Community discussions

 
imaljko4
Member Candidate
Member Candidate
Topic Author
Posts: 247
Joined: Fri Apr 25, 2008 6:52 pm

Firewall setup problem

Thu Jan 09, 2014 3:14 am

After setting up the firewall like described in the WIKI here:
http://wiki.mikrotik.com/wiki/Basic_uni ... all_script

I am constantly having dropped packets, from different IP addresses, showing up in my logg.

Did i misconfigure something, or is it normal to have so many dropped packets?

Here are my loggs:
Jan/08/2014 22:46:13 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 210.92.80.169:1098->"my WAN IP XXX ":445, len 48
Jan/08/2014 22:46:16 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 210.92.80.169:1098->"my WAN IP XXX ":445, len 48
Jan/08/2014 22:51:13 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 22:53:31 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:53:31 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:53:31 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:53:32 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:53:34 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:53:38 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:53:46 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:54:01 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:54:30 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:55:30 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 80.82.79.30:44325->"my WAN IP XXX ":21320, len 40
Jan/08/2014 22:56:13 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 22:59:00 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 206.79.196.251:52341->"my WAN IP XXX ":3389, len 44
Jan/08/2014 22:59:00 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 206.79.196.251:52341->"my WAN IP XXX ":3389, len 44
Jan/08/2014 22:59:01 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 206.79.196.251:52341->"my WAN IP XXX ":3389, len 44
Jan/08/2014 22:59:02 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 206.79.196.251:52341->"my WAN IP XXX ":3389, len 44
Jan/08/2014 22:59:06 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 206.79.196.251:52341->"my WAN IP XXX ":3389, len 41
Jan/08/2014 22:59:28 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 190.94.12.168:1252->"my WAN IP XXX ":445, len 48
Jan/08/2014 22:59:29 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 190.94.12.168:1252->"my WAN IP XXX ":445, len 48
Jan/08/2014 23:01:12 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:06:12 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:06:53 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 187.112.207.25:2641->"my WAN IP XXX ":445, len 48
Jan/08/2014 23:06:55 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 187.112.207.25:2641->"my WAN IP XXX ":445, len 48
Jan/08/2014 23:07:29 system,info,account user xxx logged in from "support IP" via winbox
Jan/08/2014 23:08:17 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 1.93.37.141:58457->"my WAN IP XXX ":22, len 44
Jan/08/2014 23:08:18 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 1.93.37.141:58458->"my WAN IP XXX ":22, len 44
Jan/08/2014 23:09:45 system,info,account user xxx logged out from "support IP" via winbox
Jan/08/2014 23:11:13 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:16:15 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:21:15 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:26:12 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:27:50 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK), 116.212.237.42:58370->"my WAN IP XXX ":5900, len 40
Jan/08/2014 23:27:53 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK,FIN), 116.212.237.42:58370->"my WAN IP XXX ":5900, len 40
Jan/08/2014 23:27:54 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK,FIN), 116.212.237.42:58370->"my WAN IP XXX ":5900, len 40
Jan/08/2014 23:27:57 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK,FIN), 116.212.237.42:58370->"my WAN IP XXX ":5900, len 40
Jan/08/2014 23:28:02 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK,FIN), 116.212.237.42:58370->"my WAN IP XXX ":5900, len 40
Jan/08/2014 23:28:12 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK,FIN), 116.212.237.42:58370->"my WAN IP XXX ":5900, len 40
Jan/08/2014 23:28:31 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (ACK,RST), 116.212.237.42:58370->"my WAN IP XXX ":5900, len 40
Jan/08/2014 23:28:54 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:59721->"my WAN IP XXX ":5900, len 60
Jan/08/2014 23:28:55 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:59721->"my WAN IP XXX ":5900, len 60
Jan/08/2014 23:29:21 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:37696->"my WAN IP XXX ":21320, len 44
Jan/08/2014 23:29:21 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:37696->"my WAN IP XXX ":21320, len 44
Jan/08/2014 23:29:22 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:37696->"my WAN IP XXX ":21320, len 44
Jan/08/2014 23:29:23 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:37696->"my WAN IP XXX ":21320, len 44
Jan/08/2014 23:31:12 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:34:40 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 91.208.16.3:4723->"my WAN IP XXX ":5900, len 48
Jan/08/2014 23:34:42 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 91.208.16.3:4723->"my WAN IP XXX ":5900, len 48
Jan/08/2014 23:36:12 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:36:40 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 81.142.92.61:64593->"my WAN IP XXX ":5800, len 44
Jan/08/2014 23:36:41 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 81.142.92.61:64593->"my WAN IP XXX ":5800, len 44
Jan/08/2014 23:36:42 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 81.142.92.61:64593->"my WAN IP XXX ":5800, len 44
Jan/08/2014 23:36:43 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 81.142.92.61:64593->"my WAN IP XXX ":5800, len 44
Jan/08/2014 23:37:01 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 89.35.206.43:2540->"my WAN IP XXX ":445, len 48
Jan/08/2014 23:37:03 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 89.35.206.43:2540->"my WAN IP XXX ":445, len 48
Jan/08/2014 23:41:22 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:41:25 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 189.71.148.14:2912->"my WAN IP XXX ":445, len 48
Jan/08/2014 23:41:28 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 189.71.148.14:2912->"my WAN IP XXX ":445, len 48
Jan/08/2014 23:46:10 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:61071->"my WAN IP XXX ":5904, len 44
Jan/08/2014 23:46:10 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:61071->"my WAN IP XXX ":5904, len 44
Jan/08/2014 23:46:11 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:61071->"my WAN IP XXX ":5904, len 44
Jan/08/2014 23:46:12 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:61071->"my WAN IP XXX ":5904, len 44
Jan/08/2014 23:46:22 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:47:55 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto UDP, 211.81.31.54:4335->"my WAN IP XXX ":1434, len 404
Jan/08/2014 23:51:17 info fetch: file "dyndns.checkip.html" created
Jan/08/2014 23:56:12 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:01:13 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:01:15 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:48228->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:01:16 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:48228->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:01:17 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:48228->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:01:18 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:48228->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:04:30 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 195.178.109.14:55082->"my WAN IP XXX ":5900, len 60
Jan/09/2014 00:04:30 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 195.178.109.14:55082->"my WAN IP XXX ":5900, len 60
Jan/09/2014 00:06:15 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:11:13 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:14:46 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 216.127.161.29:1388->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:14:48 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 216.127.161.29:1388->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:16:12 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:16:44 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 86.7.134.69:46446->"my WAN IP XXX ":43182, len 60
Jan/09/2014 00:16:46 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 86.7.134.69:46446->"my WAN IP XXX ":43182, len 60
Jan/09/2014 00:16:54 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 86.7.134.69:46446->"my WAN IP XXX ":43182, len 60
Jan/09/2014 00:17:24 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 122.3.238.52:4191->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:17:26 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 122.3.238.52:4191->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:21:12 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:26:12 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:31:13 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:31:45 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:59162->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:31:45 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:59162->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:31:46 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:59162->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:31:47 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:59162->"my WAN IP XXX ":21320, len 44
Jan/09/2014 00:33:33 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto UDP, 5.135.146.0:54544->"my WAN IP XXX ":19, len 29
Jan/09/2014 00:36:12 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:36:45 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 41.129.178.78:53534->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:36:47 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 41.129.178.78:53534->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:40:17 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 190.73.101.7:3269->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:40:19 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 190.73.101.7:3269->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:41:13 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:45:29 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:41482->"my WAN IP XXX ":5900, len 44
Jan/09/2014 00:45:30 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:41482->"my WAN IP XXX ":5900, len 44
Jan/09/2014 00:45:31 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:41482->"my WAN IP XXX ":5900, len 44
Jan/09/2014 00:45:32 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:41482->"my WAN IP XXX ":5900, len 44
Jan/09/2014 00:46:22 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 00:47:00 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 93.174.93.67:58533->"my WAN IP XXX ":21320, len 40
Jan/09/2014 00:51:21 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 161.139.18.199:2706->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:51:24 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 161.139.18.199:2706->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:55:31 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 179.13.169.52:2609->"my WAN IP XXX ":445, len 48
Jan/09/2014 00:56:41 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 216.70.252.116:3725->"my WAN IP XXX ":445, len 52
Jan/09/2014 00:56:44 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 216.70.252.116:3725->"my WAN IP XXX ":445, len 52
Jan/09/2014 01:01:05 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 31.3.251.74:51488->"my WAN IP XXX ":3389, len 52
Jan/09/2014 01:01:07 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 31.3.251.74:51488->"my WAN IP XXX ":3389, len 52
Jan/09/2014 01:01:13 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 31.3.251.74:51488->"my WAN IP XXX ":3389, len 48
Jan/09/2014 01:01:28 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 38.67.131.26:2614->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:01:30 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 38.67.131.26:2614->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:02:58 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 217.19.147.51:2813->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:03:00 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 217.19.147.51:2813->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:06:12 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:08:25 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 207.244.64.117:51015->"my WAN IP XXX ":5900, len 52
Jan/09/2014 01:08:27 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 207.244.64.117:51015->"my WAN IP XXX ":5900, len 52
Jan/09/2014 01:11:13 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:13:03 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 110.80.46.138:3053->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:13:04 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 110.80.46.138:3053->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:15:25 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 81.142.92.61:62013->"my WAN IP XXX ":5800, len 52
Jan/09/2014 01:16:03 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 72.36.46.5:4264->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:16:05 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 72.36.46.5:4264->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:16:13 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:18:58 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto UDP, 106.158.81.73:49325->"my WAN IP XXX ":11426, len 48
Jan/09/2014 01:19:40 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 201.242.46.203:1805->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:19:42 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 201.242.46.203:1805->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:21:12 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:25:02 system,info,account user xxx logged in from "support IP" via winbox
Jan/09/2014 01:26:20 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:26:23 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 195.178.109.14:42079->"my WAN IP XXX ":5900, len 60
Jan/09/2014 01:26:24 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 195.178.109.14:42079->"my WAN IP XXX ":5900, len 60
Jan/09/2014 01:29:15 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 46.26.212.43:4377->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:29:18 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 46.26.212.43:4377->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:29:24 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 46.26.212.43:4377->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:31:11 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:36:11 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:38:19 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 85.10.199.154:53491->"my WAN IP XXX ":32764, len 40
Jan/09/2014 01:38:57 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:49957->"my WAN IP XXX ":5904, len 44
Jan/09/2014 01:38:58 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:49957->"my WAN IP XXX ":5904, len 44
Jan/09/2014 01:38:59 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:49957->"my WAN IP XXX ":5904, len 44
Jan/09/2014 01:39:00 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 194.106.140.5:49957->"my WAN IP XXX ":5904, len 44
Jan/09/2014 01:41:11 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:46:11 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:51:11 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:52:56 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 116.212.237.42:50118->"my WAN IP XXX ":5900, len 44
Jan/09/2014 01:52:57 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 116.212.237.42:50118->"my WAN IP XXX ":5900, len 44
Jan/09/2014 01:52:58 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 116.212.237.42:50118->"my WAN IP XXX ":5900, len 44
Jan/09/2014 01:52:59 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 116.212.237.42:50118->"my WAN IP XXX ":5900, len 44
Jan/09/2014 01:54:55 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto UDP, 85.25.199.95:5165->"my WAN IP XXX ":5060, len 439
Jan/09/2014 01:56:11 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 01:58:20 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 219.242.30.59:4035->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:58:23 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 219.242.30.59:4035->"my WAN IP XXX ":445, len 48
Jan/09/2014 01:59:35 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:53443->"my WAN IP XXX ":21320, len 44
Jan/09/2014 01:59:36 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:53443->"my WAN IP XXX ":21320, len 44
Jan/09/2014 01:59:37 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:53443->"my WAN IP XXX ":21320, len 44
Jan/09/2014 01:59:38 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 80.82.79.30:53443->"my WAN IP XXX ":21320, len 44
Jan/09/2014 02:00:01 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 89.23.105.56:2702->"my WAN IP XXX ":445, len 48
Jan/09/2014 02:00:04 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 89.23.105.56:2702->"my WAN IP XXX ":445, len 48
Jan/09/2014 02:01:11 info fetch: file "dyndns.checkip.html" created
Jan/09/2014 02:02:15 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:51473->"my WAN IP XXX ":5900, len 60
Jan/09/2014 02:02:16 firewall,info DROP INPUT input: in:"3G DONGLE- WAN" out:(none), proto TCP (SYN), 84.201.238.107:51473->"my WAN IP XXX ":5900, len 60


Thank you for help
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Firewall setup problem

Thu Jan 09, 2014 4:26 am

That is pretty normal. These are attempts by outside hosts trying to connect to common ports on your router such as RDP (3389) etc.

Disable logging for the Input rule if you want to stop seeing these entries. You can always enable the logging again for diagnostics if necessary.
 
imaljko4
Member Candidate
Member Candidate
Topic Author
Posts: 247
Joined: Fri Apr 25, 2008 6:52 pm

Re: Firewall setup problem

Thu Jan 09, 2014 11:36 am

That is pretty normal. These are attempts by outside hosts trying to connect to common ports on your router such as RDP (3389) etc.

Disable logging for the Input rule if you want to stop seeing these entries. You can always enable the logging again for diagnostics if necessary.
ok. so i can be sure that this is not some kind of service that is blocked and that i would need to enable?

I am a bit suspicious because there are so many logs happening every few minutes. So , its normal that the these outside attempts (outside hosts trying to connect) happen so often?


THanks
 
User avatar
falestiny
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Fri Sep 10, 2010 3:11 pm
Location: everywhere
Contact:

Re: Firewall setup problem

Thu Jan 09, 2014 4:55 pm

thats normal and you do not need to worry about as its all dropped connection.
 
imaljko4
Member Candidate
Member Candidate
Topic Author
Posts: 247
Joined: Fri Apr 25, 2008 6:52 pm

Re: Firewall setup problem

Thu Jan 09, 2014 10:11 pm

Thank you

Who is online

Users browsing this forum: Google [Bot] and 85 guests