TOS=0x00 PREC=0x00 TTL=128 ID=36646 PROTO=UDP SPT=138 DPT=138 LEN=217
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:05:68:2a:08:00 SRC=202.xxx.xxx.204 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=53368 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=202.xxx.xxx.184 DST=202.xxx.xxx.255 LEN=237 TOS=0x00 PREC=0x00 TTL=128 ID=37424 PROTO=UDP SPT=138 DPT=138 LEN=217
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33333 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=10672 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33334 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:22:41:74:08:00 SRC=202.xxx.xxx.238 DST=202.xxx.xxx.255 LEN=234 TOS=0x00 PREC=0x00 TTL=128 ID=58660 PROTO=UDP SPT=138 DPT=138 LEN=214
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33336 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0f:ea:30:98:8c:08:00 SRC=202.xxx.xxx.241 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=3408 PROTO=UDP SPT=138 DPT=138 LEN=209
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=20385 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33338 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=207.119.106.101 DST=202.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=45204 DF PROTO=TCP SPT=3609 DPT=15118 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b3:e9:6d:70:08:00 SRC=202.xxx.xxx.222 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=37607 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33340 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33341 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=32043 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33342 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33343 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33344 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33345 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=47859 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33346 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:05:62:43:08:00 SRC=202.xxx.xxx.50 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=59388 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=203.148.250.249 DST=202.xxx.xxx.160 LEN=60 TOS=0x10 PREC=0x00 TTL=58 ID=22465 DF PROTO=TCP SPT=54427 DPT=113 WINDOW=5840 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=203.148.250.249 DST=202.xxx.xxx.160 LEN=60 TOS=0x10 PREC=0x00 TTL=58 ID=22466 DF PROTO=TCP SPT=54427 DPT=113 WINDOW=5840 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:25:9d:11:08:00 SRC=202.xxx.xxx.35 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=58516 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:27:ae:0a:08:00 SRC=202.xxx.xxx.24 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=8027 PROTO=UDP SPT=138 DPT=138 LEN=209
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=59706 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:70:d7:46:d9:08:00 SRC=202.xxx.xxx.37 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=42963 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b3:e9:6d:70:08:00 SRC=202.xxx.xxx.222 DST=202.xxx.xxx.255 LEN=238 TOS=0x00 PREC=0x00 TTL=128 ID=50462 PROTO=UDP SPT=138 DPT=138 LEN=218
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:50:24:a6:08:00 SRC=202.xxx.xxx.31 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=41641 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:25:9d:11:08:00 SRC=202.xxx.xxx.35 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=62786 PROTO=UDP SPT=137 DPT=137 LEN=58
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=5222 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=202.xxx.xxx.184 DST=202.xxx.xxx.255 LEN=237 TOS=0x00 PREC=0x00 TTL=128 ID=50915 PROTO=UDP SPT=138 DPT=138 LEN=217
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:05:68:2a:08:00 SRC=202.xxx.xxx.204 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=62878 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=202.xxx.xxx.184 DST=202.xxx.xxx.255 LEN=237 TOS=0x00 PREC=0x00 TTL=128 ID=52620 PROTO=UDP SPT=138 DPT=138 LEN=217
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33357 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=17085 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:22:41:74:08:00 SRC=202.xxx.xxx.238 DST=202.xxx.xxx.255 LEN=242 TOS=0x00 PREC=0x00 TTL=128 ID=58830 PROTO=UDP SPT=138 DPT=138 LEN=222
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33358 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33359 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:05:62:43:08:00 SRC=202.xxx.xxx.50 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=62885 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33361 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=28729 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b3:e9:6d:70:08:00 SRC=202.xxx.xxx.222 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=62305 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33363 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:22:41:74:08:00 SRC=202.xxx.xxx.238 DST=202.xxx.xxx.255 LEN=234 TOS=0x00 PREC=0x00 TTL=128 ID=58843 PROTO=UDP SPT=138 DPT=138 LEN=214
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:94:22:bd:08:00 SRC=202.xxx.xxx.129 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=46858 PROTO=UDP SPT=138 DPT=138 LEN=209
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=41215 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=61.235.154.103 DST=202.xxx.xxx.160 LEN=483 TOS=0x00 PREC=0x00 TTL=44 ID=0 DF PROTO=UDP SPT=41694 DPT=1026 LEN=463
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0b:6a:89:a7:f7:08:00 SRC=202.xxx.xxx.168 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=59597 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:05:68:2a:08:00 SRC=202.xxx.xxx.204 DST=202.xxx.xxx.255 LEN=233 TOS=0x00 PREC=0x00 TTL=128 ID=2118 PROTO=UDP SPT=138 DPT=138 LEN=213
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:f1:8f:7a:08:00 SRC=202.xxx.xxx.138 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=39842 PROTO=UDP SPT=137 DPT=137 LEN=58
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=61641 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:f1:8f:7a:08:00 SRC=202.xxx.xxx.138 DST=202.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=42602 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33371 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:27:ae:0a:08:00 SRC=202.xxx.xxx.24 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=14010 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33373 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=9588 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:14:22:09:e4:1e:08:00 SRC=202.xxx.xxx.23 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=21746 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:29:57:7a:ac:08:00 SRC=202.xxx.xxx.209 DST=202.xxx.xxx.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=3086 PROTO=UDP SPT=138 DPT=138 LEN=182
INVALID INPUT packet: IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=64.89.65.158 DST=202.xxx.xxx.160 LEN=56 TOS=0x00 PREC=0x00 TTL=243 ID=13382 PROTO=ICMP TYPE=3 CODE=3 [SRC=202.xxx.xxx.160 DST=66.147.85.13 LEN=908 TOS=0x00 PREC=0x00 TTL=117 ID=9428 PROTO=UDP SPT=10651 DPT=1026 LEN=888 ]
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b3:e9:6d:70:08:00 SRC=202.xxx.xxx.222 DST=202.xxx.xxx.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=3828 PROTO=UDP SPT=138 DPT=138 LEN=182
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.230.196 DST=202.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=55109 DF PROTO=TCP SPT=3958 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.230.196 DST=202.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=55394 DF PROTO=TCP SPT=3958 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:f1:8f:7a:08:00 SRC=202.xxx.xxx.138 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=2819 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:05:68:2a:08:00 SRC=202.xxx.xxx.204 DST=202.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=5951 PROTO=UDP SPT=138 DPT=138 LEN=209
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=23167 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=33379 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b3:e9:6d:70:08:00 SRC=202.xxx.xxx.222 DST=202.xxx.xxx.255 LEN=238 TOS=0x00 PREC=0x00 TTL=128 ID=6165 PROTO=UDP SPT=138 DPT=138 LEN=218

pizzaman911 · September 19, 2005, 10:05am

dmesg ที่ส่งมาเหมือนจะไม่ครบแฮะ เพราะช่วง bootup มันไม่มาด้วย
เอาแบบนี้แล้วกัน

cat /var/log/boot.log*

thaiman2521 · September 19, 2005, 11:10am

[root@ns root]# cat /var/log/boot.log*
Sep 13 07:59:58 ns mysqld: Stopping MySQL: succeeded
Sep 13 08:00:10 ns mysqld: Starting MySQL: succeeded
Sep 13 08:01:18 ns httpd: httpd shutdown succeeded
Sep 13 08:01:40 ns httpd: httpd startup succeeded
Sep 13 21:49:44 ns httpd: httpd shutdown succeeded
Sep 13 21:49:56 ns httpd: httpd startup succeeded
Sep 15 14:59:49 ns httpd: httpd shutdown succeeded
Sep 15 15:00:03 ns httpd: httpd startup succeeded
Sep 15 15:01:29 ns qmail: qmail-send shutdown succeeded
Sep 15 15:01:30 ns qmail: Starting qmail: succeeded
Sep 15 15:02:34 ns named: succeeded
Sep 15 15:02:37 ns named: named startup succeeded
Sep 15 19:26:12 ns httpd: httpd shutdown succeeded
Sep 15 19:30:01 ns httpd: httpd startup succeeded
Sep 8 11:09:29 ns mysqld: Stopping MySQL: succeeded
Sep 8 11:10:52 ns mysqld: Starting MySQL: succeeded
Sep 8 11:11:28 ns httpd: httpd shutdown succeeded
Sep 8 11:11:42 ns httpd: httpd startup succeeded
Aug 29 10:14:01 ns syslog: syslogd startup succeeded
Aug 29 10:14:01 ns syslog: klogd startup succeeded
Aug 29 10:14:01 ns irqbalance: irqbalance startup succeeded
Aug 29 10:14:02 ns nfslock: rpc.statd startup succeeded
Aug 29 10:14:02 ns random: Initializing random number generator: succeeded
Aug 29 10:14:03 ns netfs: Mounting other filesystems: succeeded
Aug 29 10:14:03 ns apmd: apmd startup succeeded
Aug 29 10:14:05 ns autofs: automount startup succeeded
Aug 29 10:14:05 ns smartd: smartd startup succeeded
Aug 29 10:14:07 ns arno: ^[[40m^[[1;32mArno’s IPTABLES Firewall Script v1.8.2^[[0m
Aug 29 10:14:07 ns arno: ---------------------------------------------------------------
Aug 29 10:14:07 ns arno: Sanity checks passed…OK
Aug 29 10:14:07 ns arno: Detected IPTABLES module… Loading additional IPTABLES modules:
Aug 29 10:14:10 ns arno: All IPTABLES modules loaded!
Aug 29 10:14:11 ns arno:
Aug 29 10:14:11 ns arno: External (internet) interface (EXT_IF) : eth0
Aug 29 10:14:11 ns arno: ---------------------------------------------------------------
Aug 29 10:14:11 ns arno: Flushing rules in the filter table.
Aug 29 10:14:11 ns arno: Setting default secure policies.
Aug 29 10:14:11 ns arno: Enabling anti-spoof with rp_filter.
Aug 29 10:14:11 ns arno: Enabling SYN-flood protection via SYN-cookies.
Aug 29 10:14:12 ns arno: Disabling the logging of martians.
Aug 29 10:14:12 ns arno: Disabling the acception of ICMP-redirect messages.
Aug 29 10:14:12 ns arno: Setting the max. amount of simultaneous connections to 4096 (default).
Aug 29 10:14:12 ns arno: Enabling reduction of the DoS’ing ability.
Aug 29 10:14:12 ns arno: Disabling ECN (Explicit Congestion Notification).
Aug 29 10:14:13 ns arno: Using loglevel info for syslogd.
Aug 29 10:14:13 ns arno: Enabling setting the maximum packet size via MSS.
Aug 29 10:14:13 ns arno: Accepting packets from the local loopback device.
Aug 29 10:14:13 ns arno: Logging of INVALID packets enabled.
Aug 29 10:14:13 ns arno: Logging of DHCP broadcasts disabled.
Aug 29 10:14:14 ns arno: Logging of ICMP flooding enabled.
Aug 29 10:14:14 ns arno: Logging of stealth scans (nmap probes etc.) enabled.
Aug 29 10:14:14 ns arno: Logging of packets with bad TCP-flags enabled.
Aug 29 10:14:14 ns arno: Logging of fragmented packets enabled.
Aug 29 10:14:14 ns arno: Logging of access from reserved addresses enabled.
Aug 29 10:14:14 ns arno:
Aug 29 10:14:15 ns arno: Setting host and port policies
Aug 29 10:14:15 ns arno: ------------------------------
Aug 29 10:14:15 ns arno: Logging of probable “lost connections” disabled.
Aug 29 10:14:15 ns arno: Logging of explicitly blocked hosts enabled.
Aug 29 10:14:15 ns arno: Logging of explicitly denied packets enabled.
Aug 29 10:14:15 ns arno: Logging of explicitly rejected packets disabled.
Aug 29 10:14:15 ns arno: Allowing DNS server 203.155.33.1 to connect to UDP port 53.
Aug 29 10:14:15 ns arno: Enabling protection against DRDOS-abuse.
Aug 29 10:14:15 ns arno: Allowing host(s) 202.xxx.xxx.xxx to have full access.
Aug 29 10:14:15 ns arno: Allowing host(s) 202.xxx.xxx.xxx to have full access.
Aug 29 10:14:15 ns arno: Allowing host(s) 202.xxx.xxx.xxx to have full access.
Aug 29 10:14:15 ns arno: Packets will be checked for private source addresses.
Aug 29 10:14:15 ns arno: Allowing the whole world to connect to TCP port(s): 21 25 53 80 110 143 443 8443 161 3306.
Aug 29 10:14:15 ns arno: Allowing the whole world to connect to UDP port(s): 21 25 53 80 110 143 443 8443 161 3306.
Aug 29 10:14:15 ns arno: Allowing the whole world to send ICMP-requests.
Aug 29 10:14:15 ns arno: Logging of dropped ICMP packets enabled.
Aug 29 10:14:15 ns arno: Logging of possible stealth scans enabled.
Aug 29 10:14:15 ns arno: Logging of (other) connection attempts to PRIVILEGED TCP ports enabled.
Aug 29 10:14:15 ns arno: Logging of (other) connection attempts to PRIVILEGED UDP ports enabled.
Aug 29 10:14:15 ns arno: Logging of (other) connection attempts to UNPRIVILEGED TCP ports enabled.
Aug 29 10:14:15 ns arno: Logging of “Normal” connection attempts to UNPRIVILEGED UDP ports enabled.
Aug 29 10:14:15 ns arno: Logging of other IP protocols (non TCP/UDP/ICMP) connection attempts enabled.
Aug 29 10:14:15 ns arno: Security is ENFORCED on the FORWARD chain.
Aug 29 10:14:15 ns arno: Enabling mangling TOS.
Aug 29 10:14:15 ns arno:
Aug 29 10:14:15 ns arno: Aug 29 10:14:15 ^[[40m^[[1;32mAll firewall rules applied.^[[0m
Aug 29 10:14:15 ns rc: Starting arno: succeeded
Aug 29 10:14:16 ns named: named startup succeeded
Aug 29 10:14:17 ns sshd: succeeded
Aug 29 10:14:18 ns xinetd: xinetd startup succeeded
Aug 29 10:14:31 ns mysqld: Starting MySQL: succeeded
Aug 29 10:14:32 ns courier-imap: Starting imapd succeeded
Aug 29 10:14:32 ns courier-imap: Starting imap-ssl succeeded
Aug 29 10:14:33 ns courier-imap: Starting pop3 succeeded
Aug 29 10:14:33 ns courier-imap: Starting pop3-ssl succeeded
Aug 29 10:14:35 ns qmail: Starting qmail: succeeded
Aug 29 10:14:42 ns spamassassin: spamd startup succeeded
Aug 29 10:15:00 ns psa-spamassassin: Starting psa-spamassassin service: succeeded
Aug 29 10:15:02 ns gpm: gpm startup succeeded
Aug 29 10:15:19 ns httpd: httpd startup succeeded
Aug 29 10:16:17 ns psa-spamassassin: Starting psa-spamassassin service: succeeded
Aug 29 10:16:21 ns psa: Starting Plesk: succeeded
Aug 29 10:16:21 ns httpd: httpd shutdown succeeded
Aug 29 10:16:22 ns crond: crond startup succeeded
Aug 29 10:16:23 ns xfs: xfs startup succeeded
Aug 29 10:16:24 ns anacron: anacron startup succeeded
Aug 29 10:16:24 ns atd: atd startup succeeded
Aug 29 10:30:13 ns httpd: httpd startup succeeded
Aug 29 10:59:40 ns httpd: httpd shutdown failed
Aug 29 11:00:51 ns httpd: httpd shutdown succeeded
Aug 29 11:26:39 ns httpd: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
Aug 29 11:26:39 ns httpd: no listening sockets available, shutting down
Aug 29 11:26:39 ns httpd: Unable to open logs
Aug 29 11:26:39 ns httpd: httpd startup failed
Aug 29 11:28:34 ns httpd: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
Aug 29 11:28:34 ns httpd: no listening sockets available, shutting down
Aug 29 11:28:34 ns httpd: Unable to open logs
Aug 29 11:28:34 ns httpd: httpd startup failed
Aug 29 11:31:38 ns atd: atd shutdown succeeded
Aug 29 11:31:39 ns xfs: xfs shutdown succeeded
Aug 29 11:31:39 ns mysqld: Stopping MySQL: succeeded
Aug 29 11:31:40 ns gpm: gpm shutdown succeeded
Aug 29 11:31:42 ns psa: Stopping Plesk: succeeded
Aug 29 11:31:42 ns sshd: sshd -TERM succeeded
Aug 29 11:31:44 ns courier-imap: Stopping imap succeeded
Aug 29 11:31:44 ns courier-imap: Stopping imap-ssl succeeded
Aug 29 11:31:44 ns courier-imap: Stopping pop3 succeeded
Aug 29 11:31:44 ns courier-imap: Stopping pop3-ssl succeeded
Aug 29 11:31:45 ns qmail: qmail-send shutdown succeeded
Aug 29 11:31:46 ns spamassassin: succeeded
Aug 29 11:31:47 ns smartd: smartd shutdown succeeded
Aug 29 11:31:47 ns named: succeeded
Aug 29 11:31:48 ns xinetd: xinetd shutdown succeeded
Aug 29 11:31:49 ns crond: crond shutdown succeeded
Aug 29 11:31:51 ns apmd: apmd shutdown succeeded
Aug 29 11:31:52 ns dd: 1+0 records in
Aug 29 11:31:52 ns dd: 1+0 records out
Aug 29 11:31:52 ns random: Saving random seed: succeeded
Aug 29 11:31:52 ns nfslock: rpc.statd shutdown failed
Aug 29 11:34:51 ns syslog: syslogd startup succeeded
Aug 29 11:34:51 ns syslog: klogd startup succeeded
Aug 29 11:34:52 ns irqbalance: irqbalance startup succeeded
Aug 29 11:34:52 ns nfslock: rpc.statd startup succeeded
Aug 29 11:34:53 ns random: Initializing random number generator: succeeded
Aug 29 11:34:53 ns netfs: Mounting other filesystems: succeeded
Aug 29 11:34:54 ns apmd: apmd startup succeeded
Aug 29 11:34:55 ns autofs: automount startup succeeded
Aug 29 11:34:56 ns smartd: smartd startup succeeded
Aug 29 11:34:57 ns arno: ^[[40m^[[1;32mArno’s IPTABLES Firewall Script v1.8.2^[[0m
Aug 29 11:34:57 ns arno: ---------------------------------------------------------------
Aug 29 11:34:58 ns arno: Sanity checks passed…OK
Aug 29 11:34:58 ns arno: Detected IPTABLES module… Loading additional IPTABLES modules:
Aug 29 11:35:01 ns arno: All IPTABLES modules loaded!
Aug 29 11:35:02 ns arno:
Aug 29 11:35:02 ns arno: External (internet) interface (EXT_IF) : eth0
Aug 29 11:35:02 ns arno: ---------------------------------------------------------------
Aug 29 11:35:02 ns arno: Flushing rules in the filter table.
Aug 29 11:35:02 ns arno: Setting default secure policies.
Aug 29 11:35:03 ns arno: Enabling anti-spoof with rp_filter.
Aug 29 11:35:03 ns arno: Enabling SYN-flood protection via SYN-cookies.
Aug 29 11:35:03 ns arno: Disabling the logging of martians.
Aug 29 11:35:03 ns arno: Disabling the acception of ICMP-redirect messages.
Aug 29 11:35:03 ns arno: Setting the max. amount of simultaneous connections to 4096 (default).
Aug 29 11:35:03 ns arno: Enabling reduction of the DoS’ing ability.
Aug 29 11:35:03 ns arno: Disabling ECN (Explicit Congestion Notification).
Aug 29 11:35:04 ns arno: Using loglevel info for syslogd.
Aug 29 11:35:04 ns arno: Enabling setting the maximum packet size via MSS.
Aug 29 11:35:04 ns arno: Accepting packets from the local loopback device.
Aug 29 11:35:04 ns arno: Logging of INVALID packets enabled.
Aug 29 11:35:04 ns arno: Logging of DHCP broadcasts disabled.
Aug 29 11:35:04 ns arno: Logging of ICMP flooding enabled.
Aug 29 11:35:05 ns arno: Logging of stealth scans (nmap probes etc.) enabled.
Aug 29 11:35:05 ns arno: Logging of packets with bad TCP-flags enabled.
Aug 29 11:35:05 ns arno: Logging of fragmented packets enabled.
Aug 29 11:35:05 ns arno: Logging of access from reserved addresses enabled.
Aug 29 11:35:05 ns arno:
Aug 29 11:35:06 ns arno: Setting host and port policies
Aug 29 11:35:06 ns arno: ------------------------------
Aug 29 11:35:06 ns arno: Logging of probable “lost connections” disabled.
Aug 29 11:35:06 ns arno: Logging of explicitly blocked hosts enabled.
Aug 29 11:35:06 ns arno: Logging of explicitly denied packets enabled.
Aug 29 11:35:06 ns arno: Logging of explicitly rejected packets disabled.
Aug 29 11:35:06 ns arno: Allowing DNS server 203.155.33.1 to connect to UDP port 53.
Aug 29 11:35:06 ns arno: Enabling protection against DRDOS-abuse.
Aug 29 11:35:06 ns arno: Allowing host(s) 202.xxx.xxx.xxx to have full access.
Aug 29 11:35:06 ns arno: Allowing host(s) 202.xxx.xxx.xxx to have full access.
Aug 29 11:35:06 ns arno: Allowing host(s) 202.xxx.xxx.xxx to have full access.
Aug 29 11:35:06 ns arno: Packets will be checked for private source addresses.
Aug 29 11:35:06 ns arno: Allowing the whole world to connect to TCP port(s): 21 25 53 80 110 143 443 8443 161 3306.
Aug 29 11:35:06 ns arno: Allowing the whole world to connect to UDP port(s): 21 25 53 80 110 143 443 8443 161 3306.
Aug 29 11:35:06 ns arno: Allowing the whole world to send ICMP-requests.
Aug 29 11:35:06 ns arno: Logging of dropped ICMP packets enabled.
Aug 29 11:35:06 ns arno: Logging of possible stealth scans enabled.
Aug 29 11:35:06 ns arno: Logging of (other) connection attempts to PRIVILEGED TCP ports enabled.
Aug 29 11:35:06 ns arno: Logging of (other) connection attempts to PRIVILEGED UDP ports enabled.
Aug 29 11:35:06 ns arno: Logging of (other) connection attempts to UNPRIVILEGED TCP ports enabled.
Aug 29 11:35:06 ns arno: Logging of “Normal” connection attempts to UNPRIVILEGED UDP ports enabled.
Aug 29 11:35:06 ns arno: Logging of other IP protocols (non TCP/UDP/ICMP) connection attempts enabled.
Aug 29 11:35:06 ns arno: Security is ENFORCED on the FORWARD chain.
Aug 29 11:35:06 ns arno: Enabling mangling TOS.
Aug 29 11:35:06 ns arno:
Aug 29 11:35:06 ns arno: Aug 29 11:35:06 ^[[40m^[[1;32mAll firewall rules applied.^[[0m
Aug 29 11:35:06 ns rc: Starting arno: succeeded
Aug 29 11:35:07 ns named: named startup succeeded
Aug 29 11:35:08 ns sshd: succeeded
Aug 29 11:35:09 ns xinetd: xinetd startup succeeded
Aug 29 11:35:22 ns mysqld: Starting MySQL: succeeded
Aug 29 11:35:23 ns courier-imap: Starting imapd succeeded
Aug 29 11:35:24 ns courier-imap: Starting imap-ssl succeeded
Aug 29 11:35:24 ns courier-imap: Starting pop3 succeeded
Aug 29 11:35:24 ns courier-imap: Starting pop3-ssl succeeded
Aug 29 11:35:26 ns qmail: Starting qmail: succeeded
Aug 29 11:35:32 ns spamassassin: spamd startup succeeded
Aug 29 11:35:51 ns psa-spamassassin: Starting psa-spamassassin service: succeeded
Aug 29 11:35:53 ns gpm: gpm startup succeeded
Aug 29 11:36:11 ns httpd: httpd startup succeeded
Aug 29 11:36:19 ns psa-spamassassin: Starting psa-spamassassin service: succeeded
Aug 29 11:36:23 ns psa: Starting Plesk: succeeded
Aug 29 11:36:24 ns crond: crond startup succeeded
Aug 29 11:36:25 ns xfs: xfs startup succeeded
Aug 29 11:36:26 ns anacron: anacron startup succeeded
Aug 29 11:36:27 ns atd: atd startup succeeded
Aug 22 14:53:15 ns httpd: httpd shutdown succeeded
Aug 22 14:54:03 ns httpd: httpd startup failed
Aug 22 14:54:35 ns httpd: httpd startup succeeded

pizzaman911 · September 19, 2005, 11:28am

Aug 29 10:14:01 ns syslog: syslogd startup succeeded
Aug 29 10:14:01 ns syslog: klogd startup succeeded

ทำไมมันมีแค่นี้หล่ะครับ ปกติ boot.log มันจะมีแสดงการ detect hardware ด้วยนะ
เอาเป็นว่า หลัง reboot ครั้งหน้า เอา cat /var/log/boot.log มาให้ดูดีกว่าครับ
หรือ dmesg ก็ได้ ทำทันทีหลัง reboot

thaiman2521 · September 24, 2005, 7:35am

ในที่สุดก็ได้เลิก reboot

[root@ns root]# cat /var/log/boot.log
Sep 24 07:27:18 ns atd: atd shutdown succeeded
Sep 24 07:27:18 ns xfs: xfs shutdown succeeded
Sep 24 07:27:19 ns mysqld: Stopping MySQL: succeeded
Sep 24 07:27:19 ns gpm: gpm shutdown succeeded
Sep 24 07:27:28 ns httpd: httpd shutdown succeeded
Sep 24 07:27:31 ns psa: Stopping Plesk: succeeded
Sep 24 07:27:31 ns sshd: sshd -TERM succeeded
Sep 24 07:27:32 ns courier-imap: Stopping imap succeeded
Sep 24 07:27:32 ns courier-imap: Stopping imap-ssl succeeded
Sep 24 07:27:33 ns courier-imap: Stopping pop3 succeeded
Sep 24 07:27:33 ns courier-imap: Stopping pop3-ssl succeeded
Sep 24 07:27:33 ns qmail: qmail-send shutdown succeeded
Sep 24 07:27:35 ns spamassassin: succeeded
Sep 24 07:27:36 ns smartd: smartd shutdown succeeded
Sep 24 07:27:37 ns named: succeeded
Sep 24 07:27:37 ns xinetd: xinetd shutdown succeeded
Sep 24 07:27:38 ns crond: crond shutdown succeeded
Sep 24 07:27:40 ns apmd: apmd shutdown succeeded
Sep 24 07:27:41 ns dd: 1+0 records in
Sep 24 07:27:41 ns dd: 1+0 records out
Sep 24 07:27:41 ns random: Saving random seed: succeeded
Sep 24 07:27:41 ns nfslock: rpc.statd shutdown failed
Sep 24 07:30:37 ns syslog: syslogd startup succeeded
Sep 24 07:30:37 ns syslog: klogd startup succeeded
Sep 24 07:30:38 ns irqbalance: irqbalance startup succeeded
Sep 24 07:30:38 ns nfslock: rpc.statd startup succeeded
Sep 24 07:30:39 ns random: Initializing random number generator: succeeded
Sep 24 07:30:39 ns netfs: Mounting other filesystems: succeeded
Sep 24 07:30:40 ns apmd: apmd startup succeeded
Sep 24 07:30:41 ns autofs: automount startup succeeded
Sep 24 07:30:42 ns smartd: smartd startup succeeded
Sep 24 07:30:43 ns arno: ^[[40m^[[1;32mArno’s IPTABLES Firewall Script v1.8.2^[[0m
Sep 24 07:30:43 ns arno: ---------------------------------------------------------------
Sep 24 07:30:43 ns arno: Sanity checks passed…OK
Sep 24 07:30:43 ns arno: Detected IPTABLES module… Loading additional IPTABLES modules:
Sep 24 07:30:47 ns arno: All IPTABLES modules loaded!
Sep 24 07:30:47 ns arno:
Sep 24 07:30:47 ns arno: External (internet) interface (EXT_IF) : eth0
Sep 24 07:30:47 ns arno: ---------------------------------------------------------------
Sep 24 07:30:47 ns arno: Flushing rules in the filter table.
Sep 24 07:30:47 ns arno: Setting default secure policies.
Sep 24 07:30:47 ns arno: Enabling anti-spoof with rp_filter.
Sep 24 07:30:47 ns arno: Enabling SYN-flood protection via SYN-cookies.
Sep 24 07:30:47 ns arno: Disabling the logging of martians.
Sep 24 07:30:47 ns arno: Disabling the acception of ICMP-redirect messages.
Sep 24 07:30:47 ns arno: Setting the max. amount of simultaneous connections to 4096 (default).
Sep 24 07:30:47 ns arno: Enabling reduction of the DoS’ing ability.
Sep 24 07:30:47 ns arno: Disabling ECN (Explicit Congestion Notification).
Sep 24 07:30:47 ns arno: Using loglevel info for syslogd.
Sep 24 07:30:48 ns arno: Enabling setting the maximum packet size via MSS.
Sep 24 07:30:48 ns arno: Accepting packets from the local loopback device.
Sep 24 07:30:48 ns arno: Logging of INVALID packets enabled.
Sep 24 07:30:49 ns arno: Logging of DHCP broadcasts disabled.
Sep 24 07:30:49 ns arno: Logging of ICMP flooding enabled.
Sep 24 07:30:49 ns arno: Logging of stealth scans (nmap probes etc.) enabled.
Sep 24 07:30:49 ns arno: Logging of packets with bad TCP-flags enabled.
Sep 24 07:30:49 ns arno: Logging of fragmented packets enabled.
Sep 24 07:30:49 ns arno: Logging of access from reserved addresses enabled.
Sep 24 07:30:49 ns arno:
Sep 24 07:30:49 ns arno: Setting host and port policies
Sep 24 07:30:49 ns arno: ------------------------------
Sep 24 07:30:49 ns arno: Logging of probable “lost connections” disabled.
Sep 24 07:30:49 ns arno: Logging of explicitly blocked hosts enabled.
Sep 24 07:30:49 ns arno: Logging of explicitly denied packets enabled.
Sep 24 07:30:49 ns arno: Logging of explicitly rejected packets disabled.
Sep 24 07:30:49 ns arno: Allowing DNS server 203.155.33.1 to connect to UDP port 53.
Sep 24 07:30:50 ns arno: Enabling protection against DRDOS-abuse.
Sep 24 07:30:50 ns arno: Allowing host(s) xxx.xxx.xxx159 to have full access.
Sep 24 07:30:50 ns arno: Allowing host(s) xxx.xxx.xxx155 to have full access.
Sep 24 07:30:50 ns arno: Allowing host(s) xxx.xxx.xxx44 to have full access.
Sep 24 07:30:50 ns arno: Packets will be checked for private source addresses.
Sep 24 07:30:50 ns arno: Allowing the whole world to connect to TCP port(s): 21 25 53 80 110 143 443 8443 3306.
Sep 24 07:30:50 ns arno: Allowing the whole world to connect to UDP port(s): 21 25 53 80 110 143 443 8443 3306.
Sep 24 07:30:51 ns arno: Allowing the whole world to send ICMP-requests.
Sep 24 07:30:51 ns arno: Logging of dropped ICMP packets enabled.
Sep 24 07:30:51 ns arno: Logging of possible stealth scans enabled.
Sep 24 07:30:51 ns arno: Logging of (other) connection attempts to PRIVILEGED TCP ports enabled.
Sep 24 07:30:51 ns arno: Logging of (other) connection attempts to PRIVILEGED UDP ports enabled.
Sep 24 07:30:51 ns arno: Logging of (other) connection attempts to UNPRIVILEGED TCP ports enabled.
Sep 24 07:30:51 ns arno: Logging of “Normal” connection attempts to UNPRIVILEGED UDP ports enabled.
Sep 24 07:30:51 ns arno: Logging of other IP protocols (non TCP/UDP/ICMP) connection attempts enabled.
Sep 24 07:30:51 ns arno: Security is ENFORCED on the FORWARD chain.
Sep 24 07:30:51 ns arno: Enabling mangling TOS.
Sep 24 07:30:51 ns arno:
Sep 24 07:30:51 ns arno: Sep 24 7:30:51 ^[[40m^[[1;32mAll firewall rules applied.^[[0m
Sep 24 07:30:51 ns rc: Starting arno: succeeded
Sep 24 07:30:52 ns named: named startup succeeded
Sep 24 07:30:53 ns sshd: succeeded
Sep 24 07:30:54 ns xinetd: xinetd startup succeeded
Sep 24 07:31:07 ns mysqld: Starting MySQL: succeeded
Sep 24 07:31:08 ns courier-imap: Starting imapd succeeded
Sep 24 07:31:08 ns courier-imap: Starting imap-ssl succeeded
Sep 24 07:31:09 ns courier-imap: Starting pop3 succeeded
Sep 24 07:31:09 ns courier-imap: Starting pop3-ssl succeeded
Sep 24 07:31:11 ns qmail: Starting qmail: succeeded
Sep 24 07:31:16 ns spamassassin: spamd startup succeeded
Sep 24 07:31:35 ns psa-spamassassin: Starting psa-spamassassin service: succeeded
Sep 24 07:31:36 ns gpm: gpm startup succeeded
Sep 24 07:31:54 ns httpd: httpd startup succeeded
Sep 24 07:32:03 ns psa-spamassassin: Starting psa-spamassassin service: succeeded
Sep 24 07:32:08 ns psa: Starting Plesk: succeeded
Sep 24 07:32:09 ns crond: crond startup succeeded
Sep 24 07:32:10 ns xfs: xfs startup succeeded
Sep 24 07:32:10 ns anacron: anacron startup succeeded
Sep 24 07:32:11 ns atd: atd startup succeeded

thaiman2521 · September 24, 2005, 7:37am

ต้องรบกวนด้วยนะครับ

[root@ns root]# dmesg
Linux version 2.4.22-1.2199.nptl (bhcompile@tweety.build.redhat.com) (gcc version 3.2.3 20030422 (Red Hat Linux 3.2.3-6)) #1 Wed Aug 4 12:21:48 EDT 2004
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
BIOS-e820: 00000000000e8000 - 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 - 000000003f730000 (usable)
BIOS-e820: 000000003f730000 - 000000003f740000 (ACPI data)
BIOS-e820: 000000003f740000 - 000000003f7f0000 (ACPI NVS)
BIOS-e820: 000000003f7f0000 - 000000003f800000 (reserved)
BIOS-e820: 00000000ffb80000 - 0000000100000000 (reserved)
119MB HIGHMEM available.
896MB LOWMEM available.
ACPI: have wakeup address 0xc0001000
On node 0 totalpages: 259888
zone(0): 4096 pages.
zone(1): 225280 pages.
zone(2): 30512 pages.
ACPI: RSDP (v000 ACPIAM ) @ 0x000fadc0
ACPI: RSDT (v001 A M I OEMRSDT 0x08000427 MSFT 0x00000097) @ 0x3f730000
ACPI: FADT (v002 A M I OEMFACP 0x08000427 MSFT 0x00000097) @ 0x3f730200
ACPI: MADT (v001 A M I OEMAPIC 0x08000427 MSFT 0x00000097) @ 0x3f730390
ACPI: DSDT (v001 APPM1 APPM1301 0x00000301 INTL 0x02002026) @ 0x00000000
Kernel command line: ro root=/dev/hda3 rhgb
Initializing CPU#0
Detected 2400.153 MHz processor.
Console: colour VGA+ 80x25
Calibrating delay loop… 4784.12 BogoMIPS
Memory: 1023552k/1039552k available (1473k kernel code, 15612k reserved, 1099k data, 136k init, 122048k highmem)
Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes)
Inode cache hash table entries: 65536 (order: 7, 524288 bytes)
Mount cache hash table entries: 512 (order: 0, 4096 bytes)
Buffer cache hash table entries: 65536 (order: 6, 262144 bytes)
Page-cache hash table entries: 262144 (order: 8, 1048576 bytes)
CPU: Trace cache: 12K uops<6>CPU: L2 cache: 1024K
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#0.
CPU: After generic, caps: bfebfbff 00000000 00000000 00000000
CPU: Common caps: bfebfbff 00000000 00000000 00000000
CPU: Intel

pizzaman911 · September 24, 2005, 7:49am

ผมผิดไปแล้ว dmesg & /var/log/messages ต่างหากที่แสดงการ detect h/w
ok และเห็นตรงนี้นะครับ

EXT3-fs: INFO: recovery required on readonly filesystem.
EXT3-fs: write access will be enabled during recovery.
kjournald starting. Commit interval 5 seconds
EXT3-fs: recovery complete.

recover journal แล้ว ผมว่ารอลองดูอีกรอบว่าจะยังเป็นไหม

thaiman2521 · September 24, 2005, 11:44am

ผมผิดไปแล้ว dmesg & /var/log/messages ต่างหากที่แสดงการ detect h/w
ok และเห็นตรงนี้นะครับ

EXT3-fs: INFO: recovery required on readonly filesystem.
EXT3-fs: write access will be enabled during recovery.
kjournald starting. Commit interval 5 seconds
EXT3-fs: recovery complete.

recover journal แล้ว ผมว่ารอลองดูอีกรอบว่าจะยังเป็นไหม

โทษทีนะครับ
หมายถึงให้ทำอะไรหรือครับ
ให้พิมพ์ 4 บรรทัดนี้เหรอครับ
EXT3-fs: INFO: recovery required on readonly filesystem.
EXT3-fs: write access will be enabled during recovery.
kjournald starting. Commit interval 5 seconds
EXT3-fs: recovery complete.

thaiman2521 · September 24, 2005, 1:54pm

[root@ns root]# dmesg & /var/log/messages
[1] 11964
UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47801 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0b:6a:89:a7:f7:08:00 SRC=xxx.xxx.xxx.168 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=57946 PROTO=UDP SPT=137 DPT=137 LEN=58
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=29726 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47803 DF PROTO=UDP SPT=631 DPT=631 LEN=95
-bash: /var/log/messages: Permission denied
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47804 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47805 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:22:41:74:08:00 SRC=xxx.xxx.xxx.238 DST=xxx.xxx.xxx.255 LEN=242 TOS=0x00 PREC=0x00 TTL=128 ID=38239 PROTO=UDP SPT=138 DPT=138 LEN=222
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=40410 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:29:57:7a:ac:08:00 SRC=xxx.xxx.xxx.209 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=2754 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:70:c8:13:7f:08:00 SRC=xxx.xxx.xxx.124 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=1487 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:f1:8f:7a:08:00 SRC=xxx.xxx.xxx.138 DST=xxx.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=1137 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47810 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=51136 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:8b:e8:d4:5f:08:00 SRC=xxx.xxx.xxx.9 DST=xxx.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=12394 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47812 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0f:ea:30:98:8c:08:00 SRC=xxx.xxx.xxx.241 DST=xxx.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=40988 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:f0:9d:6f:08:00 SRC=xxx.xxx.xxx.105 DST=xxx.xxx.xxx.255 LEN=244 TOS=0x00 PREC=0x00 TTL=128 ID=36612 PROTO=UDP SPT=138 DPT=138 LEN=224
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47814 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=61155 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47815 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=219.153.5.53 DST=xxx.xxx.xxx.160 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=49459 DF PROTO=TCP SPT=1115 DPT=8080 WINDOW=8192 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47816 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47817 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:29:57:7a:ac:08:00 SRC=xxx.xxx.xxx.209 DST=xxx.xxx.xxx.255 LEN=211 TOS=0x00 PREC=0x00 TTL=128 ID=3339 PROTO=UDP SPT=138 DPT=138 LEN=191
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=7034 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=xxx.xxx.xxx.184 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=5658 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47820 DF PROTO=UDP SPT=631 DPT=631 LEN=95
[root@ns root]# Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47821 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:05:68:2a:08:00 SRC=xxx.xxx.xxx.204 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=48498 PROTO=UDP SPT=137 DPT=137 LEN=58
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=16480 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47823 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.242.95 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=36800 DF PROTO=TCP SPT=4328 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.242.95 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=37131 DF PROTO=TCP SPT=4328 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:29:57:7a:ac:08:00 SRC=xxx.xxx.xxx.209 DST=xxx.xxx.xxx.255 LEN=236 TOS=0x00 PREC=0x00 TTL=128 ID=3648 PROTO=UDP SPT=138 DPT=138 LEN=216
Class A address: IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=10.1.1.254 DST=xxx.xxx.xxx.160 LEN=52 TOS=0x08 PREC=0x00 TTL=52 ID=40398 DF PROTO=TCP SPT=45120 DPT=80 WINDOW=6432 RES=0x00 ACK FIN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:f0:9d:6f:08:00 SRC=xxx.xxx.xxx.105 DST=xxx.xxx.xxx.255 LEN=241 TOS=0x00 PREC=0x00 TTL=128 ID=39095 PROTO=UDP SPT=138 DPT=138 LEN=221
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:50:24:a6:08:00 SRC=xxx.xxx.xxx.31 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=17601 PROTO=UDP SPT=137 DPT=137 LEN=58
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=26830 PROTO=2
INVALID INPUT packet: IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.97.40.225 DST=xxx.xxx.xxx.160 LEN=56 TOS=0x00 PREC=0x00 TTL=247 ID=38756 PROTO=ICMP TYPE=11 CODE=0 [SRC=xxx.xxx.xxx.160 DST=61.157.96.76 LEN=48 TOS=0x00 PREC=0x00 TTL=1 ID=2759 DF PROTO=TCP INCOMPLETE [8 bytes] ]
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47827 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47828 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.240.71 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=3905 DF PROTO=TCP SPT=1707 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.240.71 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=4154 DF PROTO=TCP SPT=1707 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=xxx.xxx.xxx.184 DST=xxx.xxx.xxx.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=16004 PROTO=UDP SPT=138 DPT=138 LEN=182
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:29:57:7a:ac:08:00 SRC=xxx.xxx.xxx.209 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=3820 PROTO=UDP SPT=137 DPT=137 LEN=58
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=35867 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47831 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47832 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:18:a5:39:8a:08:00 SRC=xxx.xxx.xxx.184 DST=xxx.xxx.xxx.255 LEN=237 TOS=0x00 PREC=0x00 TTL=128 ID=20151 PROTO=UDP SPT=138 DPT=138 LEN=217
Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.65.97.169 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x10 PREC=0x00 TTL=117 ID=7395 DF PROTO=TCP SPT=4288 DPT=1080 WINDOW=65535 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47834 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=43680 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47835 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.242.95 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=9353 DF PROTO=TCP SPT=4583 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.142.242.95 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=9633 DF PROTO=TCP SPT=4583 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0f:ea:30:98:8c:08:00 SRC=xxx.xxx.xxx.241 DST=xxx.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=58700 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:50:24:a6:08:00 SRC=xxx.xxx.xxx.31 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=21502 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47838 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:27:ae:0a:08:00 SRC=xxx.xxx.xxx.24 DST=xxx.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=50565 PROTO=UDP SPT=138 DPT=138 LEN=209
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=157 PROTO=2
Possible DRDOS TCP attempt: IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.103.178.39 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=12495 PROTO=TCP SPT=80 DPT=31861 WINDOW=16384 RES=0x00 ACK SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47840 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:70:d7:46:d9:08:00 SRC=xxx.xxx.xxx.37 DST=xxx.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=42045 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0c:29:57:7a:ac:08:00 SRC=xxx.xxx.xxx.209 DST=xxx.xxx.xxx.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=4225 PROTO=UDP SPT=138 DPT=138 LEN=182
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b3:e9:6d:70:08:00 SRC=xxx.xxx.xxx.222 DST=xxx.xxx.xxx.255 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=35369 PROTO=UDP SPT=138 DPT=138 LEN=182
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=9773 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47844 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:14:22:09:e4:1e:08:00 SRC=xxx.xxx.xxx.23 DST=xxx.xxx.xxx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=22674 PROTO=UDP SPT=138 DPT=138 LEN=209
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47845 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47846 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=21307 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:01:29:27:ae:0a:08:00 SRC=xxx.xxx.xxx.24 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=55097 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b3:e9:6d:70:08:00 SRC=xxx.xxx.xxx.222 DST=xxx.xxx.xxx.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=38966 PROTO=UDP SPT=137 DPT=137 LEN=58
Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=222.171.23.13 DST=xxx.xxx.xxx.160 LEN=64 TOS=0x00 PREC=0x00 TTL=45 ID=57183 DF PROTO=TCP SPT=3483 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47849 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47850 DF PROTO=UDP SPT=631 DPT=631 LEN=95
Connection attempt (PRIV): IN=eth0 OUT= MAC=00:11:d8:3f:d8:2e:00:12:01:a7:ba:19:08:00 SRC=202.27.219.98 DST=xxx.xxx.xxx.160 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=61387 DF PROTO=TCP SPT=4677 DPT=139 WINDOW=8760 RES=0x00 SYN URGP=0
Other-IP connection attempt: IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:c1:28:00:73:f2:08:00 SRC=202.57.128.129 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=30810 PROTO=2
Connection attempt (PRIV): IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:48:80:9e:ea:08:00 SRC=202.57.128.179 DST=255.255.255.255 LEN=115 TOS=0x00 PREC=0x00 TTL=64 ID=47851 DF PROTO=UDP SPT=631 DPT=631 LEN=95
[root@ns root]#
[1]+ Done dmesg

pizzaman911 · September 24, 2005, 10:00pm

ไม่ใช่ครับ ผมเห็นจาก log ที่ส่งมา เหมือนว่า filesystem ได้รับการ check ไปแล้ว
ก่อนหน้า reboot อาจมีปัญหาบางอย่างอยู่ เลยอยากให้สังเกตว่าตอนนี้ยังเป็นอีกไหมน่ะครับ

thaiman2521 · September 25, 2005, 9:30am

ยังเป็นอยู่นะครับ

pizzaman911 · September 25, 2005, 1:50pm

ดูเหมือนไม่ใช่ HW ด้วยแล้วนะครับ สุดท้าย คงต้องเช็ค script ครับ เหมือนที่ผมบอกแต่ต้น

thaiman2521 · September 25, 2005, 8:02pm

ดูเหมือนไม่ใช่ HW ด้วยแล้วนะครับ สุดท้าย คงต้องเช็ค script ครับ เหมือนที่ผมบอกแต่ต้น

ครับผม ขอบคุณ ทุกท่านมาก
ได้ความรู้หลายอย่างเลยครับ
แต่ ก็ต้องเจองานหนักหละ ไล่ ดู script ลูกค้าทีมี หลายร้อยอันเลย
แค่คิดก็ เหอๆๆๆๆๆ

มันจะมี function command บอกได้ไหมว่า file ไหนจากเวปไหนที่ มันใช้งานหนักเนี่ย
หรือว่าต้องไล่ test ทีละตัวเลย

icez · September 25, 2005, 8:39pm

ดูว่าเว็บไหนมีการวิ่งของ accesslog มากที่สุด
ไล่ดูว่า accesslog ของเว็บนั้น access ไปที่หน้าไหนมากที่สุด
ลองทดสอบดูโลด

thaiman2521 · September 26, 2005, 12:53pm

tail -f /var/log/httpd/access_log

ทำผมผมลอง tail -f /var/log/httpd/access_log แล้วมันไม่ค่อยขึ้นเลยนะครับ
ว่ามันเข้าเวปไหนส่วนมากจะเป้นพวก webmail
แต่ over load ยัง 2.xx อยู่เลย
แถมมีคน access เข้ามาพันกว่าแหนะ

icez · September 26, 2005, 6:02pm

ใช้ plesk รึเปล่าครับ

ถ้าใช่ ให้เข้าไปดูใน /home/httpd/vhosts/DOMAIN/statistics/logs นะครับ มันแยกแต่ละ domain เลย

เพราะฉะนั้น ดูกันนานหน่อยนะครับ

thaiman2521 · September 26, 2005, 8:35pm

ปัญหาเครื่องผมตอนนี้ plesk มันไม่ยอม เก็บ stat แล้วนะครับ
ไม่รุ้ว่า เพราะ log เต็ม หรือเปล่าก็ไม่ทราบนะครับ
เพราะมีเวปนึง log 1 วัน ขนาด 2gb น่าจะโดนยิงจาก phpbb นะครับ
ทำให้ เดือนนี้ plesk มันไม่เก็บ สถิติ เลย

icez · September 27, 2005, 9:03am

harddisk /home เต็ม?

แบบว่า มีกรณีเดียวที่ plesk ไม่ยอมเก็บสถิติน่ะครับ แหะๆ

thaiman2521 · September 27, 2005, 9:05am

harddisk /home เต็ม?

แบบว่า มีกรณีเดียวที่ plesk ไม่ยอมเก็บสถิติน่ะครับ แหะๆ

ไม่นะครับ น่าจะยังเหลืออีกเยอะ
เพราะ เครื่องนี้มันสร้างแบบ partition เดียวรวมกันหมดเลย

icez · September 27, 2005, 9:18am

งั้นลองเข้าไปดูหน่อยเหอะครับ /home/httpd/vhosts/DOMAIN/statistics/logs