Jump to content

Help TCP Problem


Recommended Posts

Checking the log of my firewall realized that the MTA was trying to connect to IP: 91.121.44.90 several times . In a matter of 24 hours in my file there are more than 70,000 lines of flood TCP.

The MTA needs the IP 91.121.44.90 to what end ?

What I need to release ? If I release it will consume a lot of internet as it is repeating a lot.

Host of this IP 91.121.44.90: voila.multitheftauto.com

  
Jan  9 01:50:05 my_vps kernel: [144351.983405] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39663 DF PROTO=TCP SPT=42295 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:06 my_vps kernel: [144352.980066] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39664 DF PROTO=TCP SPT=42295 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:08 my_vps kernel: [144354.284374] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=50934 DF PROTO=TCP SPT=42296 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:11 my_vps kernel: [144357.288073] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=50936 DF PROTO=TCP SPT=42296 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:12 my_vps kernel: [144358.992062] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39666 DF PROTO=TCP SPT=42295 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:14 my_vps kernel: [144360.480042] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7460 DF PROTO=TCP SPT=42297 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:16 my_vps kernel: [144362.484035] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7461 DF PROTO=TCP SPT=42297 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:20 my_vps kernel: [144366.496062] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7462 DF PROTO=TCP SPT=42297 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:20 my_vps kernel: [144367.008090] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39667 DF PROTO=TCP SPT=42295 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:23 my_vps kernel: [144369.312044] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=50938 DF PROTO=TCP SPT=42296 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:25 my_vps kernel: [144371.995501] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=32622 DF PROTO=TCP SPT=42298 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:26 my_vps kernel: [144372.992034] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=32623 DF PROTO=TCP SPT=42298 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:28 my_vps kernel: [144374.295473] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=59991 DF PROTO=TCP SPT=42299 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:31 my_vps kernel: [144377.296063] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=59993 DF PROTO=TCP SPT=42299 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:32 my_vps kernel: [144379.008066] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=32625 DF PROTO=TCP SPT=42298 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:34 my_vps kernel: [144380.488035] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=29551 DF PROTO=TCP SPT=42300 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:36 my_vps kernel: [144382.492034] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=29552 DF PROTO=TCP SPT=42300 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:40 my_vps kernel: [144386.496030] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=29553 DF PROTO=TCP SPT=42300 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:40 my_vps kernel: [144387.024058] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=32626 DF PROTO=TCP SPT=42298 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:43 my_vps kernel: [144389.312062] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=59995 DF PROTO=TCP SPT=42299 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:48 my_vps kernel: [144394.512102] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=29554 DF PROTO=TCP SPT=42300 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:53 my_vps kernel: [144399.503895] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=13475 DF PROTO=TCP SPT=42301 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:54 my_vps kernel: [144400.500062] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=13476 DF PROTO=TCP SPT=42301 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:50:56 my_vps kernel: [144402.504057] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=13477 DF PROTO=TCP SPT=42301 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:51:00 my_vps kernel: [144406.512035] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=13478 DF PROTO=TCP SPT=42301 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
Jan  9 01:51:08 my_vps kernel: [144414.528062] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=MY_IP DST=91.121.44.90 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=13479 DF PROTO=TCP SPT=42301 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 UID=0 GID=0  
  

Link to comment

The MTA Server connects to the master server to create a server list entry and since your firewall blocked all requests, it is permanently retrying.

If you want to disable master server announce, set the option in your mtaserver.conf to 0.

Link to comment
  • 3 weeks later...
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...