Hi, I need your help.
every day I receive manu udp flood Attacks; in syslog I have found this information:
UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:47 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:49 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:52 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:52 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:56 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:57 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:59 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:01 ns301708 /USR/SBIN/CRON[239357]: (root) CMD (/usr/local/rtm/bin/rtm 55 > /dev/null 2> /dev/null)
Jul 30 19:02:07 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:12 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:13 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:13 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:16 ns301708 kernel: UDP: bad checksum. From 182.167.225.126:55219 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:16 ns301708 kernel: UDP: bad checksum. From 182.167.225.126:55219 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:16 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:17 ns301708 kernel: UDP: bad checksum. From 182.167.225.126:55219 to 5.196.244.246:80 ulen 8200
moreover, it seems that my network goes down... in syslog I have read these informations:
Jul 30 19:28:45 ns301708 kernel: e1000e: eth0 NIC Link is Down
Jul 30 19:28:46 ns301708 kernel: vmbr0: port 1(eth0) entering disabled state
Jul 30 19:28:47 ns301708 kernel: e1000e: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
Jul 30 19:28:48 ns301708 kernel: vmbr0: port 1(eth0) entering forwarding state
can you help me?
I have thought to enable proxmox firewall (I have the 3.3 Proxmox version) but I don't know what to do
Thanks for your help
E.Bruno
every day I receive manu udp flood Attacks; in syslog I have found this information:
UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:47 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:49 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:52 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:52 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:56 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:57 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:01:59 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:01 ns301708 /USR/SBIN/CRON[239357]: (root) CMD (/usr/local/rtm/bin/rtm 55 > /dev/null 2> /dev/null)
Jul 30 19:02:07 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:12 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:13 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:13 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3952 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:16 ns301708 kernel: UDP: bad checksum. From 182.167.225.126:55219 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:16 ns301708 kernel: UDP: bad checksum. From 182.167.225.126:55219 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:16 ns301708 kernel: UDP: bad checksum. From 120.127.242.4:3969 to 5.196.244.246:80 ulen 8200
Jul 30 19:02:17 ns301708 kernel: UDP: bad checksum. From 182.167.225.126:55219 to 5.196.244.246:80 ulen 8200
moreover, it seems that my network goes down... in syslog I have read these informations:
Jul 30 19:28:45 ns301708 kernel: e1000e: eth0 NIC Link is Down
Jul 30 19:28:46 ns301708 kernel: vmbr0: port 1(eth0) entering disabled state
Jul 30 19:28:47 ns301708 kernel: e1000e: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
Jul 30 19:28:48 ns301708 kernel: vmbr0: port 1(eth0) entering forwarding state
can you help me?
I have thought to enable proxmox firewall (I have the 3.3 Proxmox version) but I don't know what to do
Thanks for your help
E.Bruno