Непонятный отчет фаерволла

[mountbeer]

Приветствую, убунтоводы!

Недавно смотря в логи наткнулся на непонятный траффик на мою машину с одного и того же локального IP.

Код: [Выделить]

sudo less /var/log/syslog | grep 192.168.248.52

(Нажмите, чтобы показать/скрыть)

Aug 23 10:58:47 beer kernel: [  320.313207] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=1247 PROTO=UDP SPT=138 DPT=138 LEN=209
Aug 23 10:59:48 beer kernel: [  382.536323] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=3961 PROTO=2
Aug 23 10:59:48 beer kernel: [  382.536341] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=3961 PROTO=2
Aug 23 11:01:38 beer kernel: [  492.780107] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=8263 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:01:39 beer kernel: [  493.795083] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=8310 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:01:40 beer kernel: [  494.733085] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=8362 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:01:41 beer kernel: [  495.005703] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=8375 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:01:47 beer kernel: [  501.707868] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=8764 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:01:58 beer kernel: [  512.034964] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=9209 PROTO=2
Aug 23 11:02:05 beer kernel: [  519.726076] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=9605 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:03:59 beer kernel: [  633.534353] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=12650 PROTO=2
Aug 23 11:03:59 beer kernel: [  633.534371] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=12650 PROTO=2
Aug 23 11:06:05 beer kernel: [  759.533661] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=30677 PROTO=2
Aug 23 11:06:05 beer kernel: [  759.533685] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=30677 PROTO=2
Aug 23 11:08:12 beer kernel: [  886.033407] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1924 PROTO=2
Aug 23 11:08:12 beer kernel: [  886.033432] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1924 PROTO=2
Aug 23 11:10:25 beer kernel: [ 1019.548407] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=6934 PROTO=2
Aug 23 11:10:25 beer kernel: [ 1019.548431] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=6934 PROTO=2
Aug 23 11:10:45 beer kernel: [ 1039.710610] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=7810 PROTO=UDP SPT=138 DPT=138 LEN=209
Aug 23 11:12:29 beer kernel: [ 1143.031543] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=12109 PROTO=2
Aug 23 11:12:29 beer kernel: [ 1143.031561] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=12109 PROTO=2
Aug 23 11:14:38 beer kernel: [ 1272.031232] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=17179 PROTO=2
Aug 23 11:14:38 beer kernel: [ 1272.031251] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=17179 PROTO=2
Aug 23 11:14:40 beer kernel: [ 1274.138651] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=236 TOS=0x00 PREC=0x00 TTL=128 ID=17309 PROTO=UDP SPT=138 DPT=138 LEN=216
Aug 23 11:16:39 beer kernel: [ 1393.030543] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=22815 PROTO=2
Aug 23 11:16:39 beer kernel: [ 1393.030561] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=22815 PROTO=2
Aug 23 11:18:46 beer kernel: [ 1520.048885] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=28304 PROTO=2
Aug 23 11:18:46 beer kernel: [ 1520.048903] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=28304 PROTO=2
Aug 23 11:20:57 beer kernel: [ 1651.528857] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1314 PROTO=2
Aug 23 11:20:57 beer kernel: [ 1651.528883] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1314 PROTO=2
Aug 23 11:22:46 beer kernel: [ 1760.410131] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=6026 PROTO=UDP SPT=138 DPT=138 LEN=209
Aug 23 11:22:58 beer kernel: [ 1772.028156] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=6328 PROTO=2
Aug 23 11:22:58 beer kernel: [ 1772.028182] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=6328 PROTO=2
Aug 23 11:23:17 beer kernel: [ 1791.700251] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=6860 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:23:18 beer kernel: [ 1792.713286] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=6881 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:23:19 beer kernel: [ 1793.761572] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=6920 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:23:20 beer kernel: [ 1794.010623] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=6926 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:23:20 beer kernel: [ 1794.760319] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=6951 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:23:20 beer kernel: [ 1794.773355] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=6953 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:23:21 beer kernel: [ 1795.510376] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=6963 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:23:23 beer kernel: [ 1797.790559] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=7019 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:23:26 beer kernel: [ 1800.690876] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=7120 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:23:27 beer kernel: [ 1801.698715] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=7143 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:23:46 beer kernel: [ 1820.708134] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=7728 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:24:23 beer kernel: [ 1857.734873] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=8950 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:24:26 beer kernel: [ 1860.451773] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=9035 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:24:47 beer kernel: [ 1881.728965] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=9634 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:25:06 beer kernel: [ 1900.561494] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=10164 PROTO=2
Aug 23 11:25:06 beer kernel: [ 1900.561519] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=10164 PROTO=2
Aug 23 11:27:16 beer kernel: [ 2030.060827] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=13618 PROTO=2
Aug 23 11:27:16 beer kernel: [ 2030.060844] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=13618 PROTO=2
Aug 23 11:29:20 beer kernel: [ 2154.026032] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=16756 PROTO=2
Aug 23 11:29:20 beer kernel: [ 2154.026058] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=16756 PROTO=2
Aug 23 11:29:40 beer kernel: [ 2174.114683] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=236 TOS=0x00 PREC=0x00 TTL=128 ID=17244 PROTO=UDP SPT=138 DPT=138 LEN=216
Aug 23 11:31:23 beer kernel: [ 2277.525373] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=20243 PROTO=2
Aug 23 11:31:23 beer kernel: [ 2277.525398] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=20243 PROTO=2
Aug 23 11:33:36 beer kernel: [ 2410.525238] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=24539 PROTO=2
Aug 23 11:33:36 beer kernel: [ 2410.525259] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=24539 PROTO=2
Aug 23 11:34:46 beer kernel: [ 2480.148642] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=27615 PROTO=UDP SPT=138 DPT=138 LEN=209
Aug 23 11:35:35 beer kernel: [ 2529.024410] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=29456 PROTO=2
Aug 23 11:35:35 beer kernel: [ 2529.024428] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=29456 PROTO=2
Aug 23 11:37:47 beer kernel: [ 2661.023308] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1323 PROTO=2
Aug 23 11:37:47 beer kernel: [ 2661.023333] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1323 PROTO=2
Aug 23 11:39:52 beer kernel: [ 2786.522838] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=4993 PROTO=2
Aug 23 11:39:52 beer kernel: [ 2786.522863] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=4993 PROTO=2
Aug 23 11:41:55 beer kernel: [ 2909.522174] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=8206 PROTO=2
Aug 23 11:41:55 beer kernel: [ 2909.522193] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=8206 PROTO=2
Aug 23 11:44:03 beer kernel: [ 3037.521775] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=11394 PROTO=2
Aug 23 11:44:03 beer kernel: [ 3037.521800] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=11394 PROTO=2
Aug 23 11:44:26 beer kernel: [ 3060.715123] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12031 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:44:27 beer kernel: [ 3061.730053] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12065 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:44:28 beer kernel: [ 3062.753201] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12128 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:44:29 beer kernel: [ 3063.006722] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=12131 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:44:29 beer kernel: [ 3063.756260] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=12160 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:44:29 beer kernel: [ 3063.758111] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12162 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:44:30 beer kernel: [ 3064.506212] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=12189 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:44:32 beer kernel: [ 3066.773423] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12284 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:44:35 beer kernel: [ 3069.687470] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12340 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:44:36 beer kernel: [ 3070.699584] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12367 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:44:46 beer kernel: [ 3080.714116] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=12653 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:45:08 beer kernel: [ 3102.747326] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=13240 PROTO=UDP SPT=5353 DPT=5353 LEN=47
Aug 23 11:46:11 beer kernel: [ 3165.520447] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=14779 PROTO=2
Aug 23 11:46:11 beer kernel: [ 3165.520472] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=14779 PROTO=2
Aug 23 11:46:45 beer kernel: [ 3199.868121] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=15533 PROTO=UDP SPT=138 DPT=138 LEN=209
Aug 23 11:47:39 beer kernel: [ 3253.564914] [UFW AUDIT] IN= OUT=eth0 SRC=192.168.248.213 DST=192.168.248.52 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=53307 PROTO=TCP SPT=45614 DPT=256 WINDOW=3072 RES=0x00 SYN URGP=0
Aug 23 11:47:39 beer kernel: [ 3253.564928] [UFW ALLOW] IN= OUT=eth0 SRC=192.168.248.213 DST=192.168.248.52 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=53307 PROTO=TCP SPT=45614 DPT=256 WINDOW=3072 RES=0x00 SYN URGP=0
Aug 23 11:47:39 beer kernel: [ 3253.564977] [UFW AUDIT] IN= OUT=eth0 SRC=192.168.248.213 DST=192.168.248.52 LEN=44 TOS=0x00 PREC=0x00 TTL=59 ID=24292 PROTO=TCP SPT=45614 DPT=3306 WINDOW=4096 RES=0x00 SYN URGP=0
Aug 23 11:47:39 beer kernel: [ 3253.564988] [UFW ALLOW] IN= OUT=eth0 SRC=192.168.248.213 DST=192.168.248.52 LEN=44 TOS=0x00 PREC=0x00 TTL=59 ID=24292 PROTO=TCP SPT=45614 DPT=3306 WINDOW=4096 RES=0x00 SYN URGP=0
Aug 23 11:47:39 beer kernel: [ 3253.565011] [UFW ALLOW] IN= OUT=eth0 SRC=192.168.248.213 DST=192.168.248.52 LEN=44 TOS=0x00 PREC=0x00 TTL=49 ID=17889 PROTO=TCP SPT=45614 DPT=554 WINDOW=2048 RES=0x00 SYN URGP=0
Aug 23 11:47:41 beer kernel: [ 3255.342598] [UFW AUDIT INVALID] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=148 TOS=0x00 PREC=0x00 TTL=128 ID=17691 PROTO=ICMP TYPE=0 CODE=0 ID=18726 SEQ=295
Aug 23 11:47:41 beer kernel: [ 3255.342620] [UFW BLOCK] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=148 TOS=0x00 PREC=0x00 TTL=128 ID=17691 PROTO=ICMP TYPE=0 CODE=0 ID=18726 SEQ=295
Aug 23 11:47:41 beer kernel: [ 3255.442827] [UFW AUDIT INVALID] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=17698 DF PROTO=TCP SPT=135 DPT=45860 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 23 11:47:41 beer kernel: [ 3255.442851] [UFW BLOCK] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=17698 DF PROTO=TCP SPT=135 DPT=45860 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 23 11:47:41 beer kernel: [ 3255.467895] [UFW AUDIT INVALID] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=17699 DF PROTO=TCP SPT=135 DPT=45861 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 23 11:47:41 beer kernel: [ 3255.467918] [UFW BLOCK] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=17699 DF PROTO=TCP SPT=135 DPT=45861 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 23 11:47:41 beer kernel: [ 3255.568522] [UFW AUDIT INVALID] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=17703 DF PROTO=TCP SPT=1 DPT=45865 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 23 11:47:41 beer kernel: [ 3255.568544] [UFW BLOCK] IN=eth0 OUT= MAC=00:1b:38:57:85:bd:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.213 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=17703 DF PROTO=TCP SPT=1 DPT=45865 WINDOW=0 RES=0x00 ACK RST URGP=0
Aug 23 11:48:12 beer kernel: [ 3286.520774] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18325 PROTO=2
Aug 23 11:48:12 beer kernel: [ 3286.520799] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18325 PROTO=2
Aug 23 11:49:43 beer kernel: [ 3377.071719] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=20229 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:49:43 beer kernel: [ 3377.815482] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=20231 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:49:44 beer kernel: [ 3378.565347] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=20232 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:49:45 beer kernel: [ 3379.329126] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=20253 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:49:45 beer kernel: [ 3379.496972] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=128 ID=20254 PROTO=UDP SPT=68 DPT=67 LEN=308
Aug 23 11:49:45 beer kernel: [ 3379.802697] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=20261 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:49:46 beer kernel: [ 3380.070486] [UFW AUDIT] IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=192.168.248.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=20263 PROTO=UDP SPT=137 DPT=137 LEN=58
Aug 23 11:49:46 beer kernel: [ 3380.737907] [UFW AUDIT] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=20266 PROTO=2
Aug 23 11:49:46 beer kernel: [ 3380.737932] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=20266 PROTO=2
Aug 23 11:49:47 beer kernel: [ 3381.019523] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:02:2a:e2:b6:6b:08:00 SRC=192.168.248.52 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=20272 PROTO=2

Собственно вопрос: что это? Скрипткидди из моей подсети хочет выкрасть мои секретные фоточки или просто какая-то виндовая служба у юзера? nmap говорит, что там Windows Vista или 7.

Информация о системе:
Ubuntu 12.04
Фаерволл: allow исходящие, deny входящие

[censor]

это параноя. смотри внимательней пакеты адресуются не тебе напрямую.

[rayanAyar]

Порт 5353 - это MDNS. В Ubuntu это служба Avahi.
http://en.wikipedia.org/wiki/Multicast_DNS

[mountbeer]

это параноя.

Паранойя рождается от незнания и домыслов. Вот я и спрашиваю

rayanAyar, спасибо, ставлю отметку "Решено".