m0n0wall: statusm0n0wall: status Mon Mar 19 20:40:38 UTC 2007 Note: make sure to remove any sensitive information (passwords, maybe also IP addresses) before posting information from this page in public places (like mailing lists)! Passwords in config.xml have been automatically removed. This status page includes the following information: System uptime Interfaces Routing tables ipfw show ipnat -lv ipfstat -v ipfstat -nio unparsed ipnat rules unparsed ipfilter rules unparsed ipfw rules resolv.conf Processes dhcpd.conf ez-ipupdate.cache df racoon.conf SPD SAD last 200 system log entries last 50 filter log entries ls /conf ls /var/run config.xml System uptime 8:40PM up 17 mins, 0 users, load averages: 0.08, 0.06, 0.07 Interfaces wi0: flags=8802 mtu 1500 ether 00:06:25:03:c4:46 media: IEEE 802.11 Wireless Ethernet autoselect (none) status: no carrier ssid "" channel 1 stationname "FreeBSD WaveLAN/IEEE node" authmode OPEN privacy OFF txpowmax 100 bmiss 7 sis0: flags=8843 mtu 1500 options=8 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 ether 00:00:24:c0:32:98 media: Ethernet autoselect (100baseTX ) status: active sis1: flags=8843 mtu 1500 options=8 inet 70.119.49.28 netmask 0xfffff800 broadcast 255.255.255.255 ether 00:00:24:c0:32:99 media: Ethernet autoselect (100baseTX ) status: active sis2: flags=8842 mtu 1500 options=8 ether 00:00:24:c0:32:9a media: Ethernet autoselect (none) status: no carrier lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 Routing tables Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 70.119.48.1 UGS 0 1999 sis1 70.119.48/21 link#3 UC 0 0 sis1 70.119.48.1 00:06:2a:c9:a8:01 UHLW 2 0 sis1 1200 127.0.0.1 127.0.0.1 UH 0 28 lo0 192.168.1 link#2 UC 0 0 sis0 192.168.1.101 00:12:79:56:b2:61 UHLW 1 2035 sis0 782 ipfw show ipfw: getsockopt(IP_FW_GET): Protocol not available ipnat -lv List of active MAP/Redirect filters: map sis1 192.168.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp map sis1 192.168.1.0/24 -> 0.0.0.0/32 List of active sessions: MAP 192.168.1.101 2630 <- -> 70.119.49.28 2630 [16.110.60.205 2967] age 2539 use 0 sumd 0xb585/0xb585 pr 6 bkt 721/1177 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 2629 <- -> 70.119.49.28 2629 [16.110.176.88 139] age 2521 use 0 sumd 0xb585/0xb585 pr 6 bkt 1225/657 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 2628 <- -> 70.119.49.28 2628 [16.110.176.88 445] age 2513 use 0 sumd 0xb585/0xb585 pr 6 bkt 1488/920 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 2627 <- -> 70.119.49.28 2627 [16.110.60.206 2967] age 2463 use 0 sumd 0xb585/0xb585 pr 6 bkt 2006/415 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 2626 <- -> 70.119.49.28 2626 [16.110.60.205 2967] age 2386 use 0 sumd 0xb585/0xb585 pr 6 bkt 1744/153 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 2625 <- -> 70.119.49.28 2625 [15.59.112.121 2967] age 2310 use 0 sumd 0xb585/0xb585 pr 6 bkt 1679/1111 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 2624 <- -> 70.119.49.28 2624 [209.191.85.190 80] age 2284 use 0 sumd 0xb585/0xb585 pr 6 bkt 995/1451 flags 1 ifp sis1,sis1 bytes 783/2146 pkts 5/6 ipsumd b585 MAP 192.168.1.101 2623 <- -> 70.119.49.28 2623 [68.142.232.54 80] age 2280 use 0 sumd 0xb585/0xb585 pr 6 bkt 1456/888 flags 1 ifp sis1,sis1 bytes 603/1564 pkts 5/6 ipsumd b585 MAP 192.168.1.101 2622 <- -> 70.119.49.28 2622 [16.111.132.205 2967] age 2233 use 0 sumd 0xb585/0xb585 pr 6 bkt 338/794 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 2621 <- -> 70.119.49.28 2621 [15.59.112.120 2967] age 2160 use 0 sumd 0xb585/0xb585 pr 6 bkt 649/81 flags 1 ifp sis1,sis1 bytes 0/144 pkts 0/3 ipsumd b585 MAP 192.168.1.101 1043 <- -> 70.119.49.28 1043 [16.114.116.56 161] age 2570 use 0 sumd 0xb585/0xb585 pr 17 bkt 192/1671 flags 2 ifp sis1,sis1 bytes 0/424 pkts 0/4 ipsumd b585 MAP 192.168.1.101 1043 <- -> 70.119.49.28 1043 [16.114.116.53 161] age 2522 use 0 sumd 0xb585/0xb585 pr 17 bkt 174/1653 flags 2 ifp sis1,sis1 bytes 0/424 pkts 0/4 ipsumd b585 MAP 192.168.1.101 123 <- -> 70.119.49.28 123 [16.110.176.88 123] age 2378 use 0 sumd 0xb585/0xb585 pr 17 bkt 708/140 flags 2 ifp sis1,sis1 bytes 0/96 pkts 0/1 ipsumd b585 MAP 192.168.1.101 4500 <- -> 70.119.49.28 26692 [161.114.1.66 4500] age 3291 use 0 sumd 0xc36/0xc36 pr 17 bkt 39/1595 flags 2 ifp sis1,sis1 bytes 239232/196616 pkts 237/264 ipsumd b585 MAP 192.168.1.101 500 <- -> 70.119.49.28 26724 [161.114.1.66 500] age 3204 use 0 sumd 0x1bf6/0x1bf6 pr 17 bkt 31/1595 flags 2 ifp sis1,sis1 bytes 3318/1800 pkts 12/6 ipsumd b585 MAP 192.168.1.101 2596 <- -> 70.119.49.28 26552 [15.200.32.67 443] age 20004 use 0 sumd 0x131a/0x131a pr 6 bkt 603/1170 flags 1 ifp sis1,sis1 bytes 3010/1461 pkts 20/20 ipsumd b585 MAP 192.168.1.101 2593 <- -> 70.119.49.28 26549 [15.200.32.67 443] age 19993 use 0 sumd 0x131a/0x131a pr 6 bkt 1882/402 flags 1 ifp sis1,sis1 bytes 1989/2645 pkts 21/22 ipsumd b585 MAP 192.168.1.101 2585 <- -> 70.119.49.28 26541 [15.200.32.67 443] age 19948 use 0 sumd 0x131a/0x131a pr 6 bkt 1881/401 flags 1 ifp sis1,sis1 bytes 3614/1461 pkts 22/20 ipsumd b585 MAP 192.168.1.101 2584 <- -> 70.119.49.28 26540 [15.200.32.67 443] age 20060 use 0 sumd 0x131a/0x131a pr 6 bkt 1625/145 flags 1 ifp sis1,sis1 bytes 10056/2541 pkts 52/47 ipsumd b585 MAP 192.168.1.101 2582 <- -> 70.119.49.28 26538 [15.200.32.67 443] age 20060 use 0 sumd 0x131a/0x131a pr 6 bkt 1113/1680 flags 1 ifp sis1,sis1 bytes 3429/13230 pkts 57/63 ipsumd b585 MAP 192.168.1.101 2580 <- -> 70.119.49.28 26536 [15.200.32.67 443] age 20057 use 0 sumd 0x131a/0x131a pr 6 bkt 601/1168 flags 1 ifp sis1,sis1 bytes 1989/3535 pkts 21/24 ipsumd b585 MAP 192.168.1.101 2535 <- -> 70.119.49.28 26491 [15.200.32.67 443] age 18330 use 0 sumd 0x131a/0x131a pr 6 bkt 1394/1930 flags 1 ifp sis1,sis1 bytes 2384/1101 pkts 12/11 ipsumd b585 MAP 192.168.1.101 2532 <- -> 70.119.49.28 26488 [15.200.32.67 443] age 20053 use 0 sumd 0x131a/0x131a pr 6 bkt 626/1162 flags 1 ifp sis1,sis1 bytes 3088/1520 pkts 22/22 ipsumd b585 MAP 192.168.1.101 2531 <- -> 70.119.49.28 26487 [15.200.32.67 443] age 20021 use 0 sumd 0x131a/0x131a pr 6 bkt 370/906 flags 1 ifp sis1,sis1 bytes 2109/2743 pkts 24/25 ipsumd b585 List of active host mappings: 192.168.1.101,16.110.60.205 -> 0.0.0.0 (use = 2 hv = 134) 192.168.1.101,16.110.60.206 -> 0.0.0.0 (use = 1 hv = 150) 192.168.1.101,209.191.85.190 -> 0.0.0.0 (use = 1 hv = 269) 192.168.1.101,161.114.1.66 -> 0.0.0.0 (use = 2 hv = 377) 192.168.1.101,68.142.232.54 -> 0.0.0.0 (use = 1 hv = 947) 192.168.1.101,16.111.132.205 -> 0.0.0.0 (use = 1 hv = 1160) 192.168.1.101,15.200.32.67 -> 0.0.0.0 (use = 6 hv = 1361) 192.168.1.101,15.200.32.67 -> 0.0.0.0 (use = 3 hv = 1361) 192.168.1.101,16.110.176.88 -> 0.0.0.0 (use = 3 hv = 1545) 192.168.1.101,16.114.116.53 -> 0.0.0.0 (use = 1 hv = 1738) 192.168.1.101,16.114.116.56 -> 0.0.0.0 (use = 1 hv = 1802) 192.168.1.101,15.59.112.121 -> 0.0.0.0 (use = 1 hv = 2040) 192.168.1.101,15.59.112.120 -> 0.0.0.0 (use = 1 hv = 2040) ipfstat -v opts 0x40 name /dev/ipl bad packets: in 0 out 0 IPv6 packets: in 0 out 0 input packets: blocked 300 passed 4135 nomatch 0 counted 0 short 0 output packets: blocked 0 passed 4072 nomatch 0 counted 0 short 0 input packets logged: blocked 149 passed 0 output packets logged: blocked 0 passed 0 packets logged: input 0 output 0 log failures: input 0 output 0 fragment state(in): kept 0 lost 0 not fragmented 0 fragment state(out): kept 0 lost 0 not fragmented 0 packet state(in): kept 167 lost 152 packet state(out): kept 4 lost 0 ICMP replies: 0 TCP RSTs sent: 0 Invalid source(in): 0 Result cache hits(in): 255 (out): 0 IN Pullups succeeded: 0 failed: 0 OUT Pullups succeeded: 1 failed: 0 Fastroute successes: 0 failures: 0 TCP cksum fails(in): 0 (out): 0 IPF Ticks: 2093 Packet log flags set: (0) none ipfstat -nio @1 pass out quick on lo0 all @2 pass out quick on sis0 proto udp from 192.168.1.1/32 port = bootps to any port = bootpc @3 pass out quick on sis1 proto udp from any port = bootpc to any port = bootps @4 pass out quick on sis0 all keep state @5 pass out quick on sis1 all keep state @6 block out log quick all @1 pass in quick on lo0 all @2 block in log quick from any to any with short @3 block in log quick from any to any with ipopts @4 pass in quick on sis0 proto udp from any port = bootpc to 255.255.255.255/32 port = bootps @5 pass in quick on sis0 proto udp from any port = bootpc to 192.168.1.1/32 port = bootps @6 block in log quick on sis1 from 192.168.1.0/24 to any @7 block in log quick on sis1 proto udp from any port = bootps to 192.168.1.0/24 port = bootpc @8 pass in quick on sis1 proto udp from any port = bootps to any port = bootpc @9 block in log quick on sis0 from !192.168.1.0/24 to any @10 block in log quick on sis1 from 10.0.0.0/8 to any @11 block in log quick on sis1 from 127.0.0.0/8 to any @12 block in log quick on sis1 from 172.16.0.0/12 to any @13 block in log quick on sis1 from 192.168.0.0/16 to any @14 skip 1 in proto tcp from any to any flags S/FSRA @15 block in log quick proto tcp from any to any @16 block in log quick on sis0 all head 100 @1 pass in quick from 192.168.1.0/24 to 192.168.1.1/32 keep state group 100 @2 pass in quick from 192.168.1.0/24 to any keep state group 100 @17 block in log quick on sis1 all head 200 @18 block in log quick all unparsed ipnat rules map sis1 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp map sis1 192.168.1.0/24 -> 0/32 portmap tcp/udp auto map sis1 192.168.1.0/24 -> 0/32 unparsed ipfilter rules # loopback pass in quick on lo0 all pass out quick on lo0 all # block short packets block in log quick all with short # block IP options block in log quick all with ipopts # allow access to DHCP server on LAN pass in quick on sis0 proto udp from any port = 68 to 255.255.255.255 port = 67 pass in quick on sis0 proto udp from any port = 68 to 192.168.1.1 port = 67 pass out quick on sis0 proto udp from 192.168.1.1 port = 67 to any port = 68 # WAN spoof check block in log quick on sis1 from 192.168.1.0/24 to any # allow our DHCP client out to the WAN # XXX - should be more restrictive # (not possible at the moment - need 'me' like in ipfw) pass out quick on sis1 proto udp from any port = 68 to any port = 67 block in log quick on sis1 proto udp from any port = 67 to 192.168.1.0/24 port = 68 pass in quick on sis1 proto udp from any port = 67 to any port = 68 # LAN/OPT spoof check (needs to be after DHCP because of broadcast addresses) block in log quick on sis0 from ! 192.168.1.0/24 to any # block anything from private networks on WAN interface block in log quick on sis1 from 10.0.0.0/8 to any block in log quick on sis1 from 127.0.0.0/8 to any block in log quick on sis1 from 172.16.0.0/12 to any block in log quick on sis1 from 192.168.0.0/16 to any # Block TCP packets that do not mark the start of a connection skip 1 in proto tcp all flags S/SAFR block in log quick proto tcp all #--------------------------------------------------------------------------- # group head 100 - LAN interface #--------------------------------------------------------------------------- block in log quick on sis0 all head 100 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on sis0 all keep state #--------------------------------------------------------------------------- # group head 200 - WAN interface #--------------------------------------------------------------------------- block in log quick on sis1 all head 200 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on sis1 all keep state # make sure the user cannot lock himself out of the webGUI pass in quick from 192.168.1.0/24 to 192.168.1.1 keep state group 100 # User-defined rules follow pass in quick from 192.168.1.0/24 to any keep state group 100 #--------------------------------------------------------------------------- # default rules (just to be sure) #--------------------------------------------------------------------------- block in log quick all block out log quick all unparsed ipfw rules add 50000 set 4 pass all from 192.168.1.1 to any add 50001 set 4 pass all from any to 192.168.1.1 resolv.conf domain local nameserver 65.32.5.74 nameserver 65.32.5.75 Processes USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 10 75.0 0.0 0 8 ?? RL 8:23PM 14:48.37 [idle] root 486 47.9 15.5 7408 6888 ?? SN 8:40PM 0:02.45 /usr/local/bin/php status.php root 487 2.2 3.8 2588 1688 ?? S 8:40PM 0:00.15 /usr/local/sbin/mini_httpd -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid root 13 0.1 0.0 0 8 ?? WL 8:23PM 0:05.10 [swi1: net] root 11 0.0 0.0 0 8 ?? RL 8:23PM 0:07.95 [swi4: clock sio] root 0 0.0 0.0 0 0 ?? WLs 8:23PM 0:00.01 [swapper] root 1 0.0 2.0 1420 876 ?? ILs 8:23PM 0:00.14 /sbin/init -- root 2 0.0 0.0 0 8 ?? DL 8:23PM 0:00.64 [g_event] root 3 0.0 0.0 0 8 ?? DL 8:23PM 0:00.53 [g_up] root 4 0.0 0.0 0 8 ?? DL 8:23PM 0:00.66 [g_down] root 5 0.0 0.0 0 8 ?? DL 8:23PM 0:00.00 [crypto] root 6 0.0 0.0 0 8 ?? DL 8:23PM 0:00.00 [crypto returns] root 7 0.0 0.0 0 8 ?? DL 8:23PM 0:00.00 [kqueue taskq] root 8 0.0 0.0 0 8 ?? DL 8:23PM 0:00.00 [thread taskq] root 9 0.0 0.0 0 8 ?? DL 8:23PM 0:00.39 [md0] root 12 0.0 0.0 0 8 ?? WL 8:23PM 0:00.00 [swi3: vm] root 14 0.0 0.0 0 8 ?? DL 8:23PM 0:01.72 [yarrow] root 15 0.0 0.0 0 8 ?? WL 8:23PM 0:00.00 [swi5: +] root 16 0.0 0.0 0 8 ?? WL 8:23PM 0:00.00 [swi6: Giant taskq] root 17 0.0 0.0 0 8 ?? WL 8:23PM 0:00.07 [swi6: task queue] root 18 0.0 0.0 0 8 ?? WL 8:23PM 0:00.00 [irq10: wi0] root 19 0.0 0.0 0 8 ?? WL 8:23PM 0:00.56 [irq11: sis0] root 20 0.0 0.0 0 8 ?? WL 8:23PM 0:03.58 [irq5: sis1] root 21 0.0 0.0 0 8 ?? WL 8:23PM 0:00.00 [irq9: sis2] root 22 0.0 0.0 0 8 ?? WL 8:23PM 0:00.09 [irq14: ata0] root 23 0.0 0.0 0 8 ?? WL 8:23PM 0:00.00 [irq15: ata1] root 24 0.0 0.0 0 8 ?? WL 8:23PM 0:00.00 [swi0: sio] root 25 0.0 0.0 0 8 ?? DL 8:23PM 0:00.01 [pagedaemon] root 26 0.0 0.0 0 8 ?? RL 8:23PM 0:00.01 [idlepoll] root 27 0.0 0.0 0 8 ?? RL 8:23PM 0:02.28 [pagezero] root 28 0.0 0.0 0 8 ?? DL 8:23PM 0:00.07 [bufdaemon] root 29 0.0 0.0 0 8 ?? DL 8:23PM 0:00.17 [syncer] root 30 0.0 0.0 0 8 ?? DL 8:23PM 0:00.07 [vnlru] root 31 0.0 0.0 0 8 ?? DL 8:23PM 0:00.05 [softdepflush] root 32 0.0 0.0 0 8 ?? DL 8:23PM 0:00.29 [schedcpu] root 82 0.0 3.1 1808 1364 ?? Ss 8:24PM 0:00.16 /sbin/dhclient -nw -cf /var/etc/dhclient.conf -sf /sbin/dhclient-script sis1 root 91 0.0 3.2 1888 1444 ?? Ss 8:24PM 0:00.39 /sbin/ipmon -sD root 96 0.0 2.2 1372 972 ?? Ss 8:24PM 0:00.33 /usr/sbin/syslogd -ss root 99 0.0 3.7 2588 1636 ?? Ss 8:24PM 0:00.21 /usr/local/sbin/mini_httpd -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid nobody 103 0.0 2.5 1400 1096 ?? S 8:24PM 0:01.25 /usr/local/sbin/dnsmasq root 106 0.0 3.8 2156 1696 ?? Is 8:24PM 0:00.01 /usr/local/sbin/dhcpd -cf /var/etc/dhcpd.conf sis0 root 161 0.0 2.7 1684 1188 ?? I 8:24PM 0:00.09 /bin/sh /etc/rc.initial console root 185 0.0 2.5 1456 1092 ?? I 8:24PM 0:00.08 /usr/local/bin/msntp -r -P no -l /var/run/msntp.pid -x 300 pool.ntp.org root 509 0.0 2.7 1684 1196 ?? SN 8:40PM 0:00.06 sh -c ps xauww 2>&1 root 510 0.0 2.1 1432 920 ?? RN 8:40PM 0:00.05 ps xauww root 110 0.0 2.6 1684 1160 d0- I 8:24PM 0:00.16 /bin/sh /usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid 300 pool.ntp.org dhcpd.conf option domain-name "local"; default-lease-time 7200; max-lease-time 86400; authoritative; log-facility local7; ddns-update-style none; subnet 192.168.1.0 netmask 255.255.255.0 { pool { range 192.168.1.100 192.168.1.199; } option routers 192.168.1.1; option domain-name-servers 192.168.1.1; } ez-ipupdate.cache cat: /conf/ez-ipupdate.cache: No such file or directory df Filesystem 512-blocks Used Avail Capacity Mounted on /dev/md0 25566 23932 1634 94% / devfs 2 2 0 100% /dev /dev/ad0a 14926 12788 2138 86% /cf racoon.conf cat: /var/etc/racoon.conf: No such file or directory SPD No SPD entries. SAD No SAD entries. last 200 system log entries Mar 19 20:24:02 m0n0wall syslogd: kernel boot file is /kernel Mar 19 20:24:02 m0n0wall kernel: Copyright (c) 1992-2006 The FreeBSD Project. Mar 19 20:24:02 m0n0wall kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Mar 19 20:24:02 m0n0wall kernel: The Regents of the University of California. All rights reserved. Mar 19 20:24:02 m0n0wall kernel: FreeBSD is a registered trademark of The FreeBSD Foundation. Mar 19 20:24:02 m0n0wall kernel: FreeBSD 6.2-RC1 #0: Sat Dec 23 16:46:37 CET 2006 Mar 19 20:24:02 m0n0wall kernel: root@mb62.neon1.net:/usr/src/sys/i386/compile/M0N0WALL_NET45XX Mar 19 20:24:02 m0n0wall kernel: Timecounter "i8254" frequency 1189161 Hz quality 0 Mar 19 20:24:02 m0n0wall kernel: CPU: AMD Am5x86 Write-Back (486-class CPU) Mar 19 20:24:02 m0n0wall kernel: Origin = "AuthenticAMD" Id = 0x4f4 Stepping = 4 Mar 19 20:24:02 m0n0wall kernel: Features=0x1 Mar 19 20:24:02 m0n0wall kernel: real memory = 67108864 (64 MB) Mar 19 20:24:02 m0n0wall kernel: avail memory = 43708416 (41 MB) Mar 19 20:24:02 m0n0wall kernel: wlan: mac acl policy registered Mar 19 20:24:02 m0n0wall kernel: ath_hal: 0.9.17.2 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413) Mar 19 20:24:02 m0n0wall kernel: cpu0 on motherboard Mar 19 20:24:02 m0n0wall kernel: sysctl machdep.i8254_freq=1189161 returns 0 Mar 19 20:24:02 m0n0wall kernel: Timecounter "ELAN" frequency 8333333 Hz quality 1000 Mar 19 20:24:02 m0n0wall kernel: pcib0: pcibus 0 on motherboard Mar 19 20:24:02 m0n0wall kernel: pci0: on pcib0 Mar 19 20:24:02 m0n0wall kernel: wi0: mem 0xa0000000-0xa0000fff irq 10 at device 16.0 on pci0 Mar 19 20:24:02 m0n0wall kernel: wi0: using RF:PRISM2.5 MAC:ISL3874A(Mini-PCI) Mar 19 20:24:02 m0n0wall kernel: wi0: Intersil Firmware: Primary (1.0.5), Station (1.3.1) Mar 19 20:24:02 m0n0wall kernel: wi0: Ethernet address: 00:06:25:03:c4:46 Mar 19 20:24:02 m0n0wall kernel: sis0: port 0xe000-0xe0ff mem 0xa0001000-0xa0001fff irq 11 at device 18.0 on pci0 Mar 19 20:24:02 m0n0wall kernel: sis0: Silicon Revision: DP83815D Mar 19 20:24:02 m0n0wall kernel: miibus0: on sis0 Mar 19 20:24:02 m0n0wall kernel: ukphy0: on miibus0 Mar 19 20:24:02 m0n0wall kernel: ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Mar 19 20:24:02 m0n0wall kernel: sis0: Ethernet address: 00:00:24:c0:32:98 Mar 19 20:24:02 m0n0wall kernel: sis1: port 0xe100-0xe1ff mem 0xa0002000-0xa0002fff irq 5 at device 19.0 on pci0 Mar 19 20:24:02 m0n0wall kernel: sis1: Silicon Revision: DP83815D Mar 19 20:24:02 m0n0wall kernel: miibus1: on sis1 Mar 19 20:24:02 m0n0wall kernel: ukphy1: on miibus1 Mar 19 20:24:02 m0n0wall kernel: ukphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Mar 19 20:24:02 m0n0wall kernel: sis1: Ethernet address: 00:00:24:c0:32:99 Mar 19 20:24:02 m0n0wall kernel: sis2: port 0xe200-0xe2ff mem 0xa0003000-0xa0003fff irq 9 at device 20.0 on pci0 Mar 19 20:24:02 m0n0wall kernel: sis2: Silicon Revision: DP83815D Mar 19 20:24:02 m0n0wall kernel: miibus2: on sis2 Mar 19 20:24:02 m0n0wall kernel: ukphy2: on miibus2 Mar 19 20:24:02 m0n0wall kernel: ukphy2: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Mar 19 20:24:02 m0n0wall kernel: sis2: Ethernet address: 00:00:24:c0:32:9a Mar 19 20:24:02 m0n0wall kernel: isa0: on motherboard Mar 19 20:24:02 m0n0wall kernel: pmtimer0 on isa0 Mar 19 20:24:02 m0n0wall kernel: orm0: at iomem 0xc8000-0xd1fff on isa0 Mar 19 20:24:03 m0n0wall kernel: ata0 at port 0x1f0-0x1f7,0x3f6 irq 14 on isa0 Mar 19 20:24:03 m0n0wall kernel: ata1 at port 0x170-0x177,0x376 irq 15 on isa0 Mar 19 20:24:03 m0n0wall kernel: sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0 Mar 19 20:24:03 m0n0wall kernel: sio0: type 16550A, console Mar 19 20:24:03 m0n0wall kernel: sio1 at port 0x2f8-0x2ff irq 3 on isa0 Mar 19 20:24:03 m0n0wall kernel: sio1: type 16550A Mar 19 20:24:03 m0n0wall kernel: Timecounters tick every 1.000 msec Mar 19 20:24:03 m0n0wall kernel: Elan-mmcr driver: MMCR at 0xc5f15000. Mar 19 20:24:03 m0n0wall kernel: Elan-mmcr Soekris net4501 comBIOS ver. 1.00a 20020118 Copyright (C) 2000-2001 S Mar 19 20:24:03 m0n0wall kernel: Fast IPsec: Initialized Security Association Processing. Mar 19 20:24:03 m0n0wall kernel: IP Filter: v4.1.13 initialized. Default = block all, Logging = enabled Mar 19 20:24:03 m0n0wall kernel: md0: Preloaded image 13631488 bytes at 0xc0775830 Mar 19 20:24:03 m0n0wall kernel: ad0: 61MB at ata0-master PIO1 Mar 19 20:24:03 m0n0wall kernel: Trying to mount root from ufs:/dev/md0 Mar 19 20:24:03 m0n0wall kernel: sis0: Applying short cable fix (reg=e9) Mar 19 20:24:03 m0n0wall kernel: sis1: Applying short cable fix (reg=eb) Mar 19 20:24:03 m0n0wall dnsmasq[103]: started, version 2.35 cachesize 150 Mar 19 20:24:03 m0n0wall dnsmasq[103]: compile time options: no-IPv6 GNU-getopt ISC-leasefile no-DBus no-I18N Mar 19 20:24:03 m0n0wall dnsmasq[103]: no servers found in /etc/resolv.conf, will retry Mar 19 20:24:03 m0n0wall dnsmasq[103]: no servers found in /etc/resolv.conf, will retry Mar 19 20:24:03 m0n0wall dnsmasq[103]: read /etc/hosts - 2 addresses Mar 19 20:24:03 m0n0wall dhcpd: Internet Systems Consortium DHCP Server V3.0.5rc2 Mar 19 20:24:03 m0n0wall dhcpd: Copyright 2004-2006 Internet Systems Consortium. Mar 19 20:24:03 m0n0wall dhcpd: All rights reserved. Mar 19 20:24:03 m0n0wall dhcpd: For info, please visit http://www.isc.org/sw/dhcp/ Mar 19 20:24:05 m0n0wall dhclient: DHCPDISCOVER on sis1 to 255.255.255.255 port 67 interval 8 Mar 19 20:24:05 m0n0wall dhclient: DHCPOFFER from 10.122.0.1 Mar 19 20:24:05 m0n0wall dhclient: DHCPREQUEST on sis1 to 255.255.255.255 port 67 Mar 19 20:24:05 m0n0wall dhclient: DHCPACK from 10.122.0.1 Mar 19 20:24:05 m0n0wall kernel: sis1: Applying short cable fix (reg=e8) Mar 19 20:24:05 m0n0wall dhclient: New IP Address (sis1): 70.119.49.28 Mar 19 20:24:05 m0n0wall dhclient: New Subnet Mask (sis1): 255.255.248.0 Mar 19 20:24:05 m0n0wall dhclient: New Broadcast Address (sis1): 255.255.255.255 Mar 19 20:24:05 m0n0wall dhclient: New Routers (sis1): 70.119.48.1 Mar 19 20:24:18 m0n0wall dhclient: bound to 70.119.49.28 -- renewal in 19149 seconds. Mar 19 20:24:20 m0n0wall dnsmasq[103]: reading /etc/resolv.conf Mar 19 20:24:20 m0n0wall dnsmasq[103]: using nameserver 65.32.5.75#53 Mar 19 20:24:20 m0n0wall dnsmasq[103]: using nameserver 65.32.5.74#53 Mar 19 20:28:32 m0n0wall kernel: sis2: link state changed to DOWN last 50 filter log entries Mar 19 20:24:10 m0n0wall ipmon[91]: 20:24:09.627810 sis0 @0:15 b 192.168.1.101,2473 -> 15.200.32.67,443 PR tcp len 20 141 -AP IN Mar 19 20:24:10 m0n0wall ipmon[91]: 20:24:09.628283 sis0 @0:15 b 192.168.1.101,2463 -> 15.200.32.67,443 PR tcp len 20 141 -AP IN Mar 19 20:24:11 m0n0wall ipmon[91]: 20:24:10.705729 2x sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26650 PR tcp len 20 81 -AP IN Mar 19 20:24:11 m0n0wall ipmon[91]: 20:24:11.484556 sis0 @0:15 b 192.168.1.101,2439 -> 15.200.32.67,443 PR tcp len 20 237 -AP IN Mar 19 20:24:13 m0n0wall ipmon[91]: 20:24:12.929057 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26650 PR tcp len 20 81 -AP IN Mar 19 20:24:14 m0n0wall ipmon[91]: 20:24:14.277289 sis0 @0:15 b 192.168.1.101,2463 -> 15.200.32.67,443 PR tcp len 20 182 -AP IN Mar 19 20:24:16 m0n0wall ipmon[91]: 20:24:15.994619 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26650 PR tcp len 20 81 -AP IN Mar 19 20:24:16 m0n0wall ipmon[91]: 20:24:16.434196 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26682 PR tcp len 20 81 -AP IN Mar 19 20:24:17 m0n0wall ipmon[91]: 20:24:17.272410 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26682 PR tcp len 20 81 -AP IN Mar 19 20:24:20 m0n0wall ipmon[91]: 20:24:19.709393 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26682 PR tcp len 20 81 -AP IN Mar 19 20:24:20 m0n0wall ipmon[91]: 20:24:19.949573 sis0 @0:15 b 192.168.1.101,2439 -> 15.200.32.67,443 PR tcp len 20 237 -AP IN Mar 19 20:24:23 m0n0wall ipmon[91]: 20:24:23.175697 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26682 PR tcp len 20 81 -AP IN Mar 19 20:24:35 m0n0wall ipmon[91]: 20:24:35.262970 sis0 @0:15 b 192.168.1.101,2439 -> 15.200.32.67,443 PR tcp len 20 237 -AP IN Mar 19 20:24:40 m0n0wall ipmon[91]: 20:24:39.440006 2x sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26668 PR tcp len 20 81 -AP IN Mar 19 20:24:41 m0n0wall ipmon[91]: 20:24:40.316916 sis0 @0:15 b 192.168.1.101,2460 -> 15.200.32.67,443 PR tcp len 20 40 -AR IN Mar 19 20:24:41 m0n0wall ipmon[91]: 20:24:40.406771 sis0 @0:15 b 192.168.1.101,2462 -> 15.200.32.67,443 PR tcp len 20 40 -AR IN Mar 19 20:24:42 m0n0wall ipmon[91]: 20:24:41.803129 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26668 PR tcp len 20 81 -AP IN Mar 19 20:24:42 m0n0wall ipmon[91]: 20:24:41.855801 sis0 @0:15 b 192.168.1.101,2474 -> 15.200.32.67,443 PR tcp len 20 40 -AR IN Mar 19 20:24:43 m0n0wall ipmon[91]: 20:24:42.943007 sis0 @0:15 b 192.168.1.101,2463 -> 15.200.32.67,443 PR tcp len 20 81 -AP IN Mar 19 20:24:45 m0n0wall ipmon[91]: 20:24:44.848838 sis1 @0:15 b 15.200.32.67,443 -> 70.119.49.28,26668 PR tcp len 20 81 -AP IN Mar 19 20:25:10 m0n0wall ipmon[91]: 20:25:09.750614 sis0 @0:15 b 192.168.1.101,2442 -> 15.200.32.67,443 PR tcp len 20 40 -AR IN Mar 19 20:25:41 m0n0wall ipmon[91]: 20:25:40.569612 sis0 @0:15 b 192.168.1.101,2464 -> 15.200.32.67,443 PR tcp len 20 40 -AR IN Mar 19 20:26:10 m0n0wall ipmon[91]: 20:26:10.217775 sis1 @0:17 b 24.64.168.228,11811 -> 70.119.49.28,1026 PR udp len 20 512 IN Mar 19 20:26:10 m0n0wall ipmon[91]: 20:26:10.217965 sis1 @0:17 b 24.64.168.228,11811 -> 70.119.49.28,1028 PR udp len 20 512 IN Mar 19 20:26:10 m0n0wall ipmon[91]: 20:26:10.218127 sis1 @0:17 b 24.64.168.228,11811 -> 70.119.49.28,1027 PR udp len 20 512 IN Mar 19 20:26:46 m0n0wall ipmon[91]: 20:26:45.888590 5x sis1 @0:17 b 65.32.5.74,26187 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:28:24 m0n0wall ipmon[91]: 20:28:23.549866 5x sis1 @0:17 b 65.32.5.74,51574 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:28:59 m0n0wall ipmon[91]: 20:28:58.511196 5x sis1 @0:17 b 65.32.5.74,60463 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:29:38 m0n0wall ipmon[91]: 20:29:37.614126 sis1 @0:17 b 161.114.1.66 -> 70.119.49.28 PR udp len 20 (1500) (frag 14196:1480@1480+) IN Mar 19 20:29:44 m0n0wall ipmon[91]: 20:29:43.986342 sis0 @100:2 b 192.168.1.101 -> 161.114.1.66 PR udp len 20 (200) (frag 62903:180@1280) IN bad Mar 19 20:29:50 m0n0wall ipmon[91]: 20:29:50.096981 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,58422 PR udp len 20 88 IN Mar 19 20:29:51 m0n0wall ipmon[91]: 20:29:50.696764 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,58422 PR udp len 20 75 IN Mar 19 20:30:15 m0n0wall ipmon[91]: 20:30:14.598261 4x sis1 @0:17 b 65.32.5.74,17959 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:30:50 m0n0wall ipmon[91]: 20:30:50.426096 5x sis1 @0:17 b 65.32.5.74,27517 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:31:27 m0n0wall ipmon[91]: 20:31:27.129323 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,29645 PR udp len 20 77 IN Mar 19 20:32:04 m0n0wall ipmon[91]: 20:32:03.815657 5x sis1 @0:17 b 65.32.5.74,55386 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:32:41 m0n0wall ipmon[91]: 20:32:40.507371 5x sis1 @0:17 b 65.32.5.74,4782 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:33:17 m0n0wall ipmon[91]: 20:33:17.305952 5x sis1 @0:17 b 65.32.5.74,14498 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:33:54 m0n0wall ipmon[91]: 20:33:54.097402 5x sis1 @0:17 b 65.32.5.74,23756 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:34:31 m0n0wall ipmon[91]: 20:34:30.792686 5x sis1 @0:17 b 65.32.5.74,32931 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:35:08 m0n0wall ipmon[91]: 20:35:07.582313 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,34990 PR udp len 20 77 IN Mar 19 20:35:40 m0n0wall ipmon[91]: 20:35:39.976520 5x sis1 @0:17 b 65.32.5.74,50496 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:36:21 m0n0wall ipmon[91]: 20:36:21.069223 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,53805 PR udp len 20 77 IN Mar 19 20:36:58 m0n0wall ipmon[91]: 20:36:57.754724 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,63194 PR udp len 20 77 IN Mar 19 20:37:34 m0n0wall ipmon[91]: 20:37:34.445154 5x sis1 @0:17 b 65.32.5.74,17757 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:38:11 m0n0wall ipmon[91]: 20:38:11.148175 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,19598 PR udp len 20 77 IN Mar 19 20:38:46 m0n0wall ipmon[91]: 20:38:46.304231 5x sis1 @0:17 b 65.32.5.74,35332 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:39:23 m0n0wall ipmon[91]: 20:39:23.083005 5x sis1 @0:17 b 65.32.5.74,46853 -> 70.119.49.28,61377 PR udp len 20 77 IN Mar 19 20:40:00 m0n0wall ipmon[91]: 20:39:59.777511 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,49544 PR udp len 20 77 IN Mar 19 20:40:36 m0n0wall ipmon[91]: 20:40:36.486683 5x sis1 @0:17 b 65.32.5.74,53 -> 70.119.49.28,59910 PR udp len 20 77 IN ls /conf config.xml ls /var/run dhclient.pid dhcpd.pid dnsmasq.pid htpasswd ipmon.pid ld-elf.so.hints log logpriv mini_httpd.pid msntp.pid runmsntp.pid syslog.pid utmp config.xml 1.6 1174336005 m0n0wall local admin xxxxx Etc/UTC 300 pool.ntp.org http sis0 192.168.1.1 24 sis1 dhcp dyndns 192.168.1.100 192.168.1.199 public pass Default LAN -> any lan lan aggressive 3des sha1 2 pre_shared_key esp 3des blowfish cast128 rijndael hmac_sha1 hmac_md5 0