我的MONOWALL好像有问题。PING极之不稳定。
Last 100 system log entriesSep 7 06:03:15 /kernel: arp: 192.168.0.125 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c1 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.74 moved from 00:30:18:c0:d0:c1 to 00:04:61:7d:65:5e on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.69 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b8:41 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.42 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b1:d9 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.36 moved from 00:30:18:c0:d0:c1 to 00:04:61:95:03:40 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.35 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:e0:b0 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.32 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b4:ca on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.29 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b8:f2 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.20 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b0:80 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.19 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:d1:a3 on fxp1
Sep 7 06:02:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:02:12 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 06:01:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:01:35 /kernel: arp: 192.168.0.125 moved from 00:11:09:dc:ce:c1 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:01:18 /kernel: arp: 192.168.0.125 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c1 on fxp1
Sep 7 06:01:09 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 06:00:35 /kernel: arp: 192.168.0.30 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b5:87 on fxp1
Sep 7 06:00:35 /kernel: arp: 192.168.0.19 moved from 00:04:61:94:d1:a3 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:00:14 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 06:00:01 /kernel: arp: 192.168.0.19 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:d1:a3 on fxp1
Sep 7 05:59:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:59:35 /kernel: arp: 192.168.0.125 moved from 00:11:09:dc:ce:c1 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:59:35 /kernel: arp: 192.168.0.69 moved from 00:04:61:94:b8:41 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:59:11 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:59:09 /kernel: arp: 192.168.0.69 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b8:41 on fxp1
Sep 7 05:59:06 last message repeated 3 times
Sep 7 05:59:06 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:59:05 /kernel: arp: 192.168.0.38 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b5:81 on fxp1
Sep 7 05:59:04 /kernel: arplookup 218.30.74.142 failed: host is not on local network
Sep 7 05:59:02 /kernel: arplookup 211.167.102.3 failed: host is not on local network
Sep 7 05:59:02 /kernel: arplookup 207.46.196.55 failed: host is not on local network
Sep 7 05:59:00 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 64.4.52.187 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 207.46.196.55 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 211.167.102.3 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 211.167.102.3 failed: host is not on local network
Sep 7 05:58:55 last message repeated 6 times
Sep 7 05:58:51 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:58:51 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:50 /kernel: arplookup 61.144.56.13 failed: host is not on local network
Sep 7 05:58:49 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:49 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:49 last message repeated 13 times
Sep 7 05:58:49 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:46 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 05:58:46 /kernel: arp: 192.168.0.125 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c1 on fxp1
Sep 7 05:58:44 /kernel: arplookup 202.104.94.3 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.104.94.3 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:44 last message repeated 9 times
Sep 7 05:58:44 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:44 last message repeated 10 times
Sep 7 05:58:44 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:44 last message repeated 5 times
Sep 7 05:58:40 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:40 last message repeated 16 times
Sep 7 05:58:40 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:39 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:39 last message repeated 5 times
Sep 7 05:58:39 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:58:35 /kernel: arp: 192.168.0.125 moved from 00:11:09:dc:ce:c1 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:58:35 /kernel: arp: 192.168.0.32 moved from 00:04:61:94:b4:ca to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.104.94.3 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:32 last message repeated 15 times
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:32 last message repeated 15 times
Sep 7 05:58:26 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:26 last message repeated 15 times
Sep 7 05:58:26 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:26 last message repeated 39 times
Sep 7 05:58:25 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:25 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:25 last message repeated 5 times
Sep 7 05:58:25 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:22 /kernel: arplookup 202.103.134.10 failed: host is not on local network
Sep 7 05:58:22 last message repeated 2 times
Sep 7 05:58:22 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:22 /kernel: arplookup 61.144.56.2 failed: host is not on local network
局域网内是有arp攻击吗?我抓包看到好多。而且PING本地的DNS极之不稳定。头疼,找不出原因阿。 wan口的netmask是如何定义的啊?自己定的,还是isp给的? 248/29是ISP给的。是可以用5个IP。
analyst帮下忙言归正传吧。我的局域网有什么问题? 这是今天的。
Sep 7 06:28:25 /kernel: DUMMYNET initialized (011031)
Sep 7 06:28:25 /kernel: ipfw2 initialized, divert disabled, rule-based forwarding enabled, default to accept, logging disabled
Sep 7 06:03:15 /kernel: arp: 192.168.0.125 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c1 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.74 moved from 00:30:18:c0:d0:c1 to 00:04:61:7d:65:5e on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.69 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b8:41 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.42 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b1:d9 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.36 moved from 00:30:18:c0:d0:c1 to 00:04:61:95:03:40 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.35 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:e0:b0 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.32 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b4:ca on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.29 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b8:f2 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.20 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b0:80 on fxp1
Sep 7 06:03:15 /kernel: arp: 192.168.0.19 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:d1:a3 on fxp1
Sep 7 06:02:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:02:12 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 06:01:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:01:35 /kernel: arp: 192.168.0.125 moved from 00:11:09:dc:ce:c1 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:01:18 /kernel: arp: 192.168.0.125 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c1 on fxp1
Sep 7 06:01:09 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 06:00:35 /kernel: arp: 192.168.0.30 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b5:87 on fxp1
Sep 7 06:00:35 /kernel: arp: 192.168.0.19 moved from 00:04:61:94:d1:a3 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 06:00:14 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 06:00:01 /kernel: arp: 192.168.0.19 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:d1:a3 on fxp1
Sep 7 05:59:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:59:35 /kernel: arp: 192.168.0.125 moved from 00:11:09:dc:ce:c1 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:59:35 /kernel: arp: 192.168.0.69 moved from 00:04:61:94:b8:41 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:59:11 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:59:09 /kernel: arp: 192.168.0.69 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b8:41 on fxp1
Sep 7 05:59:06 last message repeated 3 times
Sep 7 05:59:06 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:59:05 /kernel: arp: 192.168.0.38 moved from 00:30:18:c0:d0:c1 to 00:04:61:94:b5:81 on fxp1
Sep 7 05:59:04 /kernel: arplookup 218.30.74.142 failed: host is not on local network
Sep 7 05:59:02 /kernel: arplookup 211.167.102.3 failed: host is not on local network
Sep 7 05:59:02 /kernel: arplookup 207.46.196.55 failed: host is not on local network
Sep 7 05:59:00 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 64.4.52.187 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 207.46.196.55 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 211.167.102.3 failed: host is not on local network
Sep 7 05:58:56 /kernel: arplookup 211.167.102.3 failed: host is not on local network
Sep 7 05:58:55 last message repeated 6 times
Sep 7 05:58:51 /kernel: arplookup 61.144.56.206 failed: host is not on local network
Sep 7 05:58:51 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:50 /kernel: arplookup 61.144.56.13 failed: host is not on local network
Sep 7 05:58:49 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:49 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:49 last message repeated 13 times
Sep 7 05:58:49 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:46 /kernel: arp: 192.168.0.124 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c2 on fxp1
Sep 7 05:58:46 /kernel: arp: 192.168.0.125 moved from 00:30:18:c0:d0:c1 to 00:11:09:dc:ce:c1 on fxp1
Sep 7 05:58:44 /kernel: arplookup 202.104.94.3 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.104.94.3 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:44 last message repeated 9 times
Sep 7 05:58:44 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:44 last message repeated 10 times
Sep 7 05:58:44 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:44 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:44 last message repeated 5 times
Sep 7 05:58:40 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:40 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:40 last message repeated 16 times
Sep 7 05:58:40 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:39 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:39 last message repeated 5 times
Sep 7 05:58:39 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:35 /kernel: arp: 192.168.0.124 moved from 00:11:09:dc:ce:c2 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:58:35 /kernel: arp: 192.168.0.125 moved from 00:11:09:dc:ce:c1 to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:58:35 /kernel: arp: 192.168.0.32 moved from 00:04:61:94:b4:ca to 00:30:18:c0:d0:c1 on fxp1
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.104.94.3 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:32 last message repeated 15 times
Sep 7 05:58:32 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:32 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:32 last message repeated 15 times
Sep 7 05:58:26 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:26 last message repeated 15 times
Sep 7 05:58:26 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:26 /kernel: arplookup 202.103.134.121 failed: host is not on local network
Sep 7 05:58:26 last message repeated 39 times
Sep 7 05:58:25 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:25 /kernel: arplookup 61.144.56.29 failed: host is not on local network
Sep 7 05:58:25 last message repeated 5 times
Sep 7 05:58:25 /kernel: arplookup 202.103.134.20 failed: host is not on local network
Sep 7 05:58:22 /kernel: arplookup 202.103.134.10 failed: host is not on local network
Sep 7 05:58:22 last message repeated 2 times 有人把ip地址设置成和你一个网段,也就是非248/29的其他同段ip,他发给你的arp包,你回应不了。
但是感觉不会出现你说的这种情况。
还有你的124、125这两个地址,经常变? 124和125这两个IP是在同一台机上的两块网卡。地址没有变过啊。
那我把外网的IP改一下试试吧。
怎么看日志arp都是内网的? 这是今天的日志.改了外网IP后arp少了很多,剩下两个,意思是不是有别的PC在抢夺192.168.0.126这个IP地址?
Sep 10 01:54:20 /kernel: DUMMYNET initialized (011031)
Sep 10 01:54:20 /kernel: ipfw2 initialized, divert disabled, rule-based forwarding enabled, default to accept, logging disabled
Sep 10 01:51:55 /kernel: IP firewall unloaded
Sep 10 01:23:16 last message repeated 4 times
Sep 10 01:23:01 last message repeated 12 times
Sep 10 01:22:30 /kernel: arp: 00:d0:b7:93:f2:1a is using my IP address 192.168.0.126!
Sep 9 23:10:00 last message repeated 19 times
Sep 9 23:09:22 last message repeated 18 times
Sep 9 23:08:50 /kernel: arp: 00:d0:b7:0e:a5:3d is using my IP address 192.168.0.126! 现在已经在交换机上邦定了MAC地址了.明天再看看会不会有这样的情况.
还有analyst我在主交换机上设置了广播风暴抑制比例为30%不知道这样适合不?希望analyst 能指点下.
[ 本帖最后由 moran321 于 2005-9-10 02:32 AM 编辑 ]
页:
[1]