What's new

system log entries Asus AC86U

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

unclebuk

Senior Member
Can someone assist me to understand what the attached system log entries (in bold font) are indicating. Is it a security issue or something that requires my intervention?? There are literally 100's of these entries today.
xxx.27.88.57 is my ISP IP address.

Thanks in advance.


Apr 4 15:37:11 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=45.146.165.205 DST=xxx.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=59673 PROTO=TCP SPT=8080 DPT=10336 SEQ=642488640 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 4 15:37:18 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=208.100.26.228 DST=xxx.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=34072 PROTO=TCP SPT=44822 DPT=8000 SEQ=1988936289 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 4 15:37:43 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=182.254.145.229 DST=xxx.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=49109 PROTO=TCP SPT=45308 DPT=2375 SEQ=3452694187 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Apr 4 15:37:51 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=183.136.225.42 DST=xxx.27.88.57 LEN=44 TOS=0x00 PREC=0x00 TTL=110 ID=59702 PROTO=TCP SPT=54744 DPT=9876 SEQ=1458188920 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405B4) MARK=0x8000000
Apr 4 15:37:57 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=45.146.165.205 DST=XXX.27.88.57 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=58719 PROTO=TCP SPT=8080 DPT=10055 SEQ=4123695649 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
 
you can do a whois search

most likely script kiddies probing .
Make sure you have "drop all unsolicited packets" set on and remote management turned off and no ports opened in the router firewall for outside access to an internal server on your lan.
 
They come from Skynet, if that isn’t clear (since you don’t mention that you have Skynet installed).
 
you can do a whois search

most likely script kiddies probing .
Make sure you have "drop all unsolicited packets" set on and remote management turned off and no ports opened in the router firewall for outside access to an internal server on your lan.
Hi, ok, thanks for the info.

The "drop all unsolicited packets" setting on Asus AC86U with merlin is in the AiProtection section or is there another setting for this?
 
Yes, I have skynet installed.
Skynet will roll up those entries into a one line summary at the top of each hour. It is part of the stats piece of Skynet.
 
I get this error message about skynet swap file:

FW Version; 384.18_0 (Jun 28 2020) (4.1.27)
Install Dir; /tmp/mnt/Asus-entware/skynet (13.3G / 14.4G Space Available)
SWAP File; /tmp/mnt/Asus-entware/myswap.swp (256.3M)

SWAP File Too Small - 1GB Minimum Required - Please Fix Immediately!

The usb drive is 13Gb, how do I increase the swap file from 256Mb to 1 Gb?


Thanks.
 
Now I see this:

[*] Lock File Detected (start skynetloc=/tmp/mnt/Asus-entware/skynet) (pid=2637)
[*] Locked Processes Generally Take 1-2 Minutes To Complete And May Result In Temporarily "

IPTables Rules | [Failed]
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top