Bonjour à toute la communauté !!!
J’administre le réseau informatique d’une entreprise.Cependant la bande passante acquise se trouve être désormais insuffisante pour satisfaire le besoin internet du personnel. En entrée du réseau se trouve un routeur cisco 1841 sur lequel j’ai configuré le protocole Wccp(Web Cache Communication Protocol) version 2.
Dans le réseau local j’ai un serveur Debian 3.2.51-1 x86_64 sur lequel j’ai installé le service squid3.
Vu le volume d’ordinateurs,il m’est impossible de configurer individuellement chaque navigateur. j’ai donc opté pour un service de proxy transparent de tel sorte que le routeur (qui est en même temps la passerelle par défaut) redirige les paquets http(80) vers le serveur proxy présent dans le réseau local, afin de rendre transparent le processus à l’utilisateur. j’ai donc créé un interface virtuel gre0 sur mon serveur par lequel les paquets redirigés par le routeur arriveront au serveur.
Jusqu’à ce niveau ça va puisque lorsque je fait : ifconfig, j’obtiens ceci:
…
eth0 Link encap:Ethernet HWaddr ac:16:2d:8d:86:50
inet adr:172.16.1.51 Bcast:172.16.255.255 Masque:255.255.0.0
adr inet6: fe80::ae16:2dff:fe8d:8650/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3676934 errors:0 dropped:1642 overruns:0 frame:0
TX packets:1985499 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
RX bytes:611239780 (582.9 MiB) TX bytes:254132390 (242.3 MiB)
Interruption:32
…
…
gre0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet adr:172.16.1.51 Masque:255.255.255.255
UP RUNNING NOARP MTU:1476 Metric:1
RX packets:677745 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
RX bytes:49038910 (46.7 MiB) TX bytes:0 (0.0 B)
…

il semble donc que les paquets arrivent bien sur l’interface gre0 du serveur. de plus le résultat de “tcpdump -i gre0” ,confirme bien que le routeur redirige les paquets vers gre0 du serveur.
Squid fonctionne bien puisque lorsque je configure le navigateur d’une machine du réseau pour l’utiliser ça marche.
Cependant “tcpdump -i eth0” me confirme que les paquets n’arrivent pas sur eth0 depuis gre0.
Sur le serveur Debian j’execute le script suivant en root:

modprobe ip_gre
ip addr add 172.16.1.51/32 dev gre0
ip link set gre0 up

echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/gre0/rp_filter

iptables -t nat -F
iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.16.1.51:3128

et lorsque je fait: “iptables -t nat -L”

Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp – anywhere anywhere tcp dpt:http to:172.16.1.51:3128

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Il semble(du moins c’est ce que je pense) que les paquets ne vont pas de gre0 à eth0. Si oui que dois-je faire? Sinon ou se situerait le problème?

Merci d’avance pour votre aide

Je ne comprends pas bien, pourquoi les paquets devraient-ils “aller de gr0 à eth0” ? Un proxy HTTP n’est pas un routeur, alors pourquoi avoir activé ip_forward ?
Je ne connais pas particulièrement le protocole WCCP, par où sont censés sortir les paquets de réponse du proxy aux client ? Directement par eth0 ou via le routeur par le tunnel GRE ? Les routes nécessaires sont-elles correctement configurées sur la machine ?

Le fait que squid fonctionne en proxy explicitement configuré sur un poste client ne signifie pas qu’il fonctionne aussi en proxy transparent.

Salut PascalHambourg et merci pour ta réponse!!
En fait, de ce que je sais jusqu’à présent de Wccp, c’est un protocole développé par Cisco pour permettre la redirection de paquet http vers des serveurs cache(proxy cache). Le paquet Squid3 de Debian prend donc en charge ce protocole afin de communiquer avec des routeurs Cisco executant Wccp.
Le serveur proxy communique avec le routeur Debian sur le port 2048 afin de s’échanger des informations au travers d’un tunnel gre. Les paquets http provenant du routeur arrivent effectivement sur l’interface virtuel gre0 du serveur Debian(“tcpdump -i gre0” me le confirme). Mais les paquets ne sont pas redirigés vers le port 3128(sur lequel Squid écoute). Je me dit que le prob vient de la configuration du noyau Debian qui doit renvoyer les paquets de gre0 vers eth0, ou du moins vers le port 3128(c’est le pourquoi du ip_forward) afin que le proxy puisse donc effectuer les requetes sur l’interface eth0.
La réponse revient au client sans plus passer par gre0.Puisque eth0 est dans le même réseau local que le client.

Effectivement le proxy transparent ne fonctionne pas puisque ce routage de paquet au niveau du noyau Debian semble ne pas fonctionner correctement.
Je sais donc plus trop quoi faire, vu que j’ai déja épluché un bon nombre de docs la dessus sans résultat !!!
Merci de votre aide très attendue !!!

Comment le vois-tu ?

Non, il ne doit pas renvoyer les paquets vers eth0. Je répète : un proxy n’est pas un routeur, c’est un serveur.

Voilà. Le port 3128 local. Donc pas de routage, pas besoin d’ip_forward.
Quand le proxy relaie une requête HTTP vers un serveur web, il fait une nouvelle connexion TCP totalement indépendante de celle établie avec le client et envoie de nouveaux paquets. Contrairement au routage ce ne sont pas les mêmes paquets IP d’une même connexion qui seraient retransmis d’une interface à l’autre.

Tu vois les paquets de réponse avec tcpdump sur eth0 ? Et sur le poste client ?

En effet lorsque je fait “tcpdump -i eth0”, je ne vois pas les paquets de réponse pour le client.
Et je ne vois même pas les requetes du serveur proxy vers le serveur web. C’est un peu comme si les requetes des clients disparaissaient après être arrivées sur l’interface virtuel gre0 du serveur proxy.Sur le poste client il n’y a pas de réponse.

J’ai executé ce script sur le serveur proxy :

iptables -t nat -A PREROUTING -i gre0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -j MASQUERADE

Sans plus de résultat.
Les documents que j’ai lu expliquent qu’il est necessaire d’executer ces commandes afin d’activer le “forwarding” des paquets ipv4 entre les interfaces(ou un truc du genre):
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/gre0/rp_filter

Voici un de ces docs:
Transparent Web Proxying with Cisco, Squid, and WCCP.pdf (172 KB)

En effet rp_filter doit être désactivé sur gre0 (il est désactivé par défaut, donc tes commandes sont peut-être superflues) car sinon la machine n’accepterait pas les paquets entrants ayant comme source des adresses IP du LAN reçus par une interface autre que eth0. Cela n’a rien à voir avec le “forwarding” (fonction routeur activée par ip_forward) qui, je répète, ne sert à rien pour un proxy. Je vais parcourir ce document.

Y a-t-il d’autres règles iptables sur le serveur, et notamment des règles de filtrage ? Que contient la sortie de la commande [mono]iptables-save[/mono] ?

EDIT : Sauf erreur je ne vois pas dans ton message de commande [mono]ip tunnel[/mono] pour configurer le tunnel GRE associé à l’interface gre0 (adresse locale/distante… Tu es sûr que [mono]tcpdump -i gre0[/mono] affiche du trafic TCP, et que ce n’est pas juste [mono]tcpdump -i eth0[/mono] qui affiche et décode le trafic GRE et son contenu (qui ne serait pas forcément décapsulé) ?

Je me suis arrangé à supprimer au préalables toutes les règles existants sur le serveur avec la commande “iptables -t nat -F”

Voici le résultat de “iptables-save”:

…
*nat
REROUTING ACCEPT [19:1949]
:INPUT ACCEPT [9:1041]
:OUTPUT ACCEPT [28:2350]
OSTROUTING ACCEPT [0:0]
-A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A POSTROUTING -j MASQUERADE
COMMIT

Completed on Mon Mar 24 16:52:42 2014

Generated by iptables-save v1.4.14 on Mon Mar 24 16:52:42 2014

*mangle
REROUTING ACCEPT [42506:6622577]
:INPUT ACCEPT [40153:6403633]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [29149:3122793]
OSTROUTING ACCEPT [29350:3153790]
COMMIT
…

Mets les commandes et leurs sorties dans des blocs de code pour une meilleure lisibilité stp.
Attention : [mono]iptables -t nat -F[/mono] n’efface que les règles de la table [mono]nat[/mono], donc pas d’éventuelles règles de filtrage qui seraient dans la table [mono]filter[/mono]. Ceci dit, il ne semble pas y en avoir, la table [mono]filter[/mono] n’est apparemment pas chargée.

PS : Regarde l’EDIT de mon message précédent.

Voici un extrait du résultat de “tcpdump -i gre0”:

…
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gre0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
17:11:22.696150 IP 172.16.0.227.51167 > ir2.fp.vip.ir2.yahoo.com.http: Flags [R], seq 334532931, win 0, length 0
17:11:28.731851 IP 172.16.0.227.51172 > 62.244.40.222.http: Flags [R], seq 3461461679, win 0, length 0
17:11:30.458632 IP 172.16.0.227.51209 > ir2.fp.vip.ir2.yahoo.com.http: Flags [S], seq 3455284788, win 8192, opti ons [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:11:49.391756 IP 172.16.0.227.51228 > ir2.fp.vip.ir2.yahoo.com.http: Flags [S], seq 153017116, win 8192, optio ns [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:00.454595 IP 172.16.0.227.51209 > ir2.fp.vip.ir2.yahoo.com.http: Flags [R], seq 3455284789, win 0, length 0
17:12:07.549578 IP 172.16.0.227.51291 > debiansec.c3sl.ufpr.br.http: Flags [S], seq 1701893295, win 8192, option s [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:07.601789 IP 172.16.0.227.51292 > senfl.debian.org.http: Flags [S], seq 2180460566, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:07.604351 IP 172.16.0.227.51293 > senfl.debian.org.http: Flags [S], seq 1381060828, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:07.606113 IP 172.16.0.227.51294 > senfl.debian.org.http: Flags [S], seq 1823244683, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:07.607616 IP 172.16.0.227.51295 > senfl.debian.org.http: Flags [S], seq 756144904, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:07.609901 IP 172.16.0.227.51296 > senfl.debian.org.http: Flags [S], seq 3948902982, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:07.611417 IP 172.16.0.227.51297 > senfl.debian.org.http: Flags [S], seq 1233123414, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:12.212007 IP 172.16.0.227.51308 > wi-in-f94.1e100.net.http: Flags [S], seq 231295623, win 8192, options [m ss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:12.250194 IP 172.16.0.227.51309 > ea-in-f94.1e100.net.http: Flags [S], seq 796591491, win 8192, options [m ss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:17.323923 IP 172.16.0.227.51325 > ir2.fp.vip.ir2.yahoo.com.http: Flags [S], seq 3343664718, win 8192, opti ons [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:19.389097 IP 172.16.0.227.51228 > ir2.fp.vip.ir2.yahoo.com.http: Flags [R], seq 153017117, win 0, length 0
17:12:28.692032 IP 172.16.0.227.51356 > exodus.desync.com.http: Flags [S], seq 3455284304, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:33.666025 IP 172.16.0.227.51360 > ea-in-f94.1e100.net.http: Flags [S], seq 1858351630, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:33.672409 IP 172.16.0.227.51361 > exodus.desync.com.http: Flags [S], seq 508348648, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:36.256430 IP 172.16.0.227.51363 > ir2.fp.vip.ir2.yahoo.com.http: Flags [S], seq 2841948039, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:37.543509 IP 172.16.0.227.51291 > debiansec.c3sl.ufpr.br.http: Flags [R], seq 1701893296, win 0, length 0
17:12:37.595737 IP 172.16.0.227.51292 > senfl.debian.org.http: Flags [R], seq 2180460567, win 0, length 0
17:12:37.599456 IP 172.16.0.227.51293 > senfl.debian.org.http: Flags [R], seq 1381060829, win 0, length 0
17:12:37.604313 IP 172.16.0.227.51294 > senfl.debian.org.http: Flags [R], seq 1823244684, win 0, length 0
17:12:37.604856 IP 172.16.0.227.51295 > senfl.debian.org.http: Flags [R], seq 756144905, win 0, length 0
17:12:37.605401 IP 172.16.0.227.51296 > senfl.debian.org.http: Flags [R], seq 3948902983, win 0, length 0
17:12:37.607844 IP 172.16.0.227.51297 > senfl.debian.org.http: Flags [R], seq 1233123415, win 0, length 0
17:12:42.209886 IP 172.16.0.227.51308 > wi-in-f94.1e100.net.http: Flags [R], seq 231295624, win 0, length 0
17:12:42.247522 IP 172.16.0.227.51309 > ea-in-f94.1e100.net.http: Flags [RE], seq 796591492, win 0, length 0
17:12:45.685723 IP 172.16.0.227.51373 > 50.7.229.58.http: Flags [S], seq 2790739861, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
17:12:47.319202 IP 172.16.0.227.51325 > ir2.fp.vip.ir2.yahoo.com.http: Flags [R], seq 3343664719, win 0, length 0
^C
31 packets captured
31 packets received by filter
0 packets dropped by kernel
…

Je vois donc les paquets que le routeur a redirigé vers le serveur proxy. Mais après cette étape plus rien le serveur n’envoie rien en direction d’un serveur web.

“tcpdump -i eth0” ne m’affiche rien concernant le trafic http.

Concernant la commande “ip tunnel”. J’ai executé ceci en remplacement :
modprobe ip_gre
ip addr add 172.16.1.51/32 dev gre0
ip link set gre0 up

J’ai lu que dans les noyaux recents de Debian l’on pouvait l’utiliser pour creer le tunnel gre0(corrige moi si je me trompe stp). En effet “ifconfig” me donne ceci :
…
gre0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet adr:172.16.1.51 Masque:255.255.255.255
UP RUNNING NOARP MTU:1476 Metric:1
RX packets:8715 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
RX bytes:349452 (341.2 KiB) TX bytes:0 (0.0 B)
…

Ce n’est pas pareil, mais si tcpdump voit des paquets entrants sur gre0 ça doit être suffisant.

Ajoute ces règles iptables de log et regarde si les paquets reçus apparaissent dans les logs du noyau.

iptables -t mangle -A PREROUTING -i gre0 -j LOG --log-prefix "PREROUTING " iptables -t filter -A INPUT -i gre0 -j LOG --log-prefix "INPUT "

Oups, j’ai oublié de dire que je suis pas vraiment calé !!!
J’ai ajouté les règles, mais quels logs du noyau devrais-je regardé spécifiquement ?

j’ai jetté un coup d’oeil du coté de syslog: voici un extrait du résultat:

…
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.561148] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=85 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.561524] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=83 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.561802] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=81 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.562077] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=79 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.562348] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=77 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.562767] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=75 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.563051] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=73 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.563325] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=71 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.563598] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=69 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.564019] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=67 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.564301] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=65 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.564600] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=63 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.564888] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=61 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.565278] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=59 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.565558] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.565835] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.566109] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.566449] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.566728] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.567002] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.567275] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.567649] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=43 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.567929] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=41 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.568218] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=39 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.568597] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=37 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.568922] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=35 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.569203] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=33 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.569483] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=31 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.569836] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=29 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.570177] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=27 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.570460] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=25 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.570735] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=23 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.571058] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=21 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.571337] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=19 ID=10022 DF PROTO=TCP SPT=54463 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URG$
Mar 24 18:18:46 server-intra-01 kernel: [ 6929.571812] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=17 ID=10022 DF
…

PS: désolé pour la mise en forme !!!

Pour la mise en forme, utilise le bouton [ Code ].
Les paquets atteignent bien la couche IPv4, mais on ne les retrouve pas dans la chaîne INPUT par où ils devraient passer après avoir subi la redirection.

Hypothèses :

• les paquets ne sont pas redirigiés, dans ce cas on devrait retrouver les paquets dans la chaîne FORWARD si tu as laissé ip_forward activé (mais alors on devrait les retrouver en sortie sur eth0). A vérifier dans les logs avec

iptables -t nat -A PREROUTING -i gre0 -j LOG --log-prefix "PRENAT " iptables -t nat -A PREROUTING -i gre0 -j LOG --log-prefix "POSTNAT " iptables -t filter -A FORWARD -i gre0 -j LOG --log-prefix "FORWARD "
La première règle s’ajoutera juste avant la règle DNAT et la seconde juste après, et enregistrera les paquets qui n’auront pas subi la redirection.

• les paquets sont bloqués au niveau de la décision de routage, par exemple si rp_filter est activé malgré tes commandes. A vérifier avec :

PS : pour supprimer une règle, il suffit de remplacer -A par -D.

Sorry pour l’absence de réponse, j’étais en déplacement !!
En fait voila le résultat de “tail -100 /var/log/syslog”, une fois les commandes iptables que tu m’as fournies executées.

Mar 26 17:32:35 server-intra-01 kernel: [54736.102934] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=208.83.20.164 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27343 DF PROTO=TCP SPT=54546 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:32:35 server-intra-01 kernel: [54736.102955] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27343 DF PROTO=TCP SPT=54546 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:32:44 server-intra-01 named[3022]: success resolving 'a0e9.akamaiedge.net/AAAA' (in 'akamaiedge.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 26 17:32:47 server-intra-01 kernel: [54748.421807] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=198.252.206.140 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27388 DF PROTO=TCP SPT=54549 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:32:47 server-intra-01 kernel: [54748.421826] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27388 DF PROTO=TCP SPT=54549 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:32:48 server-intra-01 kernel: [54749.226472] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=80.91.229.12 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27393 DF PROTO=TCP SPT=54550 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:32:48 server-intra-01 kernel: [54749.226491] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27393 DF PROTO=TCP SPT=54550 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:32:49 server-intra-01 kernel: [54750.173132] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=173.194.65.94 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27401 DF PROTO=TCP SPT=54551 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:32:49 server-intra-01 kernel: [54750.173151] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27401 DF PROTO=TCP SPT=54551 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:33:05 server-intra-01 kernel: [54766.083501] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=208.83.20.164 LEN=40 TOS=0x00 PREC=0x00 TTL=254 ID=33537 PROTO=TCP SPT=54546 DPT=80 WINDOW=0 RES=0x00 ECE RST URGP=0
Mar 26 17:33:05 server-intra-01 kernel: [54766.083517] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=40 TOS=0x00 PREC=0x00 TTL=254 ID=33537 PROTO=TCP SPT=54546 DPT=3128 WINDOW=0 RES=0x00 ECE RST URGP=0
Mar 26 17:33:09 server-intra-01 kernel: [54769.719388] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=198.252.206.140 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27513 DF PROTO=TCP SPT=54559 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:33:09 server-intra-01 kernel: [54769.719408] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27513 DF PROTO=TCP SPT=54559 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:33:09 server-intra-01 kernel: [54770.529241] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=80.91.229.12 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27520 DF PROTO=TCP SPT=54560 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:33:09 server-intra-01 kernel: [54770.529261] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27520 DF PROTO=TCP SPT=54560 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:33:11 server-intra-01 kernel: [54771.766376] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=173.194.65.94 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27579 DF PROTO=TCP SPT=54568 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
Mar 26 17:33:11 server-intra-01 kernel: [54771.766395] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27579 DF PROTO=TCP SPT=54568 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0

Voici le résultat de “iptables-save”:

Generated by iptables-save v1.4.14 on Wed Mar 26 17:39:50 2014

*mangle
REROUTING ACCEPT [64916]
:INPUT ACCEPT [51621:9269716]
:FORWARD ACCEPT [2205:88200]
:OUTPUT ACCEPT [26877:4377316]
OSTROUTING ACCEPT [29165:4481631]
-A PREROUTING -i gre0 -j LOG --log-prefix PREROUTING
COMMIT

Completed on Wed Mar 26 17:39:50 2014

Generated by iptables-save v1.4.14 on Wed Mar 26 17:39:50 2014

*nat
REROUTING ACCEPT [111429]
:INPUT ACCEPT [58672:6422483]
:OUTPUT ACCEPT [99981:8039113]
OSTROUTING ACCEPT [0:0]
-A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.16.1.51:3128
-A PREROUTING -i gre0 -j LOG --log-prefix PRENAT
-A PREROUTING -i gre0 -j LOG --log-prefix POSTNAT
-A POSTROUTING -j MASQUERADE
COMMIT

Completed on Wed Mar 26 17:39:50 2014

Generated by iptables-save v1.4.14 on Wed Mar 26 17:39:50 2014

*filter
:INPUT ACCEPT [11332:1828328]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5946:987334]
-A INPUT -i gre0 -j LOG --log-prefix INPUT
-A FORWARD -i gre0 -j LOG --log-prefix FORWARD
COMMIT

Completed on Wed Mar 26 17:39:50 2014

Je viens de m’y remettre, et j’ai pas vraiment évolué depuis
Bien entendu les paquets arrivent mais j’ignore quelle direction ils prennent !!!

Il y a bien moins de 100 lignes, as-tu pris un intervalle ou bien as-tu supprimé des lignes qui semblaient identiques ?

Positif : on retrouve les paquets SYN dans la chaîne INPUT avec l’adresse et le port destination modifiés, donc la redirection fonctionne.

Négatif : on ne voit pas les paquets ACK qui devraient suivre, après le paquet de réponse SYN/ACK qui devrait être émis par le serveur.

Hypothèses :
a) le serveur émet des paquets SYN/ACK qui n’arrivent pas au client
b) port 3128 est fermé et le serveur renvoie des RST à la place
c) le serveur n’émet rien du tout.

Normalement, dans les cas a ou c) le client devrait renvoyer plusieurs fois le même paquet SYN avec le même port source, ce qu’on ne voit pas. Au contraire le port source change à chaque paquet, ce qui va dans le sens de b). En revanche le client a envoyé un RST pour signaler qu’il abandonne, ce qui est logique après un délai de non-réponse et va dans le sens des cas a) ou c).

On peut ajouter encore deux règles pour vérifier :

iptables -A OUTPUT -p tcp --sport 3128 -j LOG --log-prefix "OUTPUT " iptables -A OUTPUT -p icmp -j LOG --log-prefix "OUTPUT "

Salutations à nouveau PascalHambourg !!!
Eh oui toujours dans la même galère

Je réponds d’abord à tes questions :

• En effet je n’ai pris que les 100 dernières lignes de syslog :

Le port 3128 est bien ouvert : voici le résultat de “netstat -tupan”

tcp6 0 0 :::3128 :::* LISTEN 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:50393 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:47599 23.212.109.162:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49963 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49886 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49965 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48632 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49959 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49961 ESTABLISHED 4528/(squid) tcp6 0 1424 172.16.1.51:3128 172.16.0.227:49881 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49960 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52497 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48637 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48638 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48733 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49889 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52498 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49884 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48631 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49964 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48633 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52493 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49958 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52496 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:47654 23.212.109.162:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48635 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48639 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49887 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52492 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52558 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49888 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49882 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49966 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49885 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52494 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:52491 23.212.109.146:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48636 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 1448 172.16.1.51:3128 172.16.0.227:50277 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:48634 23.212.109.145:80 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:49883 ESTABLISHED 4528/(squid) tcp6 0 0 172.16.1.51:3128 172.16.0.227:50416 ESTABLISHED 4528/(squid) udp 0 0 0.0.0.0:52786 0.0.0.0:* 4528/(squid) udp 0 0 172.16.1.51:2048 172.16.0.1:2048 ESTABLISHED 4528/(squid) udp6 0 0 :::47105 :::* 4528/(squid)

On voit (enfin je crois) que le serveur(172.16.1.51) émet bien sur le port 80. Puisqu’il établit bien des connexions vers internet, et même vers ma machine (172.16.0.227).
Je vais donc supposer que l’hypothèse a) est celle qui s’effectue. “iptables-save” donne ceci une fois les règles iptables que tu m’as prescrites ajoutées :

# Generated by iptables-save v1.4.14 on Mon Mar 31 13:36:11 2014
*filter
:INPUT ACCEPT [546:366015]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [629:357793]
:fail2ban-ssh - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A OUTPUT -p tcp -m tcp --sport 3128 -j LOG --log-prefix OUTPUT
-A OUTPUT -p icmp -j LOG --log-prefix OUTPUT
-A fail2ban-ssh -j RETURN
COMMIT
# Completed on Mon Mar 31 13:36:11 2014
# Generated by iptables-save v1.4.14 on Mon Mar 31 13:36:11 2014
*nat
:PREROUTING ACCEPT [179719]
:INPUT ACCEPT [157275]
:OUTPUT ACCEPT [412235]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.16.1.51:3128
-A POSTROUTING -j MASQUERADE
COMMIT
# Completed on Mon Mar 31 13:36:11 2014
# Generated by iptables-save v1.4.14 on Mon Mar 31 13:36:11 2014
*mangle
:PREROUTING ACCEPT [1302050:502716189]
:INPUT ACCEPT [1277768:500342290]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1119978:406338565]
:POSTROUTING ACCEPT [1122386:406705557]
COMMIT
# Completed on Mon Mar 31 13:36:11 2014

Voici le résultat de tail -200 /var/log/syslog une fois les règles iptables que tu m’as prescrites ajoutées.

Mar 31 13:39:22 server-intra-01 kernel: [166657.051899] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=50371 DF PROTO=TCP SPT=3128 DPT=50573 WINDOW=123 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.051915] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=264 TOS=0x00 PREC=0x00 TTL=64 ID=50373 DF PROTO=TCP SPT=3128 DPT=50573 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.052613] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=41478 DF PROTO=TCP SPT=3128 DPT=49885 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.052676] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=41479 DF PROTO=TCP SPT=3128 DPT=49885 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.107767] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=15145 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.107790] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=15147 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.107825] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=288 TOS=0x00 PREC=0x00 TTL=64 ID=15148 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.138248] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=47141 DF PROTO=TCP SPT=3128 DPT=49958 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.138345] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=47142 DF PROTO=TCP SPT=3128 DPT=49958 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.163420] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=44281 DF PROTO=TCP SPT=3128 DPT=50563 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.164727] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=44282 DF PROTO=TCP SPT=3128 DPT=50563 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.164884] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=32295 DF PROTO=TCP SPT=3128 DPT=50488 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.164903] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=32297 DF PROTO=TCP SPT=3128 DPT=50488 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165030] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=32298 DF PROTO=TCP SPT=3128 DPT=50488 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165046] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=264 TOS=0x00 PREC=0x00 TTL=64 ID=32300 DF PROTO=TCP SPT=3128 DPT=50488 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165079] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=23850 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165094] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=23852 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165132] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=23853 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165165] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=23855 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165200] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=23856 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.165215] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=524 TOS=0x00 PREC=0x00 TTL=64 ID=23857 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.238473] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=43092 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.238495] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=43094 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.238533] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=43095 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.238548] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=276 TOS=0x00 PREC=0x00 TTL=64 ID=43096 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.309679] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=23858 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.309788] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=23859 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.391560] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=56851 DF PROTO=TCP SPT=3128 DPT=49964 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.391582] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=56853 DF PROTO=TCP SPT=3128 DPT=49964 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.391660] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=56854 DF PROTO=TCP SPT=3128 DPT=49964 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.391676] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=56856 DF PROTO=TCP SPT=3128 DPT=49964 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.391705] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=536 TOS=0x00 PREC=0x00 TTL=64 ID=56857 DF PROTO=TCP SPT=3128 DPT=49964 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.411624] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=50374 DF PROTO=TCP SPT=3128 DPT=50573 WINDOW=123 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.411646] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=50376 DF PROTO=TCP SPT=3128 DPT=50573 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.411681] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=288 TOS=0x00 PREC=0x00 TTL=64 ID=50377 DF PROTO=TCP SPT=3128 DPT=50573 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.453523] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=23860 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.453620] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=23861 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.453699] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=23862 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.461336] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=61 DF PROTO=TCP SPT=3128 DPT=50668 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.461361] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1476 TOS=0x00 PREC=0x00 TTL=64 ID=62 DF PROTO=TCP SPT=3128 DPT=50668 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.496798] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=47143 DF PROTO=TCP SPT=3128 DPT=49958 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.496820] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=47145 DF PROTO=TCP SPT=3128 DPT=49958 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.496858] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=47146 DF PROTO=TCP SPT=3128 DPT=49958 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.496874] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=264 TOS=0x00 PREC=0x00 TTL=64 ID=47148 DF PROTO=TCP SPT=3128 DPT=49958 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.519243] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=32301 DF PROTO=TCP SPT=3128 DPT=50488 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.519265] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=32303 DF PROTO=TCP SPT=3128 DPT=50488 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.519300] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=288 TOS=0x00 PREC=0x00 TTL=64 ID=32304 DF PROTO=TCP SPT=3128 DPT=50488 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.525617] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=44283 DF PROTO=TCP SPT=3128 DPT=50563 WINDOW=123 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.525639] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=44285 DF PROTO=TCP SPT=3128 DPT=50563 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.525674] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=288 TOS=0x00 PREC=0x00 TTL=64 ID=44286 DF PROTO=TCP SPT=3128 DPT=50563 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.598736] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=23863 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.598829] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=23864 DF PROTO=TCP SPT=3128 DPT=49883 WINDOW=123 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.670760] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=15149 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.670785] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=15151 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.670826] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=15152 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.670842] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=15154 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.670870] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=536 TOS=0x00 PREC=0x00 TTL=64 ID=15155 DF PROTO=TCP SPT=3128 DPT=50393 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.681586] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=43097 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.681608] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=43099 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.681644] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=43100 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.681659] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=276 TOS=0x00 PREC=0x00 TTL=64 ID=43101 DF PROTO=TCP SPT=3128 DPT=49963 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.697369] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=2960 TOS=0x00 PREC=0x00 TTL=64 ID=63 DF PROTO=TCP SPT=3128 DPT=50668 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.697392] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1216 TOS=0x00 PREC=0x00 TTL=64 ID=65 DF PROTO=TCP SPT=3128 DPT=50668 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.697451] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=288 TOS=0x00 PREC=0x00 TTL=64 ID=66 DF PROTO=TCP SPT=3128 DPT=50668 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:22 server-intra-01 kernel: [166657.697494] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1488 TOS=0x00 PREC=0x00 TTL=64 ID=67 DF PROTO=TCP SPT=3128 DPT=50668 WINDOW=124 RES=0x00 ACK PSH URGP=0
Mar 31 13:39:23 server-intra-01 kernel: [166657.718286] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1500 TOS=0x00 PREC=0x00 TTL=64 ID=21005 DF PROTO=TCP SPT=3128 DPT=49959 WINDOW=124 RES=0x00 ACK URGP=0
Mar 31 13:39:23 server-intra-01 kernel: [166657.718307] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=1476 TOS=0x00 PREC=0x00 TTL=64 ID=21006 DF PROTO=TCP SPT=3128 DPT=49959 WINDOW=124 RES=0x00 ACK PSH URGP=0
root@server-intra-01:/home/yannick#

Je répète : dans ce que tu as copié ici, il y a nettement moins de 100 lignes, aussi bien pour le log précédent que pour le dernier. Où est passé le reste ?

En effet on voit quei squid a des connexions entrantes sur le port 3128 et des connexions sortantes vers le port 80 de diverses adresses extérieures, toutes dans l’état établi. Apparemment tout semble fonctionner.

Non, puisque les logs en OUTPUT et netstat montrent qu’il y a du trafic sur des connexions établies entre le client et le proxy. Ce que je ne comprends pas, c’est pourquoi les logs en entrée ne montraient que le premier paquet (SYN) des connexions et pas le reste du trafic entrant.

Pour ne pas perturber le réseau j’ai configuré une ACL sur le routeur afin qu’il n’envoie vers le serveur Squid que les paquets émanant de ma machine. Ainsi pour surfer je bascule sur squid via mon navigateur (c’est la raison d’une seule adresse.)
Le nombre limité du log vient du client Putty utilisé pour la conn au serveur. Mais bon je crois que je vais envoyer dans un fichier via un tube.

Mar 31 16:15:53 server-intra-01 kernel: [176044.299224] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=42 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.299493] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=40 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.299761] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=38 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.300028] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=36 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.300296] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=34 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.300562] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=32 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.300837] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=30 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.301103] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=28 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.301372] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=26 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.301642] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=24 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.301914] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=22 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.302186] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=20 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.302455] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=18 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.302723] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=16 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.302993] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=14 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.303411] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=12 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.303681] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=10 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.303954] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=8 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.304282] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=6 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.304554] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=4 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.304831] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=2 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 16:15:53 server-intra-01 kernel: [176044.305115] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=68 TOS=0x00 PREC=0xC0 TTL=64 ID=49082 PROTO=ICMP TYPE=11 CODE=0 [SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=1 ID=6965 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 ] 
Mar 31 16:15:54 server-intra-01 kernel: [176044.773584] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49443 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:15:55 server-intra-01 kernel: [176046.372852] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49441 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:15:58 server-intra-01 kernel: [176048.971677] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49443 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:01 server-intra-01 kernel: [176051.970300] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49442 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.881417] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=126 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.881786] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=124 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.882141] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=122 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.882509] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=120 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.882869] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=118 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.883242] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=116 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.884117] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=114 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.884528] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=112 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.884868] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=110 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.885176] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=108 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.887644] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.887946] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.888264] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=102 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.888568] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=100 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.888895] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=98 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.891036] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=96 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.891800] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=94 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.892102] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=92 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.894227] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=90 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.894565] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=88 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.894868] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=86 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.895162] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=84 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.895754] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=82 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.896401] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=80 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.898385] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=78 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.898667] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=76 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.899184] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=74 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.899484] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=72 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.899804] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=70 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.900142] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=68 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.900463] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=66 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.900766] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.901067] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.901399] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=60 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.901753] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.903803] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=56 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.904159] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.905334] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.907432] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.909414] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.909820] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.911852] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=44 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.913996] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=42 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.914374] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=40 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.914655] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=38 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.914925] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=36 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.915776] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=34 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.916099] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=32 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.918507] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=30 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.918817] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=28 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.919090] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=26 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.919359] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=24 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.919627] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=22 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.919926] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=20 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.922089] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=18 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.924180] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=16 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.924513] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=14 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.924890] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=12 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.925640] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=10 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.926410] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=8 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.926711] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=6 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.927013] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=4 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.928112] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=2 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 
Mar 31 16:16:03 server-intra-01 kernel: [176053.928912] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=68 TOS=0x00 PREC=0xC0 TTL=64 ID=49083 PROTO=ICMP TYPE=11 CODE=0 [SRC=172.16.0.227 DST=174.129.243.212 LEN=40 TOS=0x00 PREC=0x00 TTL=1 ID=6979 DF PROTO=TCP SPT=49367 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 ] 
Mar 31 16:16:05 server-intra-01 kernel: [176055.443200] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49445 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:06 server-intra-01 kernel: [176056.968031] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49445 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:06 server-intra-01 kernel: [176056.968056] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49443 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:08 server-intra-01 kernel: [176058.967111] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49445 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:10 server-intra-01 named[3054]: success resolving 'addons.mozilla.org/A' (in 'mozilla.org'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:16:12 server-intra-01 kernel: [176062.965296] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49445 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:14 server-intra-01 kernel: [176064.877923] hpsa 0000:02:00.0: cp ffff880037500000 has check condition: unknown type: Sense: 0x5, ASC: 0x20, ASCQ: 0x0, Returning result: 0x2, cmd=[4d 00 40 00 00 00 00 00 04 00 00 00 00 00 00 00]
Mar 31 16:16:14 server-intra-01 kernel: [176064.902920] hpsa 0000:02:00.0: cp ffff880037500000 has check condition: unknown type: Sense: 0x5, ASC: 0x20, ASCQ: 0x0, Returning result: 0x2, cmd=[4d 00 40 00 00 00 00 00 04 00 00 00 00 00 00 00]
Mar 31 16:16:14 server-intra-01 kernel: [176064.903025] hpsa 0000:02:00.0: cp ffff880037500000 has check condition: unknown type: Sense: 0x5, ASC: 0x20, ASCQ: 0x0, Returning result: 0x2, cmd=[37 00 0c 00 00 00 00 00 04 00 00 00 00 00 00 00]
Mar 31 16:16:15 server-intra-01 kernel: [176065.939265] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49446 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:16 server-intra-01 kernel: [176066.963476] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49446 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:18 server-intra-01 kernel: [176068.962561] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49446 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:20 server-intra-01 kernel: [176070.961652] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49445 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:22 server-intra-01 kernel: [176072.935246] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49447 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:22 server-intra-01 kernel: [176072.960734] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49446 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:23 server-intra-01 kernel: [176074.160200] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49447 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:25 server-intra-01 kernel: [176076.159282] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49447 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:29 server-intra-01 kernel: [176080.157456] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49447 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:30 server-intra-01 kernel: [176080.957090] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49446 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:36 server-intra-01 kernel: [176086.932140] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49448 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:37 server-intra-01 named[3054]: success resolving 'fbcdn-profile-a.akamaihd.net.edgesuite.net/A' (in 'edgesuite.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:16:37 server-intra-01 kernel: [176088.353728] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49447 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:37 server-intra-01 kernel: [176088.353754] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49448 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:38 server-intra-01 kernel: [176089.369209] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=281 TOS=0x00 PREC=0xC0 TTL=64 ID=15198 PROTO=ICMP TYPE=3 CODE=3 [SRC=195.24.192.34 DST=172.16.1.51 LEN=253 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=58179 LEN=233 ] 
Mar 31 16:16:39 server-intra-01 kernel: [176090.352814] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49448 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:41 server-intra-01 kernel: [176092.082347] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=217 TOS=0x00 PREC=0xC0 TTL=64 ID=2459 PROTO=ICMP TYPE=3 CODE=3 [SRC=195.24.192.33 DST=172.16.1.51 LEN=189 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=18103 LEN=169 ] 
Mar 31 16:16:42 server-intra-01 named[3054]: error (network unreachable) resolving 'watson.microsoft.com/A/IN': 2a01:111:2020::1:1#53
Mar 31 16:16:42 server-intra-01 named[3054]: error (network unreachable) resolving 'watson.microsoft.com/A/IN': 2404:f800:2003::1:1#53
Mar 31 16:16:42 server-intra-01 named[3054]: error (network unreachable) resolving 'watson.microsoft.com/A/IN': 2a01:111:2005::1:1#53
Mar 31 16:16:42 server-intra-01 named[3054]: error (network unreachable) resolving 'watson.microsoft.com/A/IN': 2a01:111:200f:1::1:1#53
Mar 31 16:16:42 server-intra-01 named[3054]: error (network unreachable) resolving 'watson.microsoft.com/A/IN': 2a01:111:2006:6::1:1#53
Mar 31 16:16:42 server-intra-01 named[3054]: success resolving 'watson.microsoft.com/A' (in 'microsoft.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:16:43 server-intra-01 kernel: [176094.350988] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49448 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:49 server-intra-01 nullmailer[60222]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 b4sm2326946wic.0 - gsmtp
Mar 31 16:16:49 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:16:49 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394732341.53805
Mar 31 16:16:49 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:16:51 server-intra-01 kernel: [176102.347343] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49448 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:52 server-intra-01 nullmailer[60262]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 r4sm12956175wjz.28 - gsmtp
Mar 31 16:16:52 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:16:52 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1395679141.7023
Mar 31 16:16:52 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:16:52 server-intra-01 named[3054]: success resolving 'a1990.dspmm1.akamai.net/A' (in 'dspmm1.akamai.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:16:54 server-intra-01 named[3054]: success resolving 'smadav.net/A' (in 'smadav.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:16:55 server-intra-01 named[3054]: success resolving 'fbcdn-sphotos-e-a.akamaihd.net/A' (in 'akamaihd.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:16:57 server-intra-01 kernel: [176107.924646] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49449 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:16:58 server-intra-01 kernel: [176108.944350] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49449 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:00 server-intra-01 kernel: [176111.143347] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49449 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:01 server-intra-01 named[3054]: success resolving 'fbcdn-profile-a.akamaihd.net.edgesuite.net/A' (in 'edgesuite.net'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:17:01 server-intra-01 /USR/SBIN/CRON[60265]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Mar 31 16:17:04 server-intra-01 kernel: [176114.924091] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49450 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:04 server-intra-01 kernel: [176115.141521] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49449 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:05 server-intra-01 kernel: [176116.141071] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49450 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:07 server-intra-01 named[3054]: success resolving 'safebrowsing.google.com/A' (in 'google.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:17:07 server-intra-01 kernel: [176118.140125] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49450 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:08 server-intra-01 kernel: [176119.092679] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.1.32 LEN=230 TOS=0x00 PREC=0xC0 TTL=64 ID=29857 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.32 DST=172.16.1.51 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=5564 PROTO=UDP SPT=53 DPT=47401 LEN=182 ] 
Mar 31 16:17:08 server-intra-01 kernel: [176119.092712] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.1.32 LEN=230 TOS=0x00 PREC=0xC0 TTL=64 ID=29858 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.32 DST=172.16.1.51 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=5565 PROTO=UDP SPT=53 DPT=35030 LEN=182 ] 
Mar 31 16:17:10 server-intra-01 named[3054]: clients-per-query decreased to 12
Mar 31 16:17:11 server-intra-01 kernel: [176122.138328] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49450 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:12 server-intra-01 kernel: [176123.137883] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49449 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:12 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 75.127.96.10#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 69.93.127.10#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 109.74.194.10#53
Mar 31 16:17:13 server-intra-01 nullmailer[60263]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 gx9sm27216877wib.13 - gsmtp
Mar 31 16:17:13 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:13 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394532002.17010
Mar 31 16:17:13 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:13 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 65.19.178.10#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 207.192.70.10#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c02::a#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c00::a#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2a01:7e00::a#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c01::a#53
Mar 31 16:17:13 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c03::a#53
Mar 31 16:17:19 server-intra-01 kernel: [176130.134696] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49450 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:20 server-intra-01 kernel: [176130.936350] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49451 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:21 server-intra-01 kernel: [176132.333681] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49451 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:23 server-intra-01 kernel: [176134.332764] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49451 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:23 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 75.127.96.10#53
Mar 31 16:17:24 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 69.93.127.10#53
Mar 31 16:17:24 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 109.74.194.10#53
Mar 31 16:17:24 server-intra-01 nullmailer[60267]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 ct2sm12958834wjb.33 - gsmtp
Mar 31 16:17:24 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:24 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394822341.14231
Mar 31 16:17:24 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:24 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 65.19.178.10#53
Mar 31 16:17:24 server-intra-01 kernel: [176135.076517] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.1.32 LEN=226 TOS=0x00 PREC=0xC0 TTL=64 ID=29859 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.32 DST=172.16.1.51 LEN=198 TOS=0x00 PREC=0x00 TTL=128 ID=5769 PROTO=UDP SPT=53 DPT=59265 LEN=178 ] 
Mar 31 16:17:24 server-intra-01 named[3054]: error (unexpected RCODE REFUSED) resolving 'cdn.printitgreen.com/A/IN': 207.192.70.10#53
Mar 31 16:17:24 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c02::a#53
Mar 31 16:17:24 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c00::a#53
Mar 31 16:17:24 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2a01:7e00::a#53
Mar 31 16:17:24 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c01::a#53
Mar 31 16:17:24 server-intra-01 named[3054]: error (network unreachable) resolving 'cdn.printitgreen.com/A/IN': 2600:3c03::a#53
Mar 31 16:17:25 server-intra-01 kernel: [176135.912699] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49452 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:26 server-intra-01 kernel: [176136.931589] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49452 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:26 server-intra-01 nullmailer[60269]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 hy8sm13536975wjb.2 - gsmtp
Mar 31 16:17:26 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:26 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1395550801.57454
Mar 31 16:17:26 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:27 server-intra-01 kernel: [176138.330945] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49451 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:28 server-intra-01 kernel: [176138.930676] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49452 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:30 server-intra-01 nullmailer[60270]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 mv1sm27178975wib.15 - gsmtp
Mar 31 16:17:30 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:30 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394863741.25884
Mar 31 16:17:30 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:31 server-intra-01 nullmailer[60271]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 h8sm27220152wiz.12 - gsmtp
Mar 31 16:17:31 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:31 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394186401.44613
Mar 31 16:17:31 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:32 server-intra-01 kernel: [176142.909030] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49453 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:32 server-intra-01 kernel: [176142.928859] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49452 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:33 server-intra-01 kernel: [176144.128318] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49453 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:34 server-intra-01 named[3054]: success resolving 's1.yimg.com/A' (in 'yimg.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:17:35 server-intra-01 kernel: [176146.127392] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49453 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:35 server-intra-01 kernel: [176146.327302] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49451 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:37 server-intra-01 nullmailer[60272]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 d6sm27248169wiz.4 - gsmtp
Mar 31 16:17:37 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:37 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394575202.25359
Mar 31 16:17:37 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:38 server-intra-01 nullmailer[60273]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 v6sm27261376wif.0 - gsmtp
Mar 31 16:17:38 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:38 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1396090801.17893
Mar 31 16:17:38 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:39 server-intra-01 kernel: [176149.920584] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49454 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:39 server-intra-01 kernel: [176150.125579] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49453 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:40 server-intra-01 kernel: [176150.925220] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49452 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:40 server-intra-01 kernel: [176150.925245] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49454 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:42 server-intra-01 nullmailer[60274]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 fb6sm27221289wib.2 - gsmtp
Mar 31 16:17:42 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:42 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394888401.51252
Mar 31 16:17:42 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:42 server-intra-01 kernel: [176152.924301] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49454 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:43 server-intra-01 named[3054]: error (network unreachable) resolving 'www.agenceecofin.com/A/IN': 2001:503:a83e::2:30#53
Mar 31 16:17:43 server-intra-01 named[3054]: error (network unreachable) resolving 'www.agenceecofin.com/A/IN': 2001:503:231d::2:30#53
Mar 31 16:17:43 server-intra-01 named[3054]: success resolving 'www.agenceecofin.com/A' (in 'agenceecofin.com'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:17:44 server-intra-01 named[3054]: error (network unreachable) resolving 'ns13.comscore.eu/AAAA/IN': 2001:678:4::13#53
Mar 31 16:17:44 server-intra-01 named[3054]: success resolving 'ns13.comscore.eu/AAAA' (in 'comscore.eu'?) after reducing the advertised EDNS UDP packet size to 512 octets
Mar 31 16:17:46 server-intra-01 kernel: [176156.922474] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49454 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:47 server-intra-01 kernel: [176158.121902] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49453 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:47 server-intra-01 kernel: [176158.192134] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.1.32 LEN=226 TOS=0x00 PREC=0xC0 TTL=64 ID=29860 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.32 DST=172.16.1.51 LEN=198 TOS=0x00 PREC=0x00 TTL=128 ID=6070 PROTO=UDP SPT=53 DPT=39273 LEN=178 ] 
Mar 31 16:17:48 server-intra-01 kernel: [176159.310153] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49455 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:49 server-intra-01 nullmailer[60275]: smtp: Failed: 534-5.7.9 Please log in with your web browser and then try again. Learn more at#012534 5.7.9 https://support.google.com/mail/bin/answer.py?answer=78754 w6sm12960390wjq.29 - gsmtp
Mar 31 16:17:49 server-intra-01 nullmailer[2858]: Sending failed:  Permanent error in sending the message
Mar 31 16:17:49 server-intra-01 nullmailer[2858]: Starting delivery: protocol: smtp host: smtp.gmail.com file: 1394125202.12675
Mar 31 16:17:49 server-intra-01 nullmailer[2858]: Starting delivery, 1336 message(s) in queue.
Mar 31 16:17:49 server-intra-01 kernel: [176160.228192] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49456 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:49 server-intra-01 kernel: [176160.320929] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49455 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:50 server-intra-01 kernel: [176161.127971] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49457 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:50 server-intra-01 kernel: [176161.320466] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49456 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:51 server-intra-01 kernel: [176162.320019] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49455 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:51 server-intra-01 kernel: [176162.320044] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49457 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:52 server-intra-01 kernel: [176163.319558] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49456 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:53 server-intra-01 kernel: [176163.912979] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49458 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:53 server-intra-01 kernel: [176164.319107] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49457 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:54 server-intra-01 kernel: [176165.118746] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49454 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:54 server-intra-01 kernel: [176165.118772] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49458 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:55 server-intra-01 kernel: [176166.318202] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49455 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:56 server-intra-01 kernel: [176167.117834] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49458 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:56 server-intra-01 kernel: [176167.317742] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49456 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 16:17:57 server-intra-01 kernel: [176168.317281] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=49457 WINDOW=14600 RES=0x00 ACK SYN URGP=0 

iptables-save:

# Generated by iptables-save v1.4.14 on Mon Mar 31 16:21:04 2014
*filter
:INPUT ACCEPT [202233]
:FORWARD ACCEPT [9137:365580]
:OUTPUT ACCEPT [120985]
:fail2ban-ssh - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A FORWARD -i gre0 -j LOG --log-prefix FORWARD
-A OUTPUT -p tcp -m tcp --sport 3128 -j LOG --log-prefix OUTPUT
-A OUTPUT -p icmp -j LOG --log-prefix OUTPUT
-A fail2ban-ssh -j RETURN
COMMIT
# Completed on Mon Mar 31 16:21:04 2014
# Generated by iptables-save v1.4.14 on Mon Mar 31 16:21:04 2014
*nat
:PREROUTING ACCEPT [42300:5126778]
:INPUT ACCEPT [39057:4793426]
:OUTPUT ACCEPT [61555:4939404]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.16.1.51:3128
-A PREROUTING -i gre0 -j LOG --log-prefix PRENAT
-A PREROUTING -i gre0 -j LOG --log-prefix POSTNAT
-A POSTROUTING -j MASQUERADE
COMMIT
# Completed on Mon Mar 31 16:21:04 2014
# Generated by iptables-save v1.4.14 on Mon Mar 31 16:21:04 2014
*mangle
:PREROUTING ACCEPT [1772633:673311069]
:INPUT ACCEPT [1721667:669159108]
:FORWARD ACCEPT [12035:481500]
:OUTPUT ACCEPT [1446994:540745411]
:POSTROUTING ACCEPT [1461670:541634935]
COMMIT
# Completed on Mon Mar 31 16:21:04 2014

Si je comprends bien, par moment tu configures le navigateur pour passer explicitement par le proxy et c’est ça qu’on voit dans les logs et netstat ? Tu ne pourrais pas avoir une machine différente pour tester et pour surfer ? Sinon, ça va être difficile de débugger, il va falloir au minimum filtrer les logs pour ne retenir que ceux correspondant aux tests, ou supprimer les règles de log lorsque tu surfes (et filtrer ce qui n’est pas dû à iptables tant qu’on y est).

Idéalement, il faudrait logger tous les paquets, sur toutes les interfaces, en entrée et en sortie lors des tests. L’ennui c’est que tu es en SSH, donc il faut ignorer ce trafic parasite.

Remplace les règles de log précédentes par celles-ci :

iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT iptables -A OUTPUT -j LOG --log-prefix "OUTPUT " iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -j LOG --log-prefix "INPUT " iptables -A FORWARD -j LOG --log-prefix "FORWARD " iptables -t mangle -A PREROUTING -p tcp --dport 22 -j ACCEPT iptables -t mangle -A PREROUTING -j LOG --log-prefix "PREROUTING "
Pour putty, on peut régler le nombre de lignes du tampon. Ceci dit, pas besoin de 250 lignes ni même 100, je voulais juste l’explication.

Pour info, tes derniers logs montrent une boucle de routage entre le proxy et le routeur : le même paquet repasse dans la chaîne FORWARD avec un TTL qui diminue à chaque fois, jusqu’à atteindre 0. Le proxy n’ayant pas besoin d’être routeur, je suggère d’ajouter une règle DROP dans la chaîne FORWARD juste après la règle LOG

ou de régler la politique par défaut de la chaîne à DROP

En effet suis obligé de reparametrer le navigateur à chaque fois pr le proxy. C’est un peu fastidieux.
Je tacherai de trouver une autre machine demain. Voici les résultats une fois tes commandes effectuées:

iptables-save:

# Generated by iptables-save v1.4.14 on Mon Mar 31 18:03:33 2014
*filter
:INPUT ACCEPT [365:77313]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [260:29190]
:fail2ban-ssh - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -j LOG --log-prefix INPUT
-A FORWARD -j LOG --log-prefix FORWARD
-A OUTPUT -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -j LOG --log-prefix OUTPUT
-A fail2ban-ssh -j RETURN
COMMIT
# Completed on Mon Mar 31 18:03:33 2014
# Generated by iptables-save v1.4.14 on Mon Mar 31 18:03:33 2014
*nat
:PREROUTING ACCEPT [2084:233176]
:INPUT ACCEPT [1543:185898]
:OUTPUT ACCEPT [3102:242907]
:POSTROUTING ACCEPT [3102:242907]
-A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.16.1.51:3128
COMMIT
# Completed on Mon Mar 31 18:03:33 2014
# Generated by iptables-save v1.4.14 on Mon Mar 31 18:03:33 2014
*mangle
:PREROUTING ACCEPT [9901:2308305]
:INPUT ACCEPT [10667:2334864]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9079:2367016]
:POSTROUTING ACCEPT [9089:2368561]
-A PREROUTING -p tcp -m tcp --dport 22 -j ACCEPT
-A PREROUTING -j LOG --log-prefix PREROUTING
COMMIT
# Completed on Mon Mar 31 18:03:33 2014

Mar 31 18:04:38 server-intra-01 kernel: [182565.666035] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.35 LEN=76 TOS=0x00 PREC=0x00 TTL=64 ID=52178 PROTO=UDP SPT=43875 DPT=53 LEN=56 
Mar 31 18:04:38 server-intra-01 kernel: [182565.670685] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.35 DST=172.16.1.51 LEN=353 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=43875 LEN=333 
Mar 31 18:04:38 server-intra-01 kernel: [182565.670704] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.35 DST=172.16.1.51 LEN=353 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=43875 LEN=333 
Mar 31 18:04:38 server-intra-01 kernel: [182565.671237] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.35 LEN=87 TOS=0x00 PREC=0x00 TTL=64 ID=52179 PROTO=UDP SPT=23297 DPT=53 LEN=67 
Mar 31 18:04:38 server-intra-01 kernel: [182565.692671] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.35 DST=172.16.1.51 LEN=323 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=23297 LEN=303 
Mar 31 18:04:38 server-intra-01 kernel: [182565.692690] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.35 DST=172.16.1.51 LEN=323 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=23297 LEN=303 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922020] OUTPUTIN= OUT=lo SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21522 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19080 PROTO=UDP SPT=53 DPT=53982 LEN=259 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922049] OUTPUTIN= OUT=lo SRC=172.16.1.51 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0xC0 TTL=64 ID=21523 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=352 TOS=0x00 PREC=0x00 TTL=64 ID=19081 PROTO=UDP SPT=53 DPT=53241 LEN=332 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922069] OUTPUTIN= OUT=lo SRC=172.16.1.51 DST=172.16.1.51 LEN=557 TOS=0x00 PREC=0xC0 TTL=64 ID=21524 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=529 TOS=0x00 PREC=0x00 TTL=64 ID=19082 PROTO=UDP SPT=53 DPT=50921 LEN=509 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922101] PREROUTINGIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21522 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19080 PROTO=UDP SPT=53 DPT=53982 LEN=259 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922120] INPUTIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21522 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19080 PROTO=UDP SPT=53 DPT=53982 LEN=259 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922141] PREROUTINGIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0xC0 TTL=64 ID=21523 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=352 TOS=0x00 PREC=0x00 TTL=64 ID=19081 PROTO=UDP SPT=53 DPT=53241 LEN=332 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922159] INPUTIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0xC0 TTL=64 ID=21523 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=352 TOS=0x00 PREC=0x00 TTL=64 ID=19081 PROTO=UDP SPT=53 DPT=53241 LEN=332 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922178] PREROUTINGIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=557 TOS=0x00 PREC=0xC0 TTL=64 ID=21524 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=529 TOS=0x00 PREC=0x00 TTL=64 ID=19082 PROTO=UDP SPT=53 DPT=50921 LEN=509 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182565.922195] INPUTIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=557 TOS=0x00 PREC=0xC0 TTL=64 ID=21524 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=529 TOS=0x00 PREC=0x00 TTL=64 ID=19082 PROTO=UDP SPT=53 DPT=50921 LEN=509 ] 
Mar 31 18:04:38 server-intra-01 kernel: [182566.092478] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:71:bc:6f:cd:08:08:00 SRC=172.16.13.205 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15678 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:38 server-intra-01 kernel: [182566.092497] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:71:bc:6f:cd:08:08:00 SRC=172.16.13.205 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=15678 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:38 server-intra-01 kernel: [182566.103898] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22063 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:38 server-intra-01 kernel: [182566.103917] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22063 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:38 server-intra-01 kernel: [182566.173259] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=73 TOS=0x00 PREC=0x00 TTL=64 ID=16771 PROTO=UDP SPT=27248 DPT=53 LEN=53 
Mar 31 18:04:38 server-intra-01 kernel: [182566.180955] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=180 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=27248 LEN=160 
Mar 31 18:04:38 server-intra-01 kernel: [182566.180974] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=180 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=27248 LEN=160 
Mar 31 18:04:38 server-intra-01 kernel: [182566.181297] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.16 LEN=169 TOS=0x00 PREC=0x00 TTL=64 ID=19083 PROTO=UDP SPT=53 DPT=65170 LEN=149 
Mar 31 18:04:38 server-intra-01 kernel: [182566.242956] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=88 TOS=0x00 PREC=0x00 TTL=64 ID=16772 PROTO=UDP SPT=27131 DPT=53 LEN=68 
Mar 31 18:04:38 server-intra-01 kernel: [182566.247209] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=296 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=27131 LEN=276 
Mar 31 18:04:38 server-intra-01 kernel: [182566.247228] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=296 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=27131 LEN=276 
Mar 31 18:04:38 server-intra-01 kernel: [182566.247651] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=16773 PROTO=UDP SPT=25041 DPT=53 LEN=70 
Mar 31 18:04:38 server-intra-01 kernel: [182566.254627] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=263 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=25041 LEN=243 
Mar 31 18:04:38 server-intra-01 kernel: [182566.254646] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=263 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=25041 LEN=243 
Mar 31 18:04:38 server-intra-01 kernel: [182566.255022] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.14.136 LEN=360 TOS=0x00 PREC=0x00 TTL=64 ID=43073 PROTO=UDP SPT=53 DPT=52007 LEN=340 
Mar 31 18:04:38 server-intra-01 kernel: [182566.270197] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cc:f7:08:00 SRC=172.16.0.227 DST=172.16.1.51 LEN=57 TOS=0x00 PREC=0x00 TTL=128 ID=8041 PROTO=UDP SPT=49847 DPT=53 LEN=37 
Mar 31 18:04:38 server-intra-01 kernel: [182566.270218] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cc:f7:08:00 SRC=172.16.0.227 DST=172.16.1.51 LEN=57 TOS=0x00 PREC=0x00 TTL=128 ID=8041 PROTO=UDP SPT=49847 DPT=53 LEN=37 
Mar 31 18:04:38 server-intra-01 kernel: [182566.270588] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=16774 PROTO=UDP SPT=30215 DPT=53 LEN=48 
Mar 31 18:04:39 server-intra-01 kernel: [182566.553510] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.210.5.19 LEN=76 TOS=0x00 PREC=0x00 TTL=64 ID=20843 PROTO=UDP SPT=51986 DPT=53 LEN=56 
Mar 31 18:04:39 server-intra-01 named[3054]: error (connection refused) resolving 'dbokf.v1.bdnsrt.org/A/IN': 195.210.5.19#53
Mar 31 18:04:39 server-intra-01 kernel: [182566.727644] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.210.5.19 DST=172.16.1.51 LEN=104 TOS=0x00 PREC=0xC0 TTL=52 ID=13844 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.51 DST=195.210.5.19 LEN=76 TOS=0x00 PREC=0x00 TTL=50 ID=20843 PROTO=UDP SPT=51986 DPT=53 LEN=56 ] 
Mar 31 18:04:39 server-intra-01 kernel: [182566.727669] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.210.5.19 DST=172.16.1.51 LEN=104 TOS=0x00 PREC=0xC0 TTL=52 ID=13844 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.51 DST=195.210.5.19 LEN=76 TOS=0x00 PREC=0x00 TTL=50 ID=20843 PROTO=UDP SPT=51986 DPT=53 LEN=56 ] 
Mar 31 18:04:39 server-intra-01 kernel: [182566.727951] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=91.199.104.132 LEN=76 TOS=0x00 PREC=0x00 TTL=64 ID=63117 PROTO=UDP SPT=47836 DPT=53 LEN=56 
Mar 31 18:04:39 server-intra-01 kernel: [182566.842994] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cd:08:08:00 SRC=172.16.13.205 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=128 ID=15681 PROTO=UDP SPT=58430 DPT=53 LEN=49 
Mar 31 18:04:39 server-intra-01 kernel: [182566.843016] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cd:08:08:00 SRC=172.16.13.205 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=128 ID=15681 PROTO=UDP SPT=58430 DPT=53 LEN=49 
Mar 31 18:04:39 server-intra-01 kernel: [182566.843244] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.205 LEN=173 TOS=0x00 PREC=0x00 TTL=64 ID=56895 PROTO=UDP SPT=53 DPT=58430 LEN=153 
Mar 31 18:04:39 server-intra-01 kernel: [182566.869585] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51185 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:39 server-intra-01 named[3054]: error (connection refused) resolving 'dbokf.v1.bdnsrt.org/A/IN': 91.199.104.132#53
Mar 31 18:04:39 server-intra-01 kernel: [182566.894500] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=91.199.104.132 DST=172.16.1.51 LEN=104 TOS=0x00 PREC=0xC0 TTL=52 ID=20504 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.51 DST=91.199.104.132 LEN=76 TOS=0x00 PREC=0x00 TTL=50 ID=63117 PROTO=UDP SPT=47836 DPT=53 LEN=56 ] 
Mar 31 18:04:39 server-intra-01 kernel: [182566.894525] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=91.199.104.132 DST=172.16.1.51 LEN=104 TOS=0x00 PREC=0xC0 TTL=52 ID=20504 PROTO=ICMP TYPE=3 CODE=3 [SRC=172.16.1.51 DST=91.199.104.132 LEN=76 TOS=0x00 PREC=0x00 TTL=50 ID=63117 PROTO=UDP SPT=47836 DPT=53 LEN=56 ] 
Mar 31 18:04:39 server-intra-01 kernel: [182566.894834] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=76 TOS=0x00 PREC=0x00 TTL=64 ID=16775 PROTO=UDP SPT=65083 DPT=53 LEN=56 
Mar 31 18:04:39 server-intra-01 kernel: [182566.990166] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22067 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:39 server-intra-01 kernel: [182566.990185] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22067 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:39 server-intra-01 kernel: [182567.152954] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=68 TOS=0x00 PREC=0x00 TTL=128 ID=18751 PROTO=UDP SPT=53982 DPT=53 LEN=48 
Mar 31 18:04:39 server-intra-01 kernel: [182567.152972] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=68 TOS=0x00 PREC=0x00 TTL=128 ID=18751 PROTO=UDP SPT=53982 DPT=53 LEN=48 
Mar 31 18:04:39 server-intra-01 kernel: [182567.152997] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=68 TOS=0x00 PREC=0x00 TTL=128 ID=18753 PROTO=UDP SPT=55551 DPT=53 LEN=48 
Mar 31 18:04:39 server-intra-01 kernel: [182567.153010] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=68 TOS=0x00 PREC=0x00 TTL=128 ID=18753 PROTO=UDP SPT=55551 DPT=53 LEN=48 
Mar 31 18:04:39 server-intra-01 kernel: [182567.153439] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=16776 PROTO=UDP SPT=40212 DPT=53 LEN=59 
Mar 31 18:04:39 server-intra-01 kernel: [182567.161442] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=290 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=40212 LEN=270 
Mar 31 18:04:39 server-intra-01 kernel: [182567.161461] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=290 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=40212 LEN=270 
Mar 31 18:04:39 server-intra-01 kernel: [182567.161957] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=89 TOS=0x00 PREC=0x00 TTL=64 ID=16777 PROTO=UDP SPT=62461 DPT=53 LEN=69 
Mar 31 18:04:39 server-intra-01 kernel: [182567.269399] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51188 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:39 server-intra-01 kernel: [182567.269709] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cc:f7:08:00 SRC=172.16.0.227 DST=172.16.1.51 LEN=57 TOS=0x00 PREC=0x00 TTL=128 ID=8047 PROTO=UDP SPT=49847 DPT=53 LEN=37 
Mar 31 18:04:39 server-intra-01 kernel: [182567.269728] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cc:f7:08:00 SRC=172.16.0.227 DST=172.16.1.51 LEN=57 TOS=0x00 PREC=0x00 TTL=128 ID=8047 PROTO=UDP SPT=49847 DPT=53 LEN=37 
Mar 31 18:04:39 server-intra-01 kernel: [182567.364323] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:b8:ac:6f:56:d2:51:08:00 SRC=172.16.14.48 DST=239.255.255.250 LEN=161 TOS=0x00 PREC=0x00 TTL=1 ID=26045 PROTO=UDP SPT=55292 DPT=1900 LEN=141 
Mar 31 18:04:39 server-intra-01 kernel: [182567.364343] INPUTIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:b8:ac:6f:56:d2:51:08:00 SRC=172.16.14.48 DST=239.255.255.250 LEN=161 TOS=0x00 PREC=0x00 TTL=1 ID=26045 PROTO=UDP SPT=55292 DPT=1900 LEN=141 
Mar 31 18:04:40 server-intra-01 kernel: [182567.470226] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=29001 PROTO=UDP SPT=3038 DPT=53 LEN=48 
Mar 31 18:04:40 server-intra-01 kernel: [182567.474361] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=234 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=3038 LEN=214 
Mar 31 18:04:40 server-intra-01 kernel: [182567.474380] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=234 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=3038 LEN=214 
Mar 31 18:04:40 server-intra-01 kernel: [182567.474838] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=29002 PROTO=UDP SPT=61574 DPT=53 LEN=58 
Mar 31 18:04:40 server-intra-01 kernel: [182567.739153] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22070 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:40 server-intra-01 kernel: [182567.739172] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22070 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:40 server-intra-01 kernel: [182567.774721] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9781 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:40 server-intra-01 kernel: [182567.774741] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9781 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:40 server-intra-01 kernel: [182567.971897] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=62 TOS=0x00 PREC=0x00 TTL=128 ID=18767 PROTO=UDP SPT=65170 DPT=53 LEN=42 
Mar 31 18:04:40 server-intra-01 kernel: [182567.971916] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=62 TOS=0x00 PREC=0x00 TTL=128 ID=18767 PROTO=UDP SPT=65170 DPT=53 LEN=42 
Mar 31 18:04:40 server-intra-01 kernel: [182567.972273] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=73 TOS=0x00 PREC=0x00 TTL=64 ID=29003 PROTO=UDP SPT=40285 DPT=53 LEN=53 
Mar 31 18:04:40 server-intra-01 kernel: [182567.980989] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=148 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=40285 LEN=128 
Mar 31 18:04:40 server-intra-01 kernel: [182567.981009] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=148 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=40285 LEN=128 
Mar 31 18:04:40 server-intra-01 kernel: [182567.981355] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.16 LEN=169 TOS=0x00 PREC=0x00 TTL=64 ID=19084 PROTO=UDP SPT=53 DPT=65170 LEN=149 
Mar 31 18:04:40 server-intra-01 kernel: [182568.022643] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=75 TOS=0x00 PREC=0x00 TTL=128 ID=18770 PROTO=UDP SPT=50921 DPT=53 LEN=55 
Mar 31 18:04:40 server-intra-01 kernel: [182568.022662] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=75 TOS=0x00 PREC=0x00 TTL=128 ID=18770 PROTO=UDP SPT=50921 DPT=53 LEN=55 
Mar 31 18:04:40 server-intra-01 kernel: [182568.023014] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=86 TOS=0x00 PREC=0x00 TTL=64 ID=29004 PROTO=UDP SPT=4266 DPT=53 LEN=66 
Mar 31 18:04:40 server-intra-01 kernel: [182568.028816] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=460 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=4266 LEN=440 
Mar 31 18:04:40 server-intra-01 kernel: [182568.028835] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=460 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=4266 LEN=440 
Mar 31 18:04:40 server-intra-01 kernel: [182568.029437] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=29005 PROTO=UDP SPT=55541 DPT=53 LEN=71 
Mar 31 18:04:40 server-intra-01 kernel: [182568.034023] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=417 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=55541 LEN=397 
Mar 31 18:04:40 server-intra-01 kernel: [182568.034042] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=417 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=55541 LEN=397 
Mar 31 18:04:40 server-intra-01 kernel: [182568.034564] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=97 TOS=0x00 PREC=0x00 TTL=64 ID=29006 PROTO=UDP SPT=35555 DPT=53 LEN=77 
Mar 31 18:04:40 server-intra-01 kernel: [182568.038683] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=403 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=35555 LEN=383 
Mar 31 18:04:40 server-intra-01 kernel: [182568.038702] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=403 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=35555 LEN=383 
Mar 31 18:04:40 server-intra-01 kernel: [182568.039239] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=100 TOS=0x00 PREC=0x00 TTL=64 ID=29007 PROTO=UDP SPT=46055 DPT=53 LEN=80 
Mar 31 18:04:40 server-intra-01 kernel: [182568.043639] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=352 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=46055 LEN=332 
Mar 31 18:04:40 server-intra-01 kernel: [182568.043658] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=352 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=46055 LEN=332 
Mar 31 18:04:40 server-intra-01 kernel: [182568.044045] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.16 LEN=529 TOS=0x00 PREC=0x00 TTL=64 ID=19085 PROTO=UDP SPT=53 DPT=50921 LEN=509 
Mar 31 18:04:40 server-intra-01 kernel: [182568.094475] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=76 TOS=0x00 PREC=0x00 TTL=64 ID=29008 PROTO=UDP SPT=33040 DPT=53 LEN=56 
Mar 31 18:04:40 server-intra-01 kernel: [182568.150328] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=153 TOS=0x00 PREC=0x00 TTL=1 ID=15808 PROTO=UDP SPT=55807 DPT=1900 LEN=133 
Mar 31 18:04:40 server-intra-01 kernel: [182568.150350] INPUTIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=153 TOS=0x00 PREC=0x00 TTL=1 ID=15808 PROTO=UDP SPT=55807 DPT=1900 LEN=133 
Mar 31 18:04:40 server-intra-01 kernel: [182568.151434] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=151 TOS=0x00 PREC=0x00 TTL=1 ID=15809 PROTO=UDP SPT=55807 DPT=1900 LEN=131 
Mar 31 18:04:40 server-intra-01 kernel: [182568.151453] INPUTIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=151 TOS=0x00 PREC=0x00 TTL=1 ID=15809 PROTO=UDP SPT=55807 DPT=1900 LEN=131 
Mar 31 18:04:40 server-intra-01 kernel: [182568.269368] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cc:f7:08:00 SRC=172.16.0.227 DST=172.16.1.51 LEN=57 TOS=0x00 PREC=0x00 TTL=128 ID=8051 PROTO=UDP SPT=49847 DPT=53 LEN=37 
Mar 31 18:04:40 server-intra-01 kernel: [182568.269387] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:70:71:bc:6f:cc:f7:08:00 SRC=172.16.0.227 DST=172.16.1.51 LEN=57 TOS=0x00 PREC=0x00 TTL=128 ID=8051 PROTO=UDP SPT=49847 DPT=53 LEN=37 
Mar 31 18:04:40 server-intra-01 kernel: [182568.269756] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=29009 PROTO=UDP SPT=26550 DPT=53 LEN=48 
Mar 31 18:04:40 server-intra-01 kernel: [182568.276900] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=234 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=26550 LEN=214 
Mar 31 18:04:40 server-intra-01 kernel: [182568.276919] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=234 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=26550 LEN=214 
Mar 31 18:04:40 server-intra-01 kernel: [182568.361607] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=89 TOS=0x00 PREC=0x00 TTL=64 ID=29010 PROTO=UDP SPT=63003 DPT=53 LEN=69 
Mar 31 18:04:40 server-intra-01 kernel: [182568.365525] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=263 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=63003 LEN=243 
Mar 31 18:04:40 server-intra-01 kernel: [182568.365544] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=263 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=63003 LEN=243 
Mar 31 18:04:40 server-intra-01 kernel: [182568.365885] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19086 PROTO=UDP SPT=53 DPT=53982 LEN=259 
Mar 31 18:04:40 server-intra-01 kernel: [182568.365925] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19087 PROTO=UDP SPT=53 DPT=55551 LEN=259 
Mar 31 18:04:40 server-intra-01 kernel: [182568.439623] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=18776 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:40 server-intra-01 kernel: [182568.439650] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=18776 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182568.489831] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22071 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182568.489850] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22071 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182568.534915] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9782 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182568.534934] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9782 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182568.674482] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=16778 PROTO=UDP SPT=1742 DPT=53 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182568.680025] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=196 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=1742 LEN=176 
Mar 31 18:04:41 server-intra-01 kernel: [182568.680044] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=196 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=1742 LEN=176 
Mar 31 18:04:41 server-intra-01 kernel: [182568.680378] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=207 TOS=0x00 PREC=0x00 TTL=64 ID=49646 PROTO=UDP SPT=53 DPT=49847 LEN=187 
Mar 31 18:04:41 server-intra-01 kernel: [182568.697144] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=63 TOS=0x00 PREC=0x00 TTL=128 ID=18779 PROTO=UDP SPT=53241 DPT=53 LEN=43 
Mar 31 18:04:41 server-intra-01 kernel: [182568.697163] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=63 TOS=0x00 PREC=0x00 TTL=128 ID=18779 PROTO=UDP SPT=53241 DPT=53 LEN=43 
Mar 31 18:04:41 server-intra-01 kernel: [182568.697531] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=74 TOS=0x00 PREC=0x00 TTL=64 ID=16779 PROTO=UDP SPT=36084 DPT=53 LEN=54 
Mar 31 18:04:41 server-intra-01 kernel: [182568.707653] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=363 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=36084 LEN=343 
Mar 31 18:04:41 server-intra-01 kernel: [182568.707673] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=363 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=36084 LEN=343 
Mar 31 18:04:41 server-intra-01 kernel: [182568.708133] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=99 TOS=0x00 PREC=0x00 TTL=64 ID=16780 PROTO=UDP SPT=41536 DPT=53 LEN=79 
Mar 31 18:04:41 server-intra-01 kernel: [182568.718266] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=341 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=41536 LEN=321 
Mar 31 18:04:41 server-intra-01 kernel: [182568.718285] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=341 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=41536 LEN=321 
Mar 31 18:04:41 server-intra-01 kernel: [182568.718790] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=99 TOS=0x00 PREC=0x00 TTL=64 ID=16781 PROTO=UDP SPT=15073 DPT=53 LEN=79 
Mar 31 18:04:41 server-intra-01 kernel: [182568.726920] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=305 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=15073 LEN=285 
Mar 31 18:04:41 server-intra-01 kernel: [182568.726939] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=305 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=15073 LEN=285 
Mar 31 18:04:41 server-intra-01 kernel: [182568.727410] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=92 TOS=0x00 PREC=0x00 TTL=64 ID=16782 PROTO=UDP SPT=57118 DPT=53 LEN=72 
Mar 31 18:04:41 server-intra-01 kernel: [182568.732256] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=269 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=57118 LEN=249 
Mar 31 18:04:41 server-intra-01 kernel: [182568.732275] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=269 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=57118 LEN=249 
Mar 31 18:04:41 server-intra-01 kernel: [182568.732578] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.16 LEN=352 TOS=0x00 PREC=0x00 TTL=64 ID=19088 PROTO=UDP SPT=53 DPT=53241 LEN=332 
Mar 31 18:04:41 server-intra-01 kernel: [182568.868668] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51186 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176532] OUTPUTIN= OUT=lo SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21525 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19086 PROTO=UDP SPT=53 DPT=53982 LEN=259 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176560] OUTPUTIN= OUT=lo SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21526 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19087 PROTO=UDP SPT=53 DPT=55551 LEN=259 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176580] OUTPUTIN= OUT=lo SRC=172.16.1.51 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0xC0 TTL=64 ID=21527 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=352 TOS=0x00 PREC=0x00 TTL=64 ID=19088 PROTO=UDP SPT=53 DPT=53241 LEN=332 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176612] PREROUTINGIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21525 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19086 PROTO=UDP SPT=53 DPT=53982 LEN=259 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176632] INPUTIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21525 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19086 PROTO=UDP SPT=53 DPT=53982 LEN=259 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176653] PREROUTINGIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21526 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19087 PROTO=UDP SPT=53 DPT=55551 LEN=259 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176671] INPUTIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=307 TOS=0x00 PREC=0xC0 TTL=64 ID=21526 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=19087 PROTO=UDP SPT=53 DPT=55551 LEN=259 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176690] PREROUTINGIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0xC0 TTL=64 ID=21527 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=352 TOS=0x00 PREC=0x00 TTL=64 ID=19088 PROTO=UDP SPT=53 DPT=53241 LEN=332 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.176708] INPUTIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=172.16.1.51 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0xC0 TTL=64 ID=21527 PROTO=ICMP TYPE=3 CODE=1 [SRC=172.16.1.51 DST=172.16.13.16 LEN=352 TOS=0x00 PREC=0x00 TTL=64 ID=19088 PROTO=UDP SPT=53 DPT=53241 LEN=332 ] 
Mar 31 18:04:41 server-intra-01 kernel: [182569.189072] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=18801 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182569.189091] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=18801 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182569.294069] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.35 LEN=76 TOS=0x00 PREC=0x00 TTL=64 ID=52180 PROTO=UDP SPT=21115 DPT=53 LEN=56 
Mar 31 18:04:41 server-intra-01 kernel: [182569.298966] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9785 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182569.298985] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9785 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182569.319251] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.195.178 DST=172.16.1.51 LEN=68 TOS=0x00 PREC=0x00 TTL=255 ID=20463 PROTO=47 
Mar 31 18:04:41 server-intra-01 kernel: [182569.319269] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.195.178 DST=172.16.1.51 LEN=68 TOS=0x00 PREC=0x00 TTL=255 ID=20463 PROTO=47 
Mar 31 18:04:41 server-intra-01 kernel: [182569.319293] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=8056 DF PROTO=TCP SPT=51110 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 18:04:41 server-intra-01 kernel: [182569.319306] FORWARDIN=gre0 OUT=eth0 MAC= SRC=172.16.0.227 DST=54.243.154.85 LEN=40 TOS=0x00 PREC=0x00 TTL=126 ID=8056 DF PROTO=TCP SPT=51110 DPT=80 WINDOW=16425 RES=0x00 ACK FIN URGP=0 
Mar 31 18:04:41 server-intra-01 kernel: [182569.368073] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22075 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:41 server-intra-01 kernel: [182569.368092] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22075 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182569.569066] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9786 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182569.569085] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9786 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182569.938736] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=18837 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182569.938755] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=18837 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182570.118058] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22078 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182570.118077] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22078 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182570.277961] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:90:fb:a6:18:ae:2b:08:00 SRC=172.16.14.52 DST=239.255.255.250 LEN=327 TOS=0x00 PREC=0x00 TTL=255 ID=64169 PROTO=UDP SPT=1068 DPT=1900 LEN=307 
Mar 31 18:04:42 server-intra-01 kernel: [182570.277987] INPUTIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:90:fb:a6:18:ae:2b:08:00 SRC=172.16.14.52 DST=239.255.255.250 LEN=327 TOS=0x00 PREC=0x00 TTL=255 ID=64169 PROTO=UDP SPT=1068 DPT=1900 LEN=307 
Mar 31 18:04:42 server-intra-01 kernel: [182570.280899] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:90:fb:a6:18:ae:2b:08:00 SRC=172.16.14.52 DST=239.255.255.250 LEN=325 TOS=0x00 PREC=0x00 TTL=255 ID=64186 PROTO=UDP SPT=1077 DPT=1900 LEN=305 
Mar 31 18:04:42 server-intra-01 kernel: [182570.280920] INPUTIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:90:fb:a6:18:ae:2b:08:00 SRC=172.16.14.52 DST=239.255.255.250 LEN=325 TOS=0x00 PREC=0x00 TTL=255 ID=64186 PROTO=UDP SPT=1077 DPT=1900 LEN=305 
Mar 31 18:04:42 server-intra-01 kernel: [182570.302298] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:24:2c:80:eb:64:08:00 SRC=172.16.14.215 DST=224.0.0.251 LEN=299 TOS=0x00 PREC=0x00 TTL=255 ID=1718 PROTO=UDP SPT=5353 DPT=5353 LEN=279 
Mar 31 18:04:42 server-intra-01 kernel: [182570.302318] INPUTIN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:24:2c:80:eb:64:08:00 SRC=172.16.14.215 DST=224.0.0.251 LEN=299 TOS=0x00 PREC=0x00 TTL=255 ID=1718 PROTO=UDP SPT=5353 DPT=5353 LEN=279 
Mar 31 18:04:42 server-intra-01 kernel: [182570.328089] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9787 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182570.328108] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9787 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:42 server-intra-01 kernel: [182570.376916] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.1.32 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39550 DF PROTO=UDP SPT=52930 DPT=53 LEN=40 
Mar 31 18:04:43 server-intra-01 kernel: [182570.472685] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:d4:85:64:97:7c:55:08:00 SRC=172.16.14.51 DST=172.16.1.51 LEN=76 TOS=0x00 PREC=0x00 TTL=128 ID=12020 PROTO=UDP SPT=59619 DPT=53 LEN=56 
Mar 31 18:04:43 server-intra-01 kernel: [182570.472706] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:d4:85:64:97:7c:55:08:00 SRC=172.16.14.51 DST=172.16.1.51 LEN=76 TOS=0x00 PREC=0x00 TTL=128 ID=12020 PROTO=UDP SPT=59619 DPT=53 LEN=56 
Mar 31 18:04:43 server-intra-01 kernel: [182570.473142] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=87 TOS=0x00 PREC=0x00 TTL=64 ID=16783 PROTO=UDP SPT=46859 DPT=53 LEN=67 
Mar 31 18:04:43 server-intra-01 kernel: [182570.484565] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=644 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=46859 LEN=624 
Mar 31 18:04:43 server-intra-01 kernel: [182570.484584] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=644 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=46859 LEN=624 
Mar 31 18:04:43 server-intra-01 kernel: [182570.485247] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=101 TOS=0x00 PREC=0x00 TTL=64 ID=16784 PROTO=UDP SPT=35997 DPT=53 LEN=81 
Mar 31 18:04:43 server-intra-01 kernel: [182570.491675] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=603 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=35997 LEN=583 
Mar 31 18:04:43 server-intra-01 kernel: [182570.491694] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=603 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=35997 LEN=583 
Mar 31 18:04:43 server-intra-01 kernel: [182570.492227] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=16785 PROTO=UDP SPT=64602 DPT=53 LEN=60 
Mar 31 18:04:43 server-intra-01 kernel: [182570.493718] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=76 TOS=0x00 PREC=0x00 TTL=64 ID=16786 PROTO=UDP SPT=52699 DPT=53 LEN=56 
Mar 31 18:04:43 server-intra-01 kernel: [182570.500292] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=548 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=64602 LEN=528 
Mar 31 18:04:43 server-intra-01 kernel: [182570.500311] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=548 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=64602 LEN=528 
Mar 31 18:04:43 server-intra-01 kernel: [182570.500763] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.14.51 LEN=537 TOS=0x00 PREC=0x00 TTL=64 ID=31533 PROTO=UDP SPT=53 DPT=59619 LEN=517 
Mar 31 18:04:43 server-intra-01 kernel: [182570.575418] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.195.178 DST=172.16.1.51 LEN=80 TOS=0x00 PREC=0x00 TTL=255 ID=20464 PROTO=47 
Mar 31 18:04:43 server-intra-01 kernel: [182570.575436] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.195.178 DST=172.16.1.51 LEN=80 TOS=0x00 PREC=0x00 TTL=255 ID=20464 PROTO=47 
Mar 31 18:04:43 server-intra-01 kernel: [182570.575460] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=212.71.234.61 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=8058 DF PROTO=TCP SPT=51189 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 
Mar 31 18:04:43 server-intra-01 kernel: [182570.575477] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=8058 DF PROTO=TCP SPT=51189 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0 
Mar 31 18:04:43 server-intra-01 kernel: [182570.575509] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51189 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:43 server-intra-01 kernel: [182570.715726] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=70 TOS=0x00 PREC=0x00 TTL=128 ID=18848 PROTO=UDP SPT=59636 DPT=53 LEN=50 
Mar 31 18:04:43 server-intra-01 kernel: [182570.715747] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=70 TOS=0x00 PREC=0x00 TTL=128 ID=18848 PROTO=UDP SPT=59636 DPT=53 LEN=50 
Mar 31 18:04:43 server-intra-01 kernel: [182570.716145] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=81 TOS=0x00 PREC=0x00 TTL=64 ID=16787 PROTO=UDP SPT=44146 DPT=53 LEN=61 
Mar 31 18:04:43 server-intra-01 kernel: [182570.868562] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22081 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:43 server-intra-01 kernel: [182570.868581] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:11:43:4b:5b:2d:08:00 SRC=172.16.15.3 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=22081 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:43 server-intra-01 kernel: [182571.067665] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51187 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:43 server-intra-01 kernel: [182571.092151] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9788 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:43 server-intra-01 kernel: [182571.092170] INPUTIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:b4:b5:2f:cb:8f:9a:08:00 SRC=172.16.13.10 DST=172.16.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9788 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:43 server-intra-01 kernel: [182571.103326] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:14:6c:7f:44:8f:08:00 SRC=172.16.14.233 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=64 ID=24284 PROTO=UDP SPT=4208 DPT=53 LEN=49 
Mar 31 18:04:43 server-intra-01 kernel: [182571.103348] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:14:6c:7f:44:8f:08:00 SRC=172.16.14.233 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=64 ID=24284 PROTO=UDP SPT=4208 DPT=53 LEN=49 
Mar 31 18:04:43 server-intra-01 kernel: [182571.103818] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=16788 PROTO=UDP SPT=20070 DPT=53 LEN=60 
Mar 31 18:04:43 server-intra-01 kernel: [182571.155078] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=151 TOS=0x00 PREC=0x00 TTL=1 ID=15823 PROTO=UDP SPT=55807 DPT=1900 LEN=131 
Mar 31 18:04:43 server-intra-01 kernel: [182571.155097] INPUTIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=151 TOS=0x00 PREC=0x00 TTL=1 ID=15823 PROTO=UDP SPT=55807 DPT=1900 LEN=131 
Mar 31 18:04:43 server-intra-01 kernel: [182571.155246] PREROUTINGIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=153 TOS=0x00 PREC=0x00 TTL=1 ID=15824 PROTO=UDP SPT=55807 DPT=1900 LEN=133 
Mar 31 18:04:43 server-intra-01 kernel: [182571.155261] INPUTIN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:1c:25:2a:ad:b9:08:00 SRC=172.16.13.214 DST=239.255.255.250 LEN=153 TOS=0x00 PREC=0x00 TTL=1 ID=15824 PROTO=UDP SPT=55807 DPT=1900 LEN=133 
Mar 31 18:04:44 server-intra-01 kernel: [182571.667400] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51189 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:44 server-intra-01 kernel: [182571.915800] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=81 TOS=0x00 PREC=0x00 TTL=64 ID=29011 PROTO=UDP SPT=22212 DPT=53 LEN=61 
Mar 31 18:04:44 server-intra-01 kernel: [182571.970019] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=62 TOS=0x00 PREC=0x00 TTL=128 ID=18885 PROTO=UDP SPT=65170 DPT=53 LEN=42 
Mar 31 18:04:44 server-intra-01 kernel: [182571.970038] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=62 TOS=0x00 PREC=0x00 TTL=128 ID=18885 PROTO=UDP SPT=65170 DPT=53 LEN=42 
Mar 31 18:04:44 server-intra-01 kernel: [182571.970395] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=73 TOS=0x00 PREC=0x00 TTL=64 ID=16789 PROTO=UDP SPT=26404 DPT=53 LEN=53 
Mar 31 18:04:44 server-intra-01 kernel: [182572.020771] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=75 TOS=0x00 PREC=0x00 TTL=128 ID=18888 PROTO=UDP SPT=50921 DPT=53 LEN=55 
Mar 31 18:04:44 server-intra-01 kernel: [182572.020790] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:1f:e2:5e:8b:76:08:00 SRC=172.16.13.16 DST=172.16.1.51 LEN=75 TOS=0x00 PREC=0x00 TTL=128 ID=18888 PROTO=UDP SPT=50921 DPT=53 LEN=55 
Mar 31 18:04:44 server-intra-01 kernel: [182572.021148] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=86 TOS=0x00 PREC=0x00 TTL=64 ID=16790 PROTO=UDP SPT=56889 DPT=53 LEN=66 
Mar 31 18:04:44 server-intra-01 kernel: [182572.044670] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:13:e8:30:78:87:08:00 SRC=172.16.13.164 DST=172.16.1.51 LEN=62 TOS=0x00 PREC=0x00 TTL=128 ID=3384 PROTO=UDP SPT=56129 DPT=53 LEN=42 
Mar 31 18:04:44 server-intra-01 kernel: [182572.044692] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:13:e8:30:78:87:08:00 SRC=172.16.13.164 DST=172.16.1.51 LEN=62 TOS=0x00 PREC=0x00 TTL=128 ID=3384 PROTO=UDP SPT=56129 DPT=53 LEN=42 
Mar 31 18:04:44 server-intra-01 kernel: [182572.045035] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=413 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=22212 LEN=393 
Mar 31 18:04:44 server-intra-01 kernel: [182572.045054] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=413 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=22212 LEN=393 
Mar 31 18:04:44 server-intra-01 kernel: [182572.045663] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=93 TOS=0x00 PREC=0x00 TTL=64 ID=16791 PROTO=UDP SPT=65373 DPT=53 LEN=73 
Mar 31 18:04:44 server-intra-01 kernel: [182572.093167] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=29012 PROTO=UDP SPT=18786 DPT=53 LEN=45 
Mar 31 18:04:44 server-intra-01 kernel: [182572.102569] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:14:6c:7f:44:8f:08:00 SRC=172.16.14.233 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=64 ID=24286 PROTO=UDP SPT=4209 DPT=53 LEN=49 
Mar 31 18:04:44 server-intra-01 kernel: [182572.102590] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:14:6c:7f:44:8f:08:00 SRC=172.16.14.233 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=64 ID=24286 PROTO=UDP SPT=4209 DPT=53 LEN=49 
Mar 31 18:04:44 server-intra-01 kernel: [182572.148844] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=56889 LEN=360 
Mar 31 18:04:44 server-intra-01 kernel: [182572.148863] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=380 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=56889 LEN=360 
Mar 31 18:04:44 server-intra-01 kernel: [182572.149349] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=16792 PROTO=UDP SPT=33418 DPT=53 LEN=71 
Mar 31 18:04:44 server-intra-01 kernel: [182572.168732] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=435 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=65373 LEN=415 
Mar 31 18:04:44 server-intra-01 kernel: [182572.168751] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=435 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=65373 LEN=415 
Mar 31 18:04:44 server-intra-01 kernel: [182572.169206] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=16793 PROTO=UDP SPT=50351 DPT=53 LEN=60 
Mar 31 18:04:44 server-intra-01 kernel: [182572.219969] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=337 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=33418 LEN=317 
Mar 31 18:04:44 server-intra-01 kernel: [182572.219988] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=337 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=33418 LEN=317 
Mar 31 18:04:44 server-intra-01 kernel: [182572.220456] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=97 TOS=0x00 PREC=0x00 TTL=64 ID=16794 PROTO=UDP SPT=62405 DPT=53 LEN=77 
Mar 31 18:04:44 server-intra-01 kernel: [182572.292125] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=323 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=62405 LEN=303 
Mar 31 18:04:44 server-intra-01 kernel: [182572.292144] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.33 DST=172.16.1.51 LEN=323 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=62405 LEN=303 
Mar 31 18:04:44 server-intra-01 kernel: [182572.292637] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=107 TOS=0x00 PREC=0x00 TTL=64 ID=16795 PROTO=UDP SPT=49296 DPT=53 LEN=87 
Mar 31 18:04:44 server-intra-01 kernel: [182572.303434] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=29013 PROTO=UDP SPT=10283 DPT=53 LEN=60 
Mar 31 18:04:45 server-intra-01 kernel: [182572.464105] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.195.178 DST=172.16.1.51 LEN=80 TOS=0x00 PREC=0x00 TTL=255 ID=20465 PROTO=47 
Mar 31 18:04:45 server-intra-01 kernel: [182572.464122] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.195.178 DST=172.16.1.51 LEN=80 TOS=0x00 PREC=0x00 TTL=255 ID=20465 PROTO=47 
Mar 31 18:04:45 server-intra-01 kernel: [182572.464147] PREROUTINGIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=199.16.131.155 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=8066 DF PROTO=TCP SPT=51190 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 
Mar 31 18:04:45 server-intra-01 kernel: [182572.464163] INPUTIN=gre0 OUT= MAC= SRC=172.16.0.227 DST=172.16.1.51 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=8066 DF PROTO=TCP SPT=51190 DPT=3128 WINDOW=8192 RES=0x00 SYN URGP=0 
Mar 31 18:04:45 server-intra-01 kernel: [182572.464193] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51190 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:45 server-intra-01 kernel: [182572.476013] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:71:bc:b3:29:3a:08:00 SRC=192.168.36.57 DST=192.168.36.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=5284 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:45 server-intra-01 kernel: [182572.950194] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.14.51 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=31534 PROTO=UDP SPT=53 DPT=56246 LEN=45 
Mar 31 18:04:45 server-intra-01 kernel: [182572.964047] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:d4:85:64:97:7c:55:08:00 SRC=172.16.14.51 DST=172.16.1.51 LEN=63 TOS=0x00 PREC=0x00 TTL=128 ID=12059 PROTO=UDP SPT=59623 DPT=53 LEN=43 
Mar 31 18:04:45 server-intra-01 kernel: [182572.964068] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:d4:85:64:97:7c:55:08:00 SRC=172.16.14.51 DST=172.16.1.51 LEN=63 TOS=0x00 PREC=0x00 TTL=128 ID=12059 PROTO=UDP SPT=59623 DPT=53 LEN=43 
Mar 31 18:04:45 server-intra-01 kernel: [182572.964387] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.33 LEN=74 TOS=0x00 PREC=0x00 TTL=64 ID=16796 PROTO=UDP SPT=14436 DPT=53 LEN=54 
Mar 31 18:04:45 server-intra-01 kernel: [182573.102190] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:14:6c:7f:44:8f:08:00 SRC=172.16.14.233 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=64 ID=24288 PROTO=UDP SPT=4210 DPT=53 LEN=49 
Mar 31 18:04:45 server-intra-01 kernel: [182573.102211] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:14:6c:7f:44:8f:08:00 SRC=172.16.14.233 DST=172.16.1.51 LEN=69 TOS=0x00 PREC=0x00 TTL=64 ID=24288 PROTO=UDP SPT=4210 DPT=53 LEN=49 
Mar 31 18:04:45 server-intra-01 kernel: [182573.170054] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=73 TOS=0x00 PREC=0x00 TTL=64 ID=29014 PROTO=UDP SPT=37322 DPT=53 LEN=53 
Mar 31 18:04:45 server-intra-01 kernel: [182573.174979] PREROUTINGIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=148 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=37322 LEN=128 
Mar 31 18:04:45 server-intra-01 kernel: [182573.174998] INPUTIN=eth0 OUT= MAC=ac:16:2d:8d:86:50:00:25:84:46:e2:84:08:00 SRC=195.24.192.34 DST=172.16.1.51 LEN=148 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=UDP SPT=53 DPT=37322 LEN=128 
Mar 31 18:04:45 server-intra-01 kernel: [182573.175329] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.16 LEN=169 TOS=0x00 PREC=0x00 TTL=64 ID=19089 PROTO=UDP SPT=53 DPT=65170 LEN=149 
Mar 31 18:04:45 server-intra-01 kernel: [182573.175369] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.13.164 LEN=169 TOS=0x00 PREC=0x00 TTL=64 ID=41204 PROTO=UDP SPT=53 DPT=56129 LEN=149 
Mar 31 18:04:45 server-intra-01 kernel: [182573.225427] PREROUTINGIN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:70:71:bc:b3:29:3a:08:00 SRC=192.168.36.57 DST=192.168.36.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=5286 PROTO=UDP SPT=137 DPT=137 LEN=58 
Mar 31 18:04:45 server-intra-01 kernel: [182573.368834] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=29015 PROTO=UDP SPT=56827 DPT=53 LEN=60 
Mar 31 18:04:46 server-intra-01 kernel: [182573.466577] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=172.16.0.227 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=3128 DPT=51190 WINDOW=14600 RES=0x00 ACK SYN URGP=0 
Mar 31 18:04:46 server-intra-01 kernel: [182573.492268] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.34 LEN=107 TOS=0x00 PREC=0x00 TTL=64 ID=29016 PROTO=UDP SPT=1388 DPT=53 LEN=87 
Mar 31 18:04:46 server-intra-01 kernel: [182573.503074] OUTPUTIN= OUT=eth0 SRC=172.16.1.51 DST=195.24.192.35 LEN=80 TOS=0x00 PREC=0x00 TTL=64 ID=52181 PROTO=UDP SPT=12582 DPT=53 LEN=60 

Tu as parlé de boucle de routage entre le routeur et le squid. Mais en principe si j’ai bien compris le principe du protocole Wccp, les réponses des requetes devraient être directement transmise au client une fois reçu par le serveur et non plus repasser par le routeur.Ni même par gre0, mais directement via eth0.