Bug 61202

Summary: Logwatch logs appear to have emerged themselves with other logfiles. They are semi-unreadable
Product: [Retired] Red Hat Linux Reporter: Alberto Castro <btcal>
Component: logwatchAssignee: Elliot Lee <sopwith>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 7.2   
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
URL: http://home.earthlink.net/~btcal/netfilter.html
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-03-15 12:06:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Message from logwatch none

Description Alberto Castro 2002-03-15 11:59:59 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901

Description of problem:
I recently switched from ipchains to iptables. I've trying to fix this  for days
and days. Everyday around 2am Logwatch send a message to my user account with
irregularities that it can find. For some odd reason the boot.log and the
netfilter log appear to have emerge themselves as one. I used to received the
netfilter log in clean and understandable manner [ please take a look ->
http://home.earthlink.net/~btcal/shouldbe.html ]
But now with ip_tables the the log sent by logwatch is all mangled. 


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.receive mail from logwatch
2.
3.
	

Actual Results:  ################## LogWatch 2.1.1 Begin #####################


 --------------------- Cron Begin ------------------------
Commands Run:


 ---------------------- Cron End -------------------------

 ---------------------- Kernel Begin -------------------------

4 Time(s):     ide0: BM-DMA at 0xd000-0xd007, BIOS settings: hda:DMA, hdb:pio
4 Time(s):     ide1: BM-DMA at 0xd008-0xd00f, BIOS settings: hdc:DMA, hdd:DMA
4 Time(s):   (C) Copyright 1999 Red Hat Software
4 Time(s):   Type:   CD-ROM                             ANSI SCSI revision: 02
4 Time(s):   Vendor: HP        Model: CD-Writer+ 8200   Rev: 1.0f
4 Time(s):  BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
4 Time(s):  BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
4 Time(s):  BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
4 Time(s):  BIOS-e820: 0000000000100000 - 0000000007ff0000 (usable)
4 Time(s):  BIOS-e820: 0000000007ff0000 - 0000000007ff3000 (ACPI NVS)
4 Time(s):  BIOS-e820: 0000000007ff3000 - 0000000008000000 (ACPI data)
4 Time(s):  BIOS-e820: 00000000ffff0000 - 0000000100000000 (reserved)
4 Time(s):  hda: hda1 hda2 hda3 hda4 < hda5 hda6 >
1 Time(s): ..... CPU clock speed is 801.8085 MHz.
1 Time(s): ..... CPU clock speed is 801.8181 MHz.
1 Time(s): ..... CPU clock speed is 801.8270 MHz.
1 Time(s): ..... CPU clock speed is 801.8611 MHz.
1 Time(s): ..... host bus clock speed is 133.6345 MHz.
1 Time(s): ..... host bus clock speed is 133.6361 MHz.
1 Time(s): ..... host bus clock speed is 133.6377 MHz.
1 Time(s): ..... host bus clock speed is 133.6433 MHz.
4 Time(s): 8139too Fast Ethernet driver 0.9.24
4 Time(s): Activating ISA DMA hang workarounds.
4 Time(s): Adding Swap: 264560k swap-space (priority -1)
2 Time(s): Attached scsi CD-ROM sr0 at scsi0, channel 0, id 0, lun 0
4 Time(s): BIOS-provided physical RAM map:
4 Time(s): Based upon Swansea University Computer Society NET3.039
4 Time(s): Buffer-cache hash table entries: 4096 (order: 2, 16384 bytes)
1 Time(s): CPU0<T0:1336336,T1:668160,D:4,S:668172,C:1336345>
1 Time(s): CPU0<T0:1336352,T1:668160,D:12,S:668180,C:1336361>
1 Time(s): CPU0<T0:1336368,T1:668176,D:4,S:668188,C:1336377>
1 Time(s): CPU0<T0:1336432,T1:668208,D:8,S:668216,C:1336433>
4 Time(s): CPU: Intel Pentium III (Coppermine) stepping 06
4 Time(s): CPU: L1 I cache: 16K, L1 D cache: 16K
4 Time(s): CPU: L2 cache: 256K
4 Time(s): CSLIP: code copyright 1989 Regents of the University of California
4 Time(s): Calibrating delay loop... 1599.07 BogoMIPS
4 Time(s): Checking 'hlt' instruction... OK.
4 Time(s): Console: colour VGA+ 80x28
4 Time(s): Creative EMU10K1 PCI Audio Driver, version 0.18, 07:14:09 Feb 28 2002
4 Time(s): Dentry-cache hash table entries: 16384 (order: 5, 131072 bytes)
1 Time(s): Detected 801.828 MHz processor.1 Time(s): Detected 801.829 MHz processor.
1 Time(s): Detected 801.833 MHz processor.
1 Time(s): Detected 801.840 MHz processor.
4 Time(s): ESR value after enabling vector: 00000000
4 Time(s): ESR value before enabling vector: 00000000
4 Time(s): EXT3 FS 2.4-0.9.17, 10 Jan 2002 on ide0(3,2), internal journal
4 Time(s): EXT3 FS 2.4-0.9.17, 10 Jan 2002 on ide0(3,3), internal journal
4 Time(s): EXT3 FS 2.4-0.9.17, 10 Jan 2002 on ide0(3,5), internal journal
12 Time(s): EXT3-fs: mounted filesystem with ordered data mode.
4 Time(s): Enabling fast FPU save and restore... done.
4 Time(s): Enabling unmasked SIMD FPU exception support... done.
4 Time(s): FDC 0 is a post-1991 82077
4 Time(s): Floppy drive(s): fd0 is 1.44M
4 Time(s): Found and enabled local APIC!
4 Time(s): Freeing unused kernel memory: 216k freed
4 Time(s): HDLC line discipline: version $Revision: 3.3 $, maxframe=4096
4 Time(s): I2O configuration manager v 0.04.
4 Time(s): IP Protocols: ICMP, UDP, TCP, IGMP
4 Time(s): IP: routing cache hash table of 512 buckets, 4Kbytes
4 Time(s): Initializing CPU#0
4 Time(s): Initializing RT netlink socket
4 Time(s): Inode-cache hash table entries: 8192 (order: 4, 65536 bytes)
4 Time(s): Inspecting /boot/System.map-2.4.18
4 Time(s): Intel machine check architecture supported.
4 Time(s): Intel machine check reporting enabled on CPU#0.
4 Time(s): Journalled Block Device driver loaded
4 Time(s): Kernel command line: ro root=/dev/hda3 hdd=ide-scsi vga=3D791
4 Time(s): Kernel log daemon terminating.
4 Time(s): Kernel logging (proc) stopped.
4 Time(s): Linux NET4.0 for Linux 2.4
3 Time(s): Linux agpgart interface v0.99 (c) Jeff Hartmann
4 Time(s): Linux version 2.4.18 (root@habitat) (gcc version 2.96 20000731 (Red
Hat Linux 7.1 2.96-98)) #1 Thu Feb 28 07:00:32 CST 2002
4 Time(s): Linux video capture interface: v1.00
4 Time(s): Loaded 15051 symbols from /boot/System.map-2.4.18.
4 Time(s): Loaded 478 symbols from 15 modules.
4 Time(s): Loading I2O Core - (c) Copyright 1999 Red Hat Software
4 Time(s): Local APIC disabled by BIOS -- reenabling.
4 Time(s): Memory: 126844k/131008k available (1019k kernel code, 3776k reserved,
257k data, 216k init, 0k highmem)
4 Time(s): Mount-cache hash table entries: 2048 (order: 2, 16384 bytes)
4 Time(s): NET4: Linux TCP/IP 1.0 for NET4.0
4 Time(s): NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
4 Time(s): N_HDLC line discipline registered.
4 Time(s): On node 0 totalpages: 32752
4 Time(s): PCI: Found IRQ 10 for device 00:07.2
4 Time(s): PCI: Found IRQ 10 for device 00:0c.0
4 Time(s): PCI: Found IRQ 5 for device 00:0b.0
4 Time(s): PCI: PCI BIOS revision 2.10 entry at 0xfb360, last bus=1
4 Time(s): PCI: Probing PCI hardware
4 Time(s): PCI: Sharing IRQ 10 with 00:07.2
4 Time(s): PCI: Sharing IRQ 10 with 00:0c.0
4 Time(s): PCI: Using IRQ router VIA [1106/0596] at 00:07.0
4 Time(s): PCI: Using configuration type 1
4 Time(s): POSIX conformance testing by UNIFIX
4 Time(s): PPP generic driver version 2.4.1
4 Time(s): Page-cache hash table entries: 32768 (order: 5, 131072 bytes)
4 Time(s): Partition check:
4 Time(s): Real Time Clock Driver v1.10e
4 Time(s): SCSI subsystem driver Revision: 1.004 Time(s): Starting kswapd
4 Time(s): Symbols match kernel version 2.4.18.
4 Time(s): TCP: Hash tables configured (established 8192 bind 8192)
4 Time(s): USB Quickcam Class ff SubClass ff idVendor 46d idProduct 870
4 Time(s): USB Quickcam camera found using: $Id: quickcam.c,v 1.98 2001/12/31
10:47:52 wildfox Exp $
4 Time(s): Uniform CD-ROM driver Revision: 3.12
4 Time(s): Uniform Multi-Platform E-IDE driver Revision: 6.31
4 Time(s): Using local APIC timer interrupts.
4 Time(s): VFS: Mounted root (ext3 filesystem) readonly.
4 Time(s): VP_IDE: IDE controller on PCI bus 00 dev 39
4 Time(s): VP_IDE: VIA vt82c596b (rev 12) IDE UDMA66 controller on pci00:07.1
4 Time(s): VP_IDE: chipset revision 6
4 Time(s): VP_IDE: not 100%% native mode: will probe irqs later
3 Time(s): [drm] AGP 0.99 on VIA Apollo Pro @ 0xd8000000 64MB
3 Time(s): [drm] Initialized r128 2.1.6 20010405 on minor 0
4 Time(s): ac97_codec: AC97  codec, id: 0x5452:0x4103 (TriTech TR28023)
3 Time(s): agpgart: AGP aperture is 64M @ 0xd8000000
3 Time(s): agpgart: Detected Via Apollo Pro chipset
3 Time(s): agpgart: Maximum main memory to use for agp memory: 94M4 Time(s):
block: 128 slots per queue, batch=32
4 Time(s): calibrating APIC timer ...
2 Time(s): cdrom: This disc doesn't have any tracks I recognize!
1 Time(s): cpu: 0, clocks: 1336345, slice: 668172
1 Time(s): cpu: 0, clocks: 1336361, slice: 668180
1 Time(s): cpu: 0, clocks: 1336377, slice: 668188
1 Time(s): cpu: 0, clocks: 1336433, slice: 668216
4 Time(s): emu10k1: EMU10K1 rev 4 model 0x20 found, IO at 0xdc00-0xdc1f, IRQ 10
4 Time(s): enabled ExtINT on CPU#0
1 Time(s): eth0: RealTek RTL8139 Fast Ethernet at 0xc88a1000, 00:10:b5:0e:b3:02,
IRQ 5
3 Time(s): eth0: RealTek RTL8139 Fast Ethernet at 0xc88b2000, 00:10:b5:0e:b3:02,
IRQ 5
4 Time(s): eth0: Setting half-duplex based on auto-negotiated partner ability 0000.
4 Time(s): hda: 29297520 sectors (15000 MB) w/2048KiB Cache, CHS=1937/240/63
4 Time(s): hda: Maxtor 2R015H1, ATA DISK drive
4 Time(s): hdc: ATAPI 32X DVD-ROM drive, 512kB Cache
4 Time(s): hdc: CREATIVEDVD5240E-1, ATAPI CD/DVD-ROM drive
4 Time(s): hdd: Hewlett-Packard CD-Writer Plus 8200, ATAPI CD/DVD-ROM drive
4 Time(s): hub.c: 2 ports detected
4 Time(s): hub.c: USB hub found
4 Time(s): hub.c: USB new device connect on bus1/2, assigned device number 28
Time(s): ide-floppy driver 0.97.sv
4 Time(s): ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
4 Time(s): ide1 at 0x170-0x177,0x376 on irq 15
4 Time(s): ide: Assuming 33MHz system bus speed for PIO modes; override with
idebus=xx
4 Time(s): ide_setup: hdd=ide-scsi
4 Time(s): ip_conntrack (1023 buckets, 8184 max)
4 Time(s): isapnp: 1 Plug & Play card detected total
4 Time(s): isapnp: Card 'V1433VQH-U 336 PNP MODEM'
4 Time(s): isapnp: Scanning for PnP cards...
12 Time(s): kjournald starting.  Commit interval 5 seconds
4 Time(s): klogd 1.4.1, log source = /proc/kmsg started.
4 Time(s): mtrr: detected mtrr type: Intel
4 Time(s): mtrr: v1.40 (20010327) Richard Gooch (rgooch.au)
4 Time(s): parport0: PC-style at 0x378 [PCSPP(,...)]
4 Time(s): pty: 256 Unix98 ptys configured
4 Time(s): quickcam: HDCS1020 sensor detected
1 Time(s): quickcam: frame size is incorrect! (2046)
48 Time(s): quickcam: frame size is incorrect! (49)
2 Time(s): quickcam: frame size is incorrect! (98)
4 Time(s): quickcam: probe of BP100 sensor = 00 10 id: 64
4 Time(s): quickcam: probe of HDCS1000 sensor = 10 3a id: 08
4 Time(s): quickcam: probe of HDCS1020 sensor = 10 10 id: 10
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=12.237.8.19 DST=66.32.38.89 LEN=48
TOS=0x00 PREC=0x00 TTL=113 ID=21211 DF PROTO=TCP SPT=4675 DPT=6699 WINDOW=16384
RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=01 Time(s): (ChabServ) IN=ppp0 OUT= MAC=
SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=01 Time(s): (ChabServ) IN=ppp0 OUT= MAC=
SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=01 Time(s): (ChabServ) IN=ppp0 OUT= MAC=
SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=01 Time(s): (ChabServ) IN=ppp0 OUT= MAC=
SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=01 Time(s): (ChabServ) IN=ppp0 OUT= MAC=
SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=01 Time(s): (ChabServ) IN=ppp0 OUT= MAC=
SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=01 Time(s): (ChabServ) IN=ppp0 OUT= MAC=
SRC=12.246.33.47 DST=66.32.34.220
LEN=37 TOS=0x00 PREC=0x00 TTL=115 ID=23212 PROTO=UDP SPT=3038 DPT=27015 LEN=17
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=130.160.149.78 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=55125 DF PROTO=TCP SPT=2262 DPT=1214
WINDOW=5840 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=138.88.36.208 DST=66.32.168.137
LEN=78 TOS=0x00 PREC=0x00 TTL=117 ID=33468 PROTO=UDP SPT=1047 DPT=137 LEN=58
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=172.162.64.54 DST=66.32.38.89
LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=7993 DF PROTO=TCP SPT=1588 DPT=1214
WINDOW=8192 RES=0x00 SYN URGP=0
1 Time(s): (ChabServ) IN=ppp0 OUT= MAC= SRC=192.192.116.15 DST=66.32.211.169
LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=26694 DF PROTO=TCP SPT=3357 DPT=80
WINDOW=16384 RES=0x00 SYN URGP=0

---------------------- Kernel End -------------------------



Expected Results:   ---------------------- Kernel Begin -------------------------


Denied packets from 169.254.211.197.
  Port netbios-ns       (udp,ppp0,input): 3 packet(s).
Total of 3 packet(s).

Denied packets from proxyscan.openprojects.net (66.140.25.157).
  Port squid    (tcp,ppp0,input): 40 packet(s).
  Port telnet   (tcp,ppp0,input): 40 packet(s).
  Port socks    (tcp,ppp0,input): 80 packet(s).
  Port http     (tcp,ppp0,input): 39 packet(s).
  Port webcache (tcp,ppp0,input): 40 packet(s).
Total of 239 packet(s).

Denied packets from AC988733.ipt.aol.com (172.152.135.51).
  Port 1214     (tcp,ppp0,input): 16 packet(s).
Total of 16 packet(s).

 ---------------------- Kernel End -------------------------

Additional info:


I want to point out, that i'm using the bugzilla database as a last resort. Not
many people that i know use logwatch. I've tryed joing the mailing list for
logwatch at kaybee.org --> no reply.
Comment 1 Alberto Castro 2002-03-15 12:06:37 UTC 
Created attachment 48604 [details]
Message from logwatch