| Next revision | Previous revision |
| technical:tech_doc_trashcan [2025/06/06 01:07] – created super_stunder | technical:tech_doc_trashcan [2025/06/11 03:50] (current) – super_stunder |
|---|
| ====== TECH TRASH CAN ====== | ====== TECH TRASH CAN ====== |
| | **Why in the hell do you want mouse mode in VIM ever!!! use this to turn it off** |
| | <cli> |
| | :set mouse-=a |
| | </cli> |
| |
| This is an example of the UFW logs going into journald. | **This is an example of the UFW logs going into journald.** |
| |
| <code> | <code> |
| Jun 04 04:44:51 logger01 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=185.243.5.60 DST=137.184.122.230 LEN> | Jun 04 04:44:51 logger01 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=185.243.5.60 DST=137.184.122.230 LEN> |
| Jun 04 04:44:56 logger01 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=179.43.191.98 DST=137.184.122.230 LE> | Jun 04 04:44:56 logger01 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=179.43.191.98 DST=137.184.122.230 LE> |
| | </code> |
| | |
| | then they are piped to rsyslog doubling the logs and some crazy time stamps are added. |
| | |
| | <code> |
| | 2025-06-04T04:41:58.533333+00:00 logger01 kernel: [726866.638774] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=172.245.112.199 DST=137.184.122.230 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=51991 PROTO=TCP SPT=61000 DPT=25644 WINDOW=1024 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:42:16.644611+00:00 logger01 kernel: [726884.748163] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=160.191.175.170 DST=137.184.122.230 LEN=44 TOS=0x00 PREC=0x00 TTL=239 ID=53602 PROTO=TCP SPT=53 DPT=34849 WINDOW=1025 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:42:36.549613+00:00 logger01 kernel: [726904.654552] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=172.245.112.199 DST=137.184.122.230 LEN=40 TOS=0x08 PREC=0x20 TTL=242 ID=25594 PROTO=TCP SPT=61000 DPT=25012 WINDOW=1024 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:42:56.128868+00:00 logger01 kernel: [726924.234803] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=83.222.190.230 DST=137.184.122.230 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=18963 PROTO=TCP SPT=56337 DPT=6008 WINDOW=1024 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:43:20.025739+00:00 logger01 kernel: [726948.131259] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=167.94.146.26 DST=137.184.122.230 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=27290 PROTO=TCP SPT=22055 DPT=20546 WINDOW=42340 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:43:38.468380+00:00 logger01 kernel: [726966.573766] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=78.128.113.190 DST=137.184.122.230 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=25877 PROTO=TCP SPT=43867 DPT=4657 WINDOW=1024 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:43:59.718974+00:00 logger01 kernel: [726987.824567] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=92.118.39.237 DST=137.184.122.230 LEN=228 TOS=0x00 PREC=0x00 TTL=235 ID=25105 PROTO=TCP SPT=31085 DPT=443 WINDOW=8171 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:44:21.413556+00:00 logger01 kernel: [727009.519808] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=95.214.53.196 DST=137.184.122.230 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=53887 DPT=10801 WINDOW=65535 RES=0x00 SYN URGP=0 |
| | 2025-06-04T04:44:51.814472+00:00 logger01 kernel: [727039.920842] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=185.243.5.60 DST=137.184.122.230 LEN=442 TOS=0x00 PREC=0x00 TTL=52 ID=26311 DF PROTO=UDP SPT=5197 DPT=5060 LEN=422 |
| | 2025-06-04T04:44:56.941511+00:00 logger01 kernel: [727045.047113] [UFW BLOCK] IN=eth0 OUT= MAC=f6:5a:cb:13:e6:33:fe:00:00:00:01:01:08:00 SRC=179.43.191.98 DST=137.184.122.230 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=54321 PROTO=TCP SPT=57395 DPT=37777 WINDOW=65535 RES=0x00 SYN URGP=0 |
| </code> | </code> |