Skip to content

Commit f9a1e14

Browse files
buixorLaurenceJJones
buixor
and
LaurenceJJones
authored
fix #1582 : exclude 'UFW AUDIT' log lines (#1638)
Co-authored-by: Laurence Jones <laurence.jones@live.co.uk>
1 parent ff74f2e commit f9a1e14

File tree

3 files changed

+202
-19
lines changed

3 files changed

+202
-19
lines changed

.tests/iptables-scan-multi-port/iptables-scan-multi-port.log

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,3 +15,35 @@ Sep 30 10:09:23 scw-d95986 kernel: [19955416.499523] IN=ens2 OUT= MAC=de:1c:88:6
1515
Sep 30 10:09:23 scw-d95986 kernel: [19955416.499523] IN=ens2 OUT= MAC=de:1c:88:64:10:19:5e:e1:a4:3b:cf:f0:08:00 SRC=62.34.17.168 DST=10.73.140.49 LEN=44 TOS=0x00 PREC=0x00 TTL=27 ID=56552 PROTO=TCP SPT=52220 DPT=8081 WINDOW=1024 RES=0x00 SYN URGP=0
1616
Sep 30 10:09:23 scw-d95986 kernel: [19955416.501968] IN=ens2 OUT= MAC=de:1c:88:64:10:19:5e:e1:a4:3b:cf:f0:08:00 SRC=62.34.17.168 DST=10.73.140.49 LEN=44 TOS=0x00 PREC=0x00 TTL=42 ID=6603 PROTO=TCP SPT=52220 DPT=8082 WINDOW=1024 RES=0x00 SYN URGP=0
1717
Sep 30 10:09:23 scw-d95986 kernel: [19955416.501968] IN=ens2 OUT= MAC=de:1c:88:64:10:19:5e:e1:a4:3b:cf:f0:08:00 SRC=62.34.17.168 DST=10.73.140.49 LEN=44 TOS=0x00 PREC=0x00 TTL=42 ID=6603 PROTO=TCP SPT=52220 DPT=8083 WINDOW=1024 RES=0x00 SYN URGP=0
18+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=53 LEN=84
19+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=54 LEN=84
20+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=55 LEN=84
21+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=56 LEN=84
22+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=57 LEN=84
23+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=58 LEN=84
24+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=59 LEN=84
25+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=60 LEN=84
26+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=61 LEN=84
27+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=62 LEN=84
28+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=63 LEN=84
29+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=64 LEN=84
30+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=65 LEN=84
31+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=66 LEN=84
32+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=67 LEN=84
33+
Oct 30 10:09:23 vm-1 kernel: [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=68 LEN=84
34+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=53 LEN=84
35+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=54 LEN=84
36+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=55 LEN=84
37+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=56 LEN=84
38+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=57 LEN=84
39+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=58 LEN=84
40+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=59 LEN=84
41+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=60 LEN=84
42+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=61 LEN=84
43+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=62 LEN=84
44+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=63 LEN=84
45+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=64 LEN=84
46+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=65 LEN=84
47+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=66 LEN=84
48+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=67 LEN=84
49+
Oct 30 10:09:23 vm-1 kernel: [UFW BLOCK] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.2 DST=127.0.0.53 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=16820 DF PROTO=TCP SPT=50616 DPT=68 LEN=84

0 commit comments

Comments
 (0)