Tuesday, February 19, 2013
ufw logging LEVEL
LOGGING
ufw supports multiple logging levels. ufw defaults to a loglevel of
’low’ when a loglevel is not specified. Users may specify a loglevel
with:
ufw logging LEVEL
LEVEL may be ’off’, ’low’, ’medium’, ’high’ and full. Log levels are
defined as:
off disables ufw managed logging
low logs all blocked packets not matching the default policy (with
rate limiting), as well as packets matching logged rules
medium log level low, plus all allowed packets not matching the default
policy, all INVALID packets, and all new connections. All
logging is done with rate limiting.
high log level medium (without rate limiting), plus all packets with
rate limiting
full log level high without rate limiting
Loglevels above medium generate a lot of logging output, and may
quickly fill up your disk. Loglevel medium may generate a lot of
logging output on a busy system.
Specifying ’on’ simply enables logging at log level ’low’ if logging is
currently not enabled.
Reference : http://manpages.ubuntu.com/manpages/lucid/en/man8/ufw.8.html
Linux Log: Deauthentication Reason Code
Linux Log: Deauthentication Reason Code
ตัวอย่างเช่น
0 noReasonCode - Normal operation.
ตัวอย่างเช่น
0 noReasonCode - Normal operation.
1 unspecifiedReason - Client associated but no longer authorized.
2 previousAuthNotValid - Client associated but not authorized.
3 deauthenticationLeaving - The access point went offline, deauthenticating the client.
4 disassociationDueToInactivity - Client session timeout exceeded.
5 disassociationAPBusy - The access point is busy, performing load balancing, for example.
6 class2FrameFromNonAuthStation - Client attempted to transfer data before it was authenticated.
7 class2FrameFromNonAssStation - Client attempted to transfer data before it was associated.
8 disassociationStaHasLeft - Operating System moved the client to another access point using non-aggressive load balancing.
9 staReqAssociationWithoutAuth - Client not authorized yet, still attempting to associate with an access point.
99 missingReasonCode - Client momentarily in an unknown state.
2 previousAuthNotValid - Client associated but not authorized.
3 deauthenticationLeaving - The access point went offline, deauthenticating the client.
4 disassociationDueToInactivity - Client session timeout exceeded.
5 disassociationAPBusy - The access point is busy, performing load balancing, for example.
6 class2FrameFromNonAuthStation - Client attempted to transfer data before it was authenticated.
7 class2FrameFromNonAssStation - Client attempted to transfer data before it was associated.
8 disassociationStaHasLeft - Operating System moved the client to another access point using non-aggressive load balancing.
9 staReqAssociationWithoutAuth - Client not authorized yet, still attempting to associate with an access point.
99 missingReasonCode - Client momentarily in an unknown state.
สามารถอ่านเพิ่มเติมได้ที่ http://www.aboutcher.co.uk/2012/07/linux-wifi-deauthenticated-reason-codes/
การแก้ปัญหา @warning : Remote host identification has changed!@
เมื่อมีการเปลี่ยน host แล้วเครื่องที่เป็น client จะ remote แบบ SSH (Secure Shell) ไปที่เครื่อง server แล้วปรากฎว่าเป็น error ดังนี้
"@warning : Remote host identification has changed!@"
ปัญหาเกิดจาก key ไม่ตรงกันของเครื่อง server และเครื่องที่จะ remote เข้าไปใช้
วิธีแก้ไขให้ลบ file know_hosts ที่อยู่ใน Home directory ของ user ที่ Log on อยู่ เช่น root@me:~# rm ~/.ssh/know_hosts
เมื่อ ssh เข้าไปยังเครื่อง server อีกครั้งจะแสดงรายละเอียดดังนี้
root@me:~/.ssh# ssh root@192.168.2.88
The authenticity of host '192.168.2.5 (192.168.2.88)' can't be established.
RSA key fingerprint is 90:97:f2:42:34:09:ec:09:49:07:7e:59:65:a8:95:75.
Are you sure you want to continue connecting (yes/no)?
Subscribe to:
Posts (Atom)