Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - cybersolutions

Pages: [1]
1
Hi,
Need help to find out what is the reason behind restart of cwp  services and web servers apache nginx daily at specific time .
here is the log file text.

june 14 logs @ 03:28:16

Jun 14 03:23:41 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=46.161.27.75 DST= LEN=40 TOS=0x08 PREC=0x20 TTL=243 ID=48959 PROTO=TCP SPT=53954 DPT=9913 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:23:46 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=128.14.133.58 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=57637 PROTO=TCP SPT=23620 DPT=999 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:23:59 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:24:01 host systemd: Started Session 40650 of user root.
Jun 14 03:24:22 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=45.136.109.251 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=15294 PROTO=TCP SPT=52495 DPT=9999 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:25:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:25:01 host systemd: Started Session 40651 of user root.
Jun 14 03:25:01 host systemd: Started Session 40652 of user root.
Jun 14 03:25:27 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=82.221.105.6 DST= LEN=44 TOS=0x10 PREC=0x00 TTL=114 ID=23619 PROTO=TCP SPT=23320 DPT=8139 WINDOW=14180 RES=0x00 SYN URGP=0
Jun 14 03:26:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:26:01 host systemd: Started Session 40653 of user root.
Jun 14 03:27:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:27:01 host systemd: Started Session 40654 of user root.
Jun 14 03:27:06 host monit: Cannot create socket to [localhost]:25 -- Connection refused
Jun 14 03:27:06 host monit: Cannot open a connection to the mailserver localhost:25 -- Operation now in progress
Jun 14 03:27:06 host monit: Mail: Delivery failed -- no mail server is available
Jun 14 03:27:06 host monit: Alert handler failed, retry scheduled for next cycle
Jun 14 03:27:06 host monit: 'public' total upload 77.9 GB matches limit [upload rate > 1 GB in last 1 hour]
Jun 14 03:27:06 host pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
Jun 14 03:27:06 host pure-ftpd: (?@127.0.0.1) [INFO] Logout.
Jun 14 03:28:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:28:01 host systemd: Started Session 40655 of user root.
Jun 14 03:28:16 host systemd: Stopping CentOS Web Panel service (daemon)...
Jun 14 03:28:16 host systemd: Stopped CentOS Web Panel service (daemon).
Jun 14 03:28:16 host systemd: Starting CentOS Web Panel service (daemon)...
Jun 14 03:28:16 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 14 03:28:16 host cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jun 14 03:28:16 host cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jun 14 03:28:16 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 14 03:28:16 host systemd: Started CentOS Web Panel service (daemon).
Jun 14 03:28:16 host systemd: Stopping Web server Apache...
Jun 14 03:28:16 host systemd: Stopped Web server Apache.
Jun 14 03:28:16 host systemd: Starting Web server Apache...
Jun 14 03:28:16 host systemd: Started Web server Apache.
Jun 14 03:28:17 host systemd: Reloading Web server Apache.
Jun 14 03:28:17 host systemd: Reloaded Web server Apache.
Jun 14 03:28:17 host systemd: Reloading.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 14 03:28:17 host systemd: Reloading nginx - high performance web server.
Jun 14 03:28:17 host systemd: Reloaded nginx - high performance web server.
Jun 14 03:28:17 host systemd: Reloading.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 14 03:28:18 host systemd: Reloading Web server Apache.
Jun 14 03:28:18 host systemd: Reloaded Web server Apache.
Jun 14 03:28:28 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=210.73.214.132 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=45021 PROTO=TCP SPT=45032 DPT=31895 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:28:55 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=193.27.228.131 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=3596 PROTO=TCP SPT=42584 DPT=54774 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:29:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:29:01 host systemd: Started Session 40656 of user root.
Jun 14 03:30:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:30:01 host systemd: Started Session 40657 of user root.
Jun 14 03:30:01 host systemd: Started Session 40658 of user root.
Jun 14 03:30:01 host systemd: Started Session 40659 of user root.
Jun 14 03:30:01 host systemd: Started Session 40660 of user root.
Jun 14 03:30:01 host systemd: Started Session 40661 of user root.
Jun 14 03:30:01 host systemd: Started Session 40662 of user root.
Jun 14 03:30:05 host journal: unable to create file '/run/user/0/dconf/user': Permission denied. dconf will not work properly.
Jun 14 03:30:30 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=89.248.167.141 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=27965 PROTO=TCP SPT=8080 DPT=9703 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:30:51 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=183.136.225.44 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=6053 PROTO=TCP SPT=17366 DPT=1883 WINDOW=29200 RES=0x00 SYN URGP=0
Jun 14 03:30:58 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=193.27.228.131 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=56262 PROTO=TCP SPT=42584 DPT=54252 WINDOW=1024 RES=0x00 SYN URGP=0


june 14 logs @  03:33:21
Jun 15 03:30:44 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=194.26.29.52 DST= LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=41100 PROTO=TCP SPT=47069 DPT=3159 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:30:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:30:57 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.103 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=29404 PROTO=TCP SPT=48580 DPT=56595 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:01 host systemd: Started Session 41732 of user root.
Jun 15 03:31:05 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.102 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=53272 PROTO=TCP SPT=48521 DPT=55310 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:12 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.102 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=5532 PROTO=TCP SPT=48521 DPT=55412 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:14 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=114.80.178.221 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 15 03:31:27 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.104 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=57780 PROTO=TCP SPT=48614 DPT=57613 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:30 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=222.186.61.115 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=54321 PROTO=TCP SPT=49260 DPT=1189 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 15 03:31:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:32:01 host systemd: Started Session 41733 of user root.
Jun 15 03:32:01 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=192.35.169.26 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=37 ID=33796 PROTO=TCP SPT=56329 DPT=623 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:32:03 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.104 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=48530 PROTO=TCP SPT=48614 DPT=57990 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:32:14 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=185.176.27.2 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=47422 PROTO=TCP SPT=8080 DPT=29266 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:32:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:32:55 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=185.40.4.116 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=58401 DF PROTO=TCP SPT=12 DPT=95 WINDOW=512 RES=0x00 SYN URGP=0
Jun 15 03:33:01 host systemd: Started Session 41734 of user root.
Jun 15 03:33:12 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=51.15.111.62 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=58401 PROTO=TCP SPT=52002 DPT=25565 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:21 host systemd: Stopping CentOS Web Panel service (daemon)...
Jun 15 03:33:21 host systemd: Stopped CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Starting CentOS Web Panel service (daemon)...
Jun 15 03:33:21 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:21 host cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jun 15 03:33:21 host cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jun 15 03:33:21 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:21 host systemd: Started CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Stopping The PHP FastCGI Process Manager...
Jun 15 03:33:21 host systemd: Stopped The PHP FastCGI Process Manager.
Jun 15 03:33:21 host systemd: Started The PHP FastCGI Process Manager.
Jun 15 03:33:21 host php-fpm: [15-Jun-2020 03:33:21] WARNING: Nothing matches the include pattern '/usr/local/cwp/php71/etc/php-fpm.d/users/*.conf' from /usr/local/cwp/php71/etc/php-fpm.d/users.conf at line 1.
Jun 15 03:33:21 host systemd: Reloading CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Reloaded CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Reloading The PHP FastCGI Process Manager.
Jun 15 03:33:21 host systemd: PID file /usr/local/cwp/php71/var/run/cwp-php-fpm.pid not readable (yet?) after reload.
Jun 15 03:33:21 host systemd: Reloaded The PHP FastCGI Process Manager.
Jun 15 03:33:26 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.103 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=64771 PROTO=TCP SPT=48580 DPT=56308 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:37 host systemd: Stopping CentOS Web Panel service (daemon)...
Jun 15 03:33:37 host systemd: Stopped CentOS Web Panel service (daemon).
Jun 15 03:33:37 host systemd: Starting CentOS Web Panel service (daemon)...
Jun 15 03:33:37 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:37 host cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jun 15 03:33:37 host cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jun 15 03:33:37 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:37 host systemd: Started CentOS Web Panel service (daemon).
Jun 15 03:33:37 host systemd: Stopping Web server Apache...
Jun 15 03:33:37 host systemd: Stopped Web server Apache.
Jun 15 03:33:37 host systemd: Starting Web server Apache...
Jun 15 03:33:37 host systemd: Started Web server Apache.
Jun 15 03:33:37 host systemd: Reloading Web server Apache.
Jun 15 03:33:38 host systemd: Reloaded Web server Apache.
Jun 15 03:33:38 host systemd: Reloading.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 15 03:33:38 host systemd: Reloading nginx - high performance web server.
Jun 15 03:33:38 host systemd: Reloaded nginx - high performance web server.
Jun 15 03:33:38 host systemd: Reloading.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 15 03:33:38 host systemd: Reloading Web server Apache.
Jun 15 03:33:38 host systemd: Reloaded Web server Apache.
Jun 15 03:33:40 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.104 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=27378 PROTO=TCP SPT=48614 DPT=57267 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:46 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=194.26.29.52 DST= LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=64023 PROTO=TCP SPT=47069 DPT=3110 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:34:01 host systemd: Started Session 41735 of user root.
Jun 15 03:34:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:34:54 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=183.136.225.44 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=64879 PROTO=TCP SPT=13716 DPT=4880 WINDOW=29200 RES=0x00 SYN URGP=0
Jun 15 03:35:01 host systemd: Started Session 41736 of user root.
Jun 15 03:35:01 host systemd: Started Session 41737 of user root.
Jun 15 03:35:02 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=101.89.123.47 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=231 ID=44812 PROTO=TCP SPT=57786 DPT=31070 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:35:27 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.103 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=9481 PROTO=TCP SPT=48580 DPT=56840 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:35:43 host monit: Cannot create socket to [localhost]:25 -- Connection refused
Jun 15 03:35:43 host monit: Cannot open a connection to the mailserver localhost:25 -- Operation now in progress
Jun 15 03:35:43 host monit: Mail: Delivery failed -- no mail server is available
Jun 15 03:35:43 host monit: Alert handler failed, retry scheduled for next cycle

2
Hi,
Need help to find out what is the reason behind restart of cwp  services and web servers apache nginx daily at specific time .
here is the log file text.

june 14 logs @ 03:28:16

Jun 14 03:23:41 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=46.161.27.75 DST= LEN=40 TOS=0x08 PREC=0x20 TTL=243 ID=48959 PROTO=TCP SPT=53954 DPT=9913 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:23:46 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=128.14.133.58 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=57637 PROTO=TCP SPT=23620 DPT=999 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:23:59 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:24:01 host systemd: Started Session 40650 of user root.
Jun 14 03:24:22 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=45.136.109.251 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=15294 PROTO=TCP SPT=52495 DPT=9999 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:25:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:25:01 host systemd: Started Session 40651 of user root.
Jun 14 03:25:01 host systemd: Started Session 40652 of user root.
Jun 14 03:25:27 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=82.221.105.6 DST= LEN=44 TOS=0x10 PREC=0x00 TTL=114 ID=23619 PROTO=TCP SPT=23320 DPT=8139 WINDOW=14180 RES=0x00 SYN URGP=0
Jun 14 03:26:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:26:01 host systemd: Started Session 40653 of user root.
Jun 14 03:27:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:27:01 host systemd: Started Session 40654 of user root.
Jun 14 03:27:06 host monit: Cannot create socket to [localhost]:25 -- Connection refused
Jun 14 03:27:06 host monit: Cannot open a connection to the mailserver localhost:25 -- Operation now in progress
Jun 14 03:27:06 host monit: Mail: Delivery failed -- no mail server is available
Jun 14 03:27:06 host monit: Alert handler failed, retry scheduled for next cycle
Jun 14 03:27:06 host monit: 'public' total upload 77.9 GB matches limit [upload rate > 1 GB in last 1 hour]
Jun 14 03:27:06 host pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
Jun 14 03:27:06 host pure-ftpd: (?@127.0.0.1) [INFO] Logout.
Jun 14 03:28:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:28:01 host systemd: Started Session 40655 of user root.
Jun 14 03:28:16 host systemd: Stopping CentOS Web Panel service (daemon)...
Jun 14 03:28:16 host systemd: Stopped CentOS Web Panel service (daemon).
Jun 14 03:28:16 host systemd: Starting CentOS Web Panel service (daemon)...
Jun 14 03:28:16 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 14 03:28:16 host cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jun 14 03:28:16 host cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jun 14 03:28:16 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 14 03:28:16 host systemd: Started CentOS Web Panel service (daemon).
Jun 14 03:28:16 host systemd: Stopping Web server Apache...
Jun 14 03:28:16 host systemd: Stopped Web server Apache.
Jun 14 03:28:16 host systemd: Starting Web server Apache...
Jun 14 03:28:16 host systemd: Started Web server Apache.
Jun 14 03:28:17 host systemd: Reloading Web server Apache.
Jun 14 03:28:17 host systemd: Reloaded Web server Apache.
Jun 14 03:28:17 host systemd: Reloading.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 14 03:28:17 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 14 03:28:17 host systemd: Reloading nginx - high performance web server.
Jun 14 03:28:17 host systemd: Reloaded nginx - high performance web server.
Jun 14 03:28:17 host systemd: Reloading.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:17 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 14 03:28:18 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 14 03:28:18 host systemd: Reloading Web server Apache.
Jun 14 03:28:18 host systemd: Reloaded Web server Apache.
Jun 14 03:28:28 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=210.73.214.132 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=45021 PROTO=TCP SPT=45032 DPT=31895 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:28:55 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=193.27.228.131 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=3596 PROTO=TCP SPT=42584 DPT=54774 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:29:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:29:01 host systemd: Started Session 40656 of user root.
Jun 14 03:30:00 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 14 03:30:01 host systemd: Started Session 40657 of user root.
Jun 14 03:30:01 host systemd: Started Session 40658 of user root.
Jun 14 03:30:01 host systemd: Started Session 40659 of user root.
Jun 14 03:30:01 host systemd: Started Session 40660 of user root.
Jun 14 03:30:01 host systemd: Started Session 40661 of user root.
Jun 14 03:30:01 host systemd: Started Session 40662 of user root.
Jun 14 03:30:05 host journal: unable to create file '/run/user/0/dconf/user': Permission denied. dconf will not work properly.
Jun 14 03:30:30 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=89.248.167.141 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=27965 PROTO=TCP SPT=8080 DPT=9703 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 14 03:30:51 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=183.136.225.44 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=6053 PROTO=TCP SPT=17366 DPT=1883 WINDOW=29200 RES=0x00 SYN URGP=0
Jun 14 03:30:58 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=193.27.228.131 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=56262 PROTO=TCP SPT=42584 DPT=54252 WINDOW=1024 RES=0x00 SYN URGP=0


june 14 logs @  03:33:21
Jun 15 03:30:44 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=194.26.29.52 DST= LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=41100 PROTO=TCP SPT=47069 DPT=3159 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:30:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:30:57 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.103 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=29404 PROTO=TCP SPT=48580 DPT=56595 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:01 host systemd: Started Session 41732 of user root.
Jun 15 03:31:05 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.102 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=53272 PROTO=TCP SPT=48521 DPT=55310 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:12 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.102 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=5532 PROTO=TCP SPT=48521 DPT=55412 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:14 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=114.80.178.221 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 15 03:31:27 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.104 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=57780 PROTO=TCP SPT=48614 DPT=57613 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:31:30 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=222.186.61.115 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=54321 PROTO=TCP SPT=49260 DPT=1189 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 15 03:31:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:32:01 host systemd: Started Session 41733 of user root.
Jun 15 03:32:01 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=192.35.169.26 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=37 ID=33796 PROTO=TCP SPT=56329 DPT=623 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:32:03 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.104 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=48530 PROTO=TCP SPT=48614 DPT=57990 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:32:14 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=185.176.27.2 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=47422 PROTO=TCP SPT=8080 DPT=29266 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:32:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:32:55 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=185.40.4.116 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=58401 DF PROTO=TCP SPT=12 DPT=95 WINDOW=512 RES=0x00 SYN URGP=0
Jun 15 03:33:01 host systemd: Started Session 41734 of user root.
Jun 15 03:33:12 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=51.15.111.62 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=58401 PROTO=TCP SPT=52002 DPT=25565 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:21 host systemd: Stopping CentOS Web Panel service (daemon)...
Jun 15 03:33:21 host systemd: Stopped CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Starting CentOS Web Panel service (daemon)...
Jun 15 03:33:21 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:21 host cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jun 15 03:33:21 host cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jun 15 03:33:21 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:21 host systemd: Started CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Stopping The PHP FastCGI Process Manager...
Jun 15 03:33:21 host systemd: Stopped The PHP FastCGI Process Manager.
Jun 15 03:33:21 host systemd: Started The PHP FastCGI Process Manager.
Jun 15 03:33:21 host php-fpm: [15-Jun-2020 03:33:21] WARNING: Nothing matches the include pattern '/usr/local/cwp/php71/etc/php-fpm.d/users/*.conf' from /usr/local/cwp/php71/etc/php-fpm.d/users.conf at line 1.
Jun 15 03:33:21 host systemd: Reloading CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Reloaded CentOS Web Panel service (daemon).
Jun 15 03:33:21 host systemd: Reloading The PHP FastCGI Process Manager.
Jun 15 03:33:21 host systemd: PID file /usr/local/cwp/php71/var/run/cwp-php-fpm.pid not readable (yet?) after reload.
Jun 15 03:33:21 host systemd: Reloaded The PHP FastCGI Process Manager.
Jun 15 03:33:26 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.103 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=64771 PROTO=TCP SPT=48580 DPT=56308 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:37 host systemd: Stopping CentOS Web Panel service (daemon)...
Jun 15 03:33:37 host systemd: Stopped CentOS Web Panel service (daemon).
Jun 15 03:33:37 host systemd: Starting CentOS Web Panel service (daemon)...
Jun 15 03:33:37 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:37 host cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jun 15 03:33:37 host cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jun 15 03:33:37 host cwpsrv: cwpsrv: [warn] he "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /usr/local/cwpsrv/conf.d/api.conf:8
Jun 15 03:33:37 host systemd: Started CentOS Web Panel service (daemon).
Jun 15 03:33:37 host systemd: Stopping Web server Apache...
Jun 15 03:33:37 host systemd: Stopped Web server Apache.
Jun 15 03:33:37 host systemd: Starting Web server Apache...
Jun 15 03:33:37 host systemd: Started Web server Apache.
Jun 15 03:33:37 host systemd: Reloading Web server Apache.
Jun 15 03:33:38 host systemd: Reloaded Web server Apache.
Jun 15 03:33:38 host systemd: Reloading.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 15 03:33:38 host systemd: Reloading nginx - high performance web server.
Jun 15 03:33:38 host systemd: Reloaded nginx - high performance web server.
Jun 15 03:33:38 host systemd: Reloading.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:11] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:13] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:15] Unknown lvalue 'ProtectKernelModules' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:18] Unknown lvalue 'RestrictRealtime' in section 'Service'
Jun 15 03:33:38 host systemd: [/usr/lib/systemd/system/bolt.service:19] Unknown lvalue 'ReadWritePaths' in section 'Service'
Jun 15 03:33:38 host systemd: Reloading Web server Apache.
Jun 15 03:33:38 host systemd: Reloaded Web server Apache.
Jun 15 03:33:40 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.104 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=27378 PROTO=TCP SPT=48614 DPT=57267 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:46 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=194.26.29.52 DST= LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=64023 PROTO=TCP SPT=47069 DPT=3110 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:33:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:34:01 host systemd: Started Session 41735 of user root.
Jun 15 03:34:48 host ksmtuned: /usr/sbin/ksmtuned: line 61: /sys/kernel/mm/ksm/run: No such file or directory
Jun 15 03:34:54 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=183.136.225.44 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=109 ID=64879 PROTO=TCP SPT=13716 DPT=4880 WINDOW=29200 RES=0x00 SYN URGP=0
Jun 15 03:35:01 host systemd: Started Session 41736 of user root.
Jun 15 03:35:01 host systemd: Started Session 41737 of user root.
Jun 15 03:35:02 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=101.89.123.47 DST= LEN=44 TOS=0x00 PREC=0x00 TTL=231 ID=44812 PROTO=TCP SPT=57786 DPT=31070 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:35:27 host kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=213.217.1.103 DST= LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=9481 PROTO=TCP SPT=48580 DPT=56840 WINDOW=1024 RES=0x00 SYN URGP=0
Jun 15 03:35:43 host monit: Cannot create socket to [localhost]:25 -- Connection refused
Jun 15 03:35:43 host monit: Cannot open a connection to the mailserver localhost:25 -- Operation now in progress
Jun 15 03:35:43 host monit: Mail: Delivery failed -- no mail server is available
Jun 15 03:35:43 host monit: Alert handler failed, retry scheduled for next cycle

Pages: [1]