이거 혹시 해킹당한것인가요?
이거 혹시 해킹당한것인가요?
환경
-------
centos7 minimal기본설치 + gnome Desktop설치
/var/log/messages 파일
-------------------------------------------
Oct 16 04:21:22 localhost firewalld[12823]: WARNING: ICMP type 'beyond-scope' is not supported by the kernel for ipv6.
Oct 16 04:21:22 localhost firewalld[12823]: WARNING: beyond-scope: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
Oct 16 04:21:22 localhost firewalld[12823]: WARNING: ICMP type 'failed-policy' is not supported by the kernel for ipv6.
Oct 16 04:21:22 localhost firewalld[12823]: WARNING: failed-policy: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
Oct 16 04:21:22 localhost firewalld[12823]: WARNING: ICMP type 'reject-route' is not supported by the kernel for ipv6.
Oct 16 04:21:22 localhost firewalld[12823]: WARNING: reject-route: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
아래부터가 이상하네요...
iptables 명령어를 저는 실행시키지 않았는데요... 제 공유기(192.168.122.0)에 iptables명령을 하는거 같은데요???
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table mangle --delete POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSUM --checksum-fill' failed: iptables: No chain/target/match by that name.
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.122.0/24 --destination 224.0.0.0/24 --jump RETURN' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.122.0/24 --destination 255.255.255.255/32 --jump RETURN' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.122.0/24 -p tcp ! --destination 192.168.122.0/24 --jump MASQUERADE --to-ports 1024-65535' failed: iptables: No chain/target/match by that name.
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.122.0/24 -p udp ! --destination 192.168.122.0/24 --jump MASQUERADE --to-ports 1024-65535' failed: iptables: No chain/target/match by that name.
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.122.0/24 ! --destination 192.168.122.0/24 --jump MASQUERADE' failed: iptables: No chain/target/match by that name.
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD --destination 192.168.122.0/24 --out-interface virbr0 --match conntrack --ctstate ESTABLISHED,RELATED --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD --source 192.168.122.0/24 --in-interface virbr0 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD --in-interface virbr0 --out-interface virbr0 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD --out-interface virbr0 --jump REJECT' failed: iptables: No chain/target/match by that name.
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD --in-interface virbr0 --jump REJECT' failed: iptables: No chain/target/match by that name.
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 53 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --protocol tcp --destination-port 53 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete OUTPUT --out-interface virbr0 --protocol udp --destination-port 68 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 67 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:23 localhost firewalld[12823]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Oct 16 04:21:26 localhost systemd: Reloading.
Oct 16 04:21:29 localhost systemd: Reloading.
Oct 16 04:21:29 localhost systemd: Reloading.
Oct 16 04:21:29 localhost systemd: Stopping LVM2 metadata daemon...
Oct 16 04:21:29 localhost lvmetad[538]: Failed to accept connection errno 11.
Oct 16 04:21:29 localhost systemd: Started LVM2 metadata daemon.
Oct 16 04:21:29 localhost systemd: Starting LVM2 metadata daemon...
Oct 16 04:21:29 localhost systemd: Reloading.
Oct 16 04:21:30 localhost systemd: Reloading.
Oct 16 04:21:30 localhost systemd: Stopping Install ABRT coredump hook...
댓글 6개
우선 iptables에 어떤 규칙이 설정되어 있는지 먼저 확인하시기 바랍니다.
그리고 root 권한이 없으면 iptables를 실행 시키지 못합니다.
해킹이 의심되면 접속로그도 확인 해 보세요.
감사합니다
조만간 수정될 것입니다.
https://github.com/firewalld/firewalld/issues/251