marco/ids.alfacom.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
24001c2792
ids.alfacom.it/attached_assets/Pasted--forward-in-pppoe-franco-alfano-out-sfp-sfpplus2-VS-AS-connection-state-new-proto-TCP-SYN-10--1763801298895_1763801298895.txt
marco370 495e845a79 Update log format to include timestamps and filter incoming connections 
Correct the rsyslog template to include timestamps in logs, ensuring compatibility with the Python parser. This change also refactors the log filtering to capture only incoming connections, significantly reducing log volume.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: c2f849f9-105f-452a-bdc3-a956d102c54b
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/6ZTQSoP
2025-11-22 08:54:21 +00:00

581 lines
94 KiB
Plaintext
Raw Blame History

forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53783->52.213.60.221:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53783->52.213.60.221:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53784->108.138.187.109:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53784->108.138.187.109:443, len 64
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:27417->8.8.8.8:53, len 79
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:27417->8.8.8.8:53, len 79
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:21103->8.8.8.8:53, len 72
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:21103->8.8.8.8:53, len 72
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 172.217.38.146:35055->185.203.24.95:993, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 172.217.38.146:35055->185.203.24.95:993, len 60
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:45846->8.8.8.8:53, len 217
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:45846->8.8.8.8:53, len 217
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:43652->185.203.24.135:9004, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:43652->185.203.24.135:9004, len 60
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53785->142.250.180.134:443, len 64
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8810, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8810, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8811, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8811, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8812, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8812, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8813, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8813, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8814, len 187
forward: in:<pppoe-imo.office> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac cc:2d:e0:d9:1a:07, proto UDP, 185.203.25.69:33806->165.154.165.205:8814, len 187
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:54050->108.138.192.65:443, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:54050->108.138.192.65:443, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:54062->108.138.192.65:443, len 60
forward: in:<pppoe-530_vincenzo.battipaglia> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac b8:69:f4:f7:b5:ec, proto TCP (ACK,PSH), 10.0.254.155:47704->157.240.231.60:443, len 76
forward: in:<pppoe-530_vincenzo.battipaglia> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.155:41058->157.240.231.60:443, len 60
forward: in:<pppoe-530_vincenzo.battipaglia> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.155:41058->157.240.231.60:443, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.179:44575->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.179:44575->185.203.25.89:53, len 62
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:9851->185.19.124.171:445, len 52
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:9851->185.19.124.171:445, len 52
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:53503->8.8.8.8:53, len 80
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:53503->8.8.8.8:53, len 80
forward: in:<pppoe-891_mariagiovanna.morrone> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac c4:ad:34:aa:c7:04, proto UDP, 10.0.254.214:64263->57.144.140.5:443, len 128
forward: in:<pppoe-891_mariagiovanna.morrone> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac c4:ad:34:aa:c7:04, proto UDP, 10.0.254.214:64263->57.144.140.5:443, len 128
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:8d:8c:03:f9:56, proto UDP, 10.1.0.254:37832->37.186.217.132:161, len 73
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:8d:8c:03:f9:56, proto UDP, 10.1.0.254:37832->37.186.217.132:161, len 73
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac e4:8d:8c:03:f9:56, proto UDP, 10.1.0.254:37832->37.186.217.132:161, NAT (10.1.0.254:37832->185.203.27.253:37832)->37.186.217.132:161, len 73
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac e4:8d:8c:03:f9:56, proto UDP, 10.1.0.254:37832->37.186.217.132:161, NAT (10.1.0.254:37832->185.203.27.253:37832)->37.186.217.132:161, len 73
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac e4:8d:8c:03:f9:56, proto UDP, 10.1.0.254:37832->37.186.217.132:161, NAT (10.1.0.254:37832->185.203.27.253:37832)->37.186.217.132:161, len 73
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.179:44575->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.179:44575->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.160:13391->185.203.25.59:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.160:13391->185.203.25.59:53, len 62
forward: in:<pppoe-958_carolina.carpentieri> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac b8:69:f4:0d:ae:7f, proto TCP (ACK,FIN,PSH), 10.0.254.129:42640->161.71.33.241:443, NAT (10.0.254.129:42640->185.203.27.253:42640)->161.71.33.241:443, len 76
forward: in:<pppoe-958_carolina.carpentieri> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac b8:69:f4:0d:ae:7f, proto TCP (ACK,FIN,PSH), 10.0.254.129:42640->161.71.33.241:443, NAT (10.0.254.129:42640->185.203.27.253:42640)->161.71.33.241:443, len 76
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:51577->157.240.231.15:443, len
1228
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:51577->157.240.231.15:443, len
1228
forward: in:<pppoe-795_giuseppe.diblasi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.92:54264->157.240.231.60:443, len 60
forward: in:<pppoe-795_giuseppe.diblasi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.92:54264->157.240.231.60:443, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.160:13391->185.203.25.59:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.160:13391->185.203.25.59:53, len 62
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:37060->185.8.52.202:445, len 52
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:37060->185.8.52.202:445, len 52
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.201:50895->157.240.231.175:5222, len 64
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.201:50895->157.240.231.175:5222, len 64
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:47506->8.8.8.8:53, len 220
forward: in:<pppoe-618_aniello.fimiani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac fc:ec:da:22:ed:55, proto UDP, 10.0.254.36:46032->173.194.182.167:443, len 1278
forward: in:<pppoe-618_aniello.fimiani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac fc:ec:da:22:ed:55, proto UDP, 10.0.254.36:46032->173.194.182.167:443, len 1278
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.80:13460->185.203.26.17:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.80:13460->185.203.26.17:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.56.186:46068->185.203.24.60:45005, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.56.186:46068->185.203.24.60:45005, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.161:13979->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.161:13979->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 152.32.128.85:42054->185.203.24.160:7707, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 152.32.128.85:42054->185.203.24.160:7707, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:20073->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:20073->185.203.26.77:53, len 65
forward: in:sfp-sfpplus1_VS_FTTO out:sfp-sfpplus2_VS_AS, connection-state:new src-mac c4:ad:34:25:a7:b5, proto UDP, 10.0.30.254:34189->8.8.8.8:53, len 65
forward: in:sfp-sfpplus1_VS_FTTO out:sfp-sfpplus2_VS_AS, connection-state:new src-mac c4:ad:34:25:a7:b5, proto UDP, 10.0.30.254:34189->8.8.8.8:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 45.43.33.218:36350->185.203.25.186:554, len 60
forward: in:<pppoe-618_aniello.fimiani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac fc:ec:da:22:ed:55, proto UDP, 10.0.254.36:46032->173.194.182.167:443, NAT (10.0.254.36:46032->185.203.27.253:46032)->173.194.182.167:443,
len 1278
forward: in:<pppoe-618_aniello.fimiani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac fc:ec:da:22:ed:55, proto UDP, 10.0.254.36:46032->173.194.182.167:443, NAT (10.0.254.36:46032->185.203.27.253:46032)->173.194.182.167:443,
len 1278
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:31539->8.8.8.8:53, len 111
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:31539->8.8.8.8:53, len 111
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.161:13979->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.161:13979->185.203.25.204:53, len 62
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:58390->192.168.25.254:80, len 60
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:58390->192.168.25.254:80, len 60
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:25235->8.8.8.8:53, len 217
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:25235->8.8.8.8:53, len 217
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:39557->185.203.196.108:445, len 52
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:39557->185.203.196.108:445, len 52
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.174:28748->216.58.204.129:443, len 64
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.174:28748->216.58.204.129:443, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 91.134.84.178:56968->185.203.24.84:738, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.44:17118->185.203.25.231:53, len 62
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:49523->52.182.143.208:443, len 52
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:49523->52.182.143.208:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:26015->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:26015->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:2509->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:2509->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.20:48602->185.203.24.35:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.20:48602->185.203.24.35:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.37:2718, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.37:2718, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.25.232:32895, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.25.232:32895, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cloud_team_system_2>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.32:23154->185.203.25.208:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cloud_team_system_2>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.32:23154->185.203.25.208:443, len 52
forward: in:<pppoe-salvatore.lanzara> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.49:60855->142.251.31.109:993, len 64
forward: in:<pppoe-salvatore.lanzara> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.49:60855->142.251.31.109:993, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-servizi.voip.esterni>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.31.169:12233->185.203.25.246:443, len 52
forward: in:<pppoe-1645_1400_codaantoni> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.12:42176->52.29.103.180:443, len 60
forward: in:<pppoe-1645_1400_codaantoni> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.12:42176->52.29.103.180:443, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.167:16865->185.203.25.186:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.167:16865->185.203.25.186:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:50336->185.203.24.135:9005, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:50336->185.203.24.135:9005, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:59360->185.203.24.135:9008, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:59360->185.203.24.135:9008, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:38014->185.203.24.135:9009, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:38014->185.203.24.135:9009, len 60
forward: in:<pppoe-618_aniello.fimiani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac fc:ec:da:22:ed:55, proto UDP, 10.0.254.36:41739->216.58.209.33:443, NAT (10.0.254.36:41739->185.203.27.253:41739)->216.58.209.33:443, len
1278
forward: in:<pppoe-618_aniello.fimiani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac fc:ec:da:22:ed:55, proto UDP, 10.0.254.36:41739->216.58.209.33:443, NAT (10.0.254.36:41739->185.203.27.253:41739)->216.58.209.33:443, len
1278
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:40816->185.203.24.135:9006, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:40816->185.203.24.135:9006, len 60
forward: in:<pppoe-530_vincenzo.battipaglia> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.155:42344->192.178.156.188:5228, len 60
forward: in:<pppoe-530_vincenzo.battipaglia> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.155:42344->192.178.156.188:5228, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 212.22.128.117:26548->185.203.24.100:443, len 52
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 18:e8:29:d8:4d:1b, proto UDP, 185.203.25.174:28855->216.58.209.34:443, len 1228
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:46774->185.203.24.135:61616, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:46774->185.203.24.135:61616, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:47078->185.203.24.135:28017, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:47078->185.203.24.135:28017, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:38668->185.203.24.135:10000, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:38668->185.203.24.135:10000, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.167:16865->185.203.25.186:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.167:16865->185.203.25.186:53, len 62
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:28865->8.8.8.8:53, len 217
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:28865->8.8.8.8:53, len 217
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:49972->157.240.231.15:443, len
1228
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:49972->157.240.231.15:443, len
1228
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 154.198.203.177:37799->185.203.25.186:1434, len 29
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 154.198.203.177:37799->185.203.25.186:1434, len 29
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 2.16.5.221:60481->185.203.26.77:53, len 72
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:56206->185.203.24.135:5555, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:56206->185.203.24.135:5555, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.150:46817->185.203.25.59:53, len 63
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.150:46817->185.203.25.59:53, len 63
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:59550->185.203.24.135:9007, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:59550->185.203.24.135:9007, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:42722->185.203.24.135:61617, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:42722->185.203.24.135:61617, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:37468->185.203.24.135:8888, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:37468->185.203.24.135:8888, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:50566->185.203.24.135:8899, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:50566->185.203.24.135:8899, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:57292->185.203.24.135:2020, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:57292->185.203.24.135:2020, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:51274->185.203.24.135:10443, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:51274->185.203.24.135:10443, len 60
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53788->172.66.0.126:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53792->172.66.0.126:443, len 64
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:35264->8.8.8.8:53, len 86
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53792->172.66.0.126:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53793->52.44.182.224:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53793->52.44.182.224:443, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:55946->185.203.24.135:7777, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 118.31.248.145:55946->185.203.24.135:7777, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.150:46817->185.203.25.59:53, len 63
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.150:46817->185.203.25.59:53, len 63
forward: in:<pppoe-801_simone.marino> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:37:3a:a4, proto UDP, 10.0.254.148:51145->216.58.209.36:443, len
57
forward: in:<pppoe-801_simone.marino> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:37:3a:a4, proto UDP, 10.0.254.148:51145->216.58.209.36:443, len
57
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cloud_team_system_2>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.96:27795->185.203.25.208:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cloud_team_system_2>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.96:27795->185.203.25.208:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 65.49.51.58:24251->185.203.24.21:53, len 84
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 65.49.51.58:24251->185.203.24.21:53, len 84
forward: in:<pppoe-756_1398_carpentier> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.116:34054->2.21.54.101:80, len 52
forward: in:<pppoe-756_1398_carpentier> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.116:34054->2.21.54.101:80, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.24.238:19570, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.24.238:19570, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.83:49547->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.83:49547->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.167:50390->185.203.26.17:53, len 63
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.167:50390->185.203.26.17:53, len 63
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1499_1146_campitiell>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.26.79:20062, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1499_1146_campitiell>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.26.79:20062, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-929_agm.srl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.62.134:58059->185.203.25.55:5985, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-929_agm.srl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.62.134:58059->185.203.25.55:5985, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.243:48559->185.203.25.59:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.243:48559->185.203.25.59:53, len 62
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:f3:29, proto UDP, 185.203.24.23:9415->8.8.8.8:53, len 217
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:f3:29, proto UDP, 185.203.24.23:9415->8.8.8.8:53, len 217
forward: in:<pppoe-comune.nocerasuperiore> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:c8:96:e7, proto UDP, 185.203.26.17:53098->8.8.8.8:53, len 79
forward: in:<pppoe-comune.nocerasuperiore> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:c8:96:e7, proto UDP, 185.203.26.17:53098->8.8.8.8:53, len 79
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.243:48559->185.203.25.59:53, len 62
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:55880->192.168.25.254:80, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:16665->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:16665->185.203.26.77:53, len 65
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:20272->2.42.225.140:443, len 52
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:20272->2.42.225.140:443, len 52
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:2003->8.8.4.4:53, len
59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:2003->8.8.4.4:53, len
59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:62251->8.8.8.8:53, len 59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:62251->8.8.8.8:53, len 59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:7621->8.8.4.4:53, len
59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:7621->8.8.4.4:53, len
59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:20375->8.8.8.8:53, len 59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:20375->8.8.8.8:53, len 59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:28828->8.8.8.8:53, len 59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:28828->8.8.8.8:53, len 59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:39737->8.8.4.4:53, len 59
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:39737->8.8.4.4:53, len 59
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:f3:29, proto UDP, 185.203.24.23:54021->8.8.8.8:53, len 220
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:f3:29, proto UDP, 185.203.24.23:54021->8.8.8.8:53, len 220
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.168:43296->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.168:43296->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 117.4.121.191:50826->185.203.24.149:445, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 117.4.121.191:50826->185.203.24.149:445, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1016_teresa.damico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 147.185.132.183:49736->185.203.25.13:4024, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1016_teresa.damico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 147.185.132.183:49736->185.203.25.13:4024, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.168:43296->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.168:43296->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-110_giancarlo.deprisco>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.25.72:3551, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-110_giancarlo.deprisco>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.25.72:3551, len 44
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:54238->157.240.231.1:443, len 1280
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:54238->157.240.231.1:443, len 1280
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53794->52.95.115.255:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53794->52.95.115.255:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53797->142.250.180.162:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53798->142.250.145.154:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53798->142.250.145.154:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53799->104.18.32.137:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53799->104.18.32.137:443, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:27009->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:27009->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.234:44437->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.234:44437->185.203.25.231:53, len 62
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:5588->89.89.0.11:161, len 106
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:5588->89.89.0.11:161, len 106
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.234:44437->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.234:44437->185.203.25.231:53, len 62
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:58166->104.18.158.26:443, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:58166->104.18.158.26:443, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:47874->104.17.249.168:443, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:47874->104.17.249.168:443, len 60
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 18:e8:29:d8:4d:1b, proto UDP, 185.203.25.174:28877->216.58.204.130:443, len 1276
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 18:e8:29:d8:4d:1b, proto UDP, 185.203.25.174:28877->216.58.204.130:443, len 1276
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 18:e8:29:d8:4d:1b, proto UDP, 185.203.25.174:28877->216.58.204.130:443, len 248
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 18:e8:29:d8:4d:1b, proto UDP, 185.203.25.174:28877->216.58.204.130:443, len 248
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:10319->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:10319->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.251:46534->185.203.25.186:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.251:46534->185.203.25.186:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 199.45.155.71:51900->185.203.24.157:7072, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 199.45.155.71:51900->185.203.24.157:7072, len 60
forward: in:<pppoe-826_giuliano.senatore> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 50:91:e3:c6:a5:93, proto UDP, 10.0.254.95:40119->157.240.231.15:443,
len 1260
forward: in:<pppoe-826_giuliano.senatore> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 50:91:e3:c6:a5:93, proto UDP, 10.0.254.95:40119->157.240.231.15:443,
len 1260
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:6349->8.8.8.8:53, len 127
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:6349->8.8.8.8:53, len 127
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-929_agm.srl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 176.65.149.67:35653->185.203.25.55:15166, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 212.22.128.117:60848->185.203.24.100:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 212.22.128.117:60848->185.203.24.100:443, len 52
forward: in:<pppoe-475_varone.felice> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:31:92:3d:c4:6b, proto UDP, 10.0.249.11:56298->8.8.8.8:53, len 77
forward: in:<pppoe-475_varone.felice> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:31:92:3d:c4:6b, proto UDP, 10.0.249.11:56298->8.8.8.8:53, len 77
forward: in:<pppoe-804_vincenzo.pagano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.147:51030->151.101.131.52:80, len 64
forward: in:<pppoe-804_vincenzo.pagano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.147:51030->151.101.131.52:80, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1007_valentina.calvanese>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 35.203.210.15:53763->185.203.25.142:4345, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1007_valentina.calvanese>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 35.203.210.15:53763->185.203.25.142:4345, len 44
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.174:28749->216.58.205.38:443, len 64
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.174:28749->216.58.205.38:443, len 64
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:38001->8.8.8.8:53, len 220
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:38001->8.8.8.8:53, len 220
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 45.95.183.64:11007->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 45.95.183.64:11007->185.203.26.77:53, len 65
forward: in:<pppoe-1332_945_costantino> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 60:32:b1:17:9c:67, proto UDP, 10.0.254.40:57864->89.168.26.107:7635, NAT (10.0.254.40:57864->185.203.27.253:57864)->89.168.26.107:7635, len 122
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 199.45.155.71:51916->185.203.24.157:7072, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 199.45.155.71:51916->185.203.24.157:7072, len 60
forward: in:<pppoe-035_comune.csg.sedeftto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.27.25:5623->62.149.128.179:995, len 52
forward: in:<pppoe-035_comune.csg.sedeftto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.27.25:5623->62.149.128.179:995, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:18105->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 194.163.42.114:18105->185.203.26.77:53, len 65
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 60:32:b1:17:a0:69, proto UDP, 10.0.249.201:51257->157.240.8.34:443, len
1280
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 60:32:b1:17:a0:69, proto UDP, 10.0.249.201:51257->157.240.8.34:443, len
1280
forward: in:<pppoe-522_pasquale.palumbo> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 64:d1:54:4d:ad:e9, proto UDP, 185.203.25.85:48715->95.110.254.234:123, len 76
forward: in:<pppoe-522_pasquale.palumbo> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 64:d1:54:4d:ad:e9, proto UDP, 185.203.25.85:48715->95.110.254.234:123, len 76
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.0:49567->185.203.24.39:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.0:49567->185.203.24.39:443, len 52
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53800->92.122.95.137:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53800->92.122.95.137:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53801->150.171.22.12:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53801->150.171.22.12:443, len 64
forward: in:<pppoe-franco.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.77:53802->54.73.151.222:443, len 64
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:25247->190.85.86.177:445, len 52
forward: in:<pppoe-804_vincenzo.pagano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.147:51031->151.101.131.52:80, len 64
forward: in:<pppoe-804_vincenzo.pagano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.147:51031->151.101.131.52:80, len 64
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:58392->192.168.25.254:80, len 60
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:58392->192.168.25.254:80, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.93:12393->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.93:12393->185.203.25.89:53, len 62
forward: in:<pppoe-sergio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.128:49671->92.122.95.129:80, len 52
forward: in:<pppoe-sergio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.128:49671->92.122.95.129:80, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.174:46188->185.203.24.25:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.174:46188->185.203.24.25:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.90:55467->185.203.26.34:6248, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.90:55467->185.203.26.34:6248, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.99:48617->185.203.25.59:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.99:48617->185.203.25.59:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 35.203.211.137:51683->185.203.24.161:9111, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 35.203.211.137:51683->185.203.24.161:9111, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.39:3065, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 123.136.80.5:25041->185.203.25.186:1434, len 29
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 123.136.80.5:25041->185.203.25.186:1434, len 29
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.212:43547->185.203.26.17:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.212:43547->185.203.26.17:53, len 62
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:15484->8.8.8.8:53, len 220
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:15484->8.8.8.8:53, len 220
forward: in:<pppoe-hightek.router.new> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.24.17:2624->154.12.226.43:7704, len 52
forward: in:<pppoe-hightek.router.new> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.24.17:2624->154.12.226.43:7704, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.98:13394->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.98:13394->185.203.25.204:53, len 62
forward: in:<pppoe-834_daniela.barticel> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac b8:69:f4:f7:b5:c0, proto UDP, 10.0.249.123:59807->8.8.8.8:53, len 66
forward: in:<pppoe-834_daniela.barticel> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac b8:69:f4:f7:b5:c0, proto UDP, 10.0.249.123:59807->8.8.8.8:53, len 66
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.224:4759, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.224:4759, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 109.94.96.215:7101->185.203.24.158:80, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 109.94.96.215:7101->185.203.24.158:80, len 64
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:28382->185.203.98.145:445, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.31.49:34298->185.203.24.37:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:25561->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:25561->185.203.26.77:53, len 65
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:b5:15, proto TCP (SYN), 185.203.24.37:54910->31.7.144.29:8449, len 60
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:b5:15, proto TCP (SYN), 185.203.24.37:54910->31.7.144.29:8449, len 60
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:62881->157.240.231.15:443, len
1228
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:62881->157.240.231.15:443, len
1228
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 167.94.138.189:57144->185.203.24.134:8291, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 167.94.138.189:57144->185.203.24.134:8291, len 60
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.174:28750->23.22.48.139:443, len 64
forward: in:<pppoe-giovanni.villani> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.174:28750->23.22.48.139:443, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new,dnat src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.56.186:46068->10.1.13.200:35252, NAT 79.124.56.186:46068->(185.203.24.5:35252->10.1.13.200:35252), len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new,dnat src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.56.186:46068->10.1.13.200:35252, NAT 79.124.56.186:46068->(185.203.24.5:35252->10.1.13.200:35252), len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 45.95.183.64:6743->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 45.95.183.64:6743->185.203.26.77:53, len 65
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac e4:8d:8c:03:f9:56, proto TCP (SYN), 10.1.0.254:57492->188.12.219.20:8291, NAT (10.1.0.254:57492->185.203.27.253:57492)->188.12.219.20:8291, len 60
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac e4:8d:8c:03:f9:56, proto TCP (SYN), 10.1.0.254:57492->188.12.219.20:8291, NAT (10.1.0.254:57492->185.203.27.253:57492)->188.12.219.20:8291, len 60
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:55262->8.8.8.8:53, len 220
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:55262->8.8.8.8:53, len 220
forward: in:<pppoe-475_varone.felice> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.11:49708->51.124.78.146:443, len 52
forward: in:<pppoe-475_varone.felice> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.11:49708->51.124.78.146:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:8079->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:8079->185.203.26.77:53, len 65
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:59573->185.231.59.101:445, len 52
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:59573->185.231.59.101:445, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 176.65.149.55:35049->185.203.24.123:27273, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 176.65.149.55:35049->185.203.24.123:27273, len 44
forward: in:<pppoe-salvatore.lanzara> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.49:60856->142.251.31.109:993, len 64
forward: in:<pppoe-salvatore.lanzara> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.49:60856->142.251.31.109:993, len 64
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 60:32:b1:17:a0:69, proto UDP, 10.0.249.201:51257->157.240.8.34:443, NAT (10.0.249.201:51257->185.203.27.253:51257)->157.240.8.34:443, len 1280
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 60:32:b1:17:a0:69, proto UDP, 10.0.249.201:51257->157.240.8.34:443, NAT (10.0.249.201:51257->185.203.27.253:51257)->157.240.8.34:443, len 1280
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:33489->8.8.8.8:53, len 91
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:61:c7, proto UDP, 185.203.24.22:33489->8.8.8.8:53, len 91
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:60917->23.216.150.169:443,
len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:60917->23.216.150.169:443,
len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:60917->23.216.150.169:443,
len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54758->20.189.173.11:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54758->20.189.173.11:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54759->150.171.27.10:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54759->150.171.27.10:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54760->13.107.246.43:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54760->13.107.246.43:443, len 52
forward: in:<pppoe-795_giuseppe.diblasi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.92:49082->91.81.128.35:443, len 60
forward: in:<pppoe-795_giuseppe.diblasi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.92:49082->91.81.128.35:443, len 60
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:24721->20.101.57.9:123, len 76
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:24721->20.101.57.9:123, len 76
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-datev.router>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 47.251.47.128:46266->185.203.25.199:53, len 70
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-datev.router>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 47.251.47.128:46266->185.203.25.199:53, len 70
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:f3:29, proto UDP, 185.203.24.23:14732->8.8.8.8:53, len 220
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 123.129.132.101:59390->185.203.24.22:8080, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 123.129.132.101:59390->185.203.24.22:8080, len 60
forward: in:<pppoe-anna.lamberti> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.28:46370->3.165.255.7:80, len 60
forward: in:<pppoe-anna.lamberti> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.28:46370->3.165.255.7:80, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.182:2965->185.203.24.251:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.182:2965->185.203.24.251:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.5:14980->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.5:14980->185.203.25.89:53, len 62
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:46030->8.8.4.4:53, len 51
forward: in:<pppoe-cava.centro.sangiovanni> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 04:18:d6:24:ab:95, proto UDP, 185.203.25.206:46030->8.8.4.4:53, len 51
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.40.130:56215->185.203.24.197:34443, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.40.130:56215->185.203.24.197:34443, len 44
forward: in:<pppoe-1332_945_costantino> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 60:32:b1:17:9c:67, proto UDP, 10.0.254.40:57864->89.168.26.107:7635, NAT (10.0.254.40:57864->185.203.27.253:57864)->89.168.26.107:7635, len 64
forward: in:<pppoe-1332_945_costantino> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 60:32:b1:17:9c:67, proto UDP, 10.0.254.40:57864->89.168.26.107:7635, NAT (10.0.254.40:57864->185.203.27.253:57864)->89.168.26.107:7635, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.27:26521->185.203.24.15:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.27:26521->185.203.24.15:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1499_1146_campitiell>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 162.19.80.39:47582->185.203.26.79:2543, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1499_1146_campitiell>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 162.19.80.39:47582->185.203.26.79:2543, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 176.65.148.16:39546->185.203.24.158:85, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 66.132.153.112:6026->185.203.24.193:7993, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 66.132.153.112:6026->185.203.24.193:7993, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 81.30.107.146:22962->185.203.24.93:587, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 81.30.107.146:22962->185.203.24.93:587, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.240:44113->185.203.25.59:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-910_michele.ferrara>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.240:44113->185.203.25.59:53, len 62
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:60703->157.240.231.1:443, len 1280
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:60703->157.240.231.1:443, len 1280
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.89:64365->17.253.53.207:443, len 64
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.89:64365->17.253.53.207:443, len 64
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.30.5:58532->185.203.25.233:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.30.5:58532->185.203.25.233:443, len 52
forward: in:<pppoe-1467_1111_parisianto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.43:48244->23.227.39.200:443, len 60
forward: in:<pppoe-1467_1111_parisianto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.43:48244->23.227.39.200:443, len 60
forward: in:<pppoe-1467_1111_parisianto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.43:48254->23.227.39.200:443, len 60
forward: in:<pppoe-1467_1111_parisianto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.43:48254->23.227.39.200:443, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.25.235:1209, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.25.235:1209, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.235:15527->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.235:15527->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.235:15527->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.235:15527->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 103.102.230.4:41819->185.203.24.72:8728, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 103.102.230.4:41819->185.203.24.72:8728, len 44
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:42462->8.8.8.8:53, len 61
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:42462->8.8.8.8:53, len 61
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 74.125.45.102:48342->185.203.24.95:993, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 74.125.45.102:48342->185.203.24.95:993, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 65.108.210.26:30513->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 65.108.210.26:30513->185.203.26.77:53, len 65
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54761->150.171.27.12:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54761->150.171.27.12:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:50585->95.101.34.74:443, len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:56661->23.216.150.145:443,
len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:56661->23.216.150.145:443,
len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:56661->23.216.150.145:443,
len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54762->108.139.210.6:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.39:54762->108.139.210.6:443, len 52
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:52298->95.101.34.74:443, len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:52298->95.101.34.74:443, len 1278
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:59289->157.240.231.35:443, len
1228
forward: in:<pppoe-934_enza.adinolfi> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 48:8f:5a:f7:54:43, proto UDP, 10.0.254.89:59289->157.240.231.35:443, len
1228
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:52298->95.101.34.74:443, len 1278
forward: in:<pppoe-1326_938_eurobusine> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac dc:2c:6e:3b:d3:98, proto UDP, 185.203.26.39:52298->95.101.34.74:443, len 1278
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.184:16574->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.184:16574->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.255:61416->185.203.24.39:443, len 52
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:38558->3.165.255.33:443, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:38558->3.165.255.33:443, len 60
forward: in:<pppoe-628_1218_fierroassu> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c1:2d, proto UDP, 10.0.254.80:36171->8.8.8.8:53, len 65
forward: in:<pppoe-628_1218_fierroassu> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c1:2d, proto UDP, 10.0.254.80:36171->8.8.8.8:53, len 65
forward: in:<pppoe-628_1218_fierroassu> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c1:2d, proto UDP, 10.0.254.80:13308->8.8.8.8:53, len 65
forward: in:<pppoe-628_1218_fierroassu> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c1:2d, proto UDP, 10.0.254.80:13308->8.8.8.8:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.184:16574->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.184:16574->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-alfabitomega>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 176.65.149.64:54916->185.203.24.2:21239, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-alfabitomega>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 176.65.149.64:54916->185.203.24.2:21239, len 44
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:51958->192.168.25.254:80, len 60
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:51958->192.168.25.254:80, len 60
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:48276->8.8.8.8:53, len 61
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:48276->8.8.8.8:53, len 61
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 45.95.183.64:17223->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 45.95.183.64:17223->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 81.30.107.15:60216->185.203.24.93:587, len 60
forward: in:<pppoe-1400_1029_trasportig> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.141:8308->95.100.171.16:443, len 52
forward: in:<pppoe-035_comune.csg.sedeftto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.27.25:57375->3.71.153.246:10051, len 60
forward: in:<pppoe-035_comune.csg.sedeftto> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.27.25:57375->3.71.153.246:10051, len 60
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:47837->8.8.8.8:53, len 61
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:47837->8.8.8.8:53, len 61
forward: in:<pppoe-1415_1047_orlandolui> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 08:55:31:ba:0d:54, proto TCP (ACK,PSH), 10.0.254.120:58642->157.240.209.38:443, len 76
forward: in:<pppoe-1415_1047_orlandolui> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 08:55:31:ba:0d:54, proto TCP (ACK,PSH), 10.0.254.120:58642->157.240.209.38:443, len 76
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:55888->192.168.25.254:80, len 60
forward: in:<pppoe-caronte.hightek_01> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.25.233:55888->192.168.25.254:80, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:48996->51.92.2.118:443, len 60
forward: in:<pppoe-903_adalgisa.citro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.29:48996->51.92.2.118:443, len 60
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:f3:29, proto UDP, 185.203.24.23:32705->8.8.8.8:53, len 199
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:88:f3:29, proto UDP, 185.203.24.23:32705->8.8.8.8:53, len 199
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.137:50226->185.203.25.186:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-661_pasquale.cibelli>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.137:50226->185.203.25.186:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 192.159.99.180:58221->185.203.24.36:9091, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 192.159.99.180:58221->185.203.24.36:9091, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-716_onofrio.menichini>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 213.209.143.64:50166->185.203.25.159:80, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-716_onofrio.menichini>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 213.209.143.64:50166->185.203.25.159:80, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:2503->185.203.26.77:53, len 65
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-571_alberto.apostolico>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 148.251.31.230:2503->185.203.26.77:53, len 65
forward: in:<pppoe-882_francesco.canzolino> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.183:53372->3.223.15.108:5222, len 60
forward: in:<pppoe-882_francesco.canzolino> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.183:53372->3.223.15.108:5222, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.26.24:61819, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.60.250:52216->185.203.26.24:61819, len 44
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:35722->185.231.59.101:445, len 52
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:35722->185.231.59.101:445, len 52
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:c9:3f, proto UDP, 185.203.24.93:53055->8.8.8.8:53, len 71
forward: in:VLAN53_PPOE_DATACENTER out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:c9:3f, proto UDP, 185.203.24.93:53055->8.8.8.8:53, len 71
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 108.167.178.116:60000->185.203.24.214:1143, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 108.167.178.116:60000->185.203.24.214:1143, len 44
forward: in:<pppoe-pietro.lucido> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.93:42090->44.219.18.249:443, len 60
forward: in:<pppoe-pietro.lucido> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.93:42090->44.219.18.249:443, len 60
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:54171->8.8.8.8:53, len 61
forward: in:<pppoe-666_settimio.alfano> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 00:50:56:b2:73:13, proto UDP, 185.203.25.195:54171->8.8.8.8:53, len 61
forward: in:<pppoe-1523_1185_casaburisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 24:a4:3c:e0:e6:b1, proto TCP (ACK,PSH), 10.0.254.28:50616->216.58.204.150:443, len 76
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:38653->172.19.96.81:45473, len 3346
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:38653->172.19.96.81:45473, len 3346
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 60:32:b1:17:a0:69, proto UDP, 10.0.249.201:51257->157.240.8.34:443, NAT (10.0.249.201:51257->185.203.27.253:51257)->157.240.8.34:443, len 1280
forward: in:<pppoe-131_vinicola.siani> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 60:32:b1:17:a0:69, proto UDP, 10.0.249.201:51257->157.240.8.34:443, NAT (10.0.249.201:51257->185.203.27.253:51257)->157.240.8.34:443, len 1280
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.121:45373->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.121:45373->185.203.25.89:53, len 62
forward: in:<pppoe-guglielmo.cataldo> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 4c:5e:0c:14:c0:b4, proto UDP, 185.203.25.254:55295->8.8.8.8:53, len 60
forward: in:<pppoe-guglielmo.cataldo> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 4c:5e:0c:14:c0:b4, proto UDP, 185.203.25.254:55295->8.8.8.8:53, len 60
forward: in:<pppoe-guglielmo.cataldo> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 4c:5e:0c:14:c0:b4, proto UDP, 185.203.25.254:55295->8.8.8.8:53, len 60
forward: in:<pppoe-guglielmo.cataldo> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 4c:5e:0c:14:c0:b4, proto UDP, 185.203.25.254:55295->8.8.8.8:53, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.121:45373->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-1537_1211_fglsrl>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.121:45373->185.203.25.89:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 82.62.84.108:59251->185.203.26.34:8472, len 96
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 82.62.84.108:59251->185.203.26.34:8472, len 96
forward: in:<pppoe-1087_michele.ponticelli> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 08:55:31:b6:61:38, proto UDP, 10.0.254.205:49151->54.216.172.252:1789, NAT (10.0.254.205:49151->185.203.27.253:49151)->54.216.172.252:1789, len 92
forward: in:<pppoe-1087_michele.ponticelli> out:sfp-sfpplus2_VS_AS, connection-state:new,snat src-mac 08:55:31:b6:61:38, proto UDP, 10.0.254.205:49151->54.216.172.252:1789, NAT (10.0.254.205:49151->185.203.27.253:49151)->54.216.172.252:1789, len 92
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.217:46562->185.203.26.17:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-comune.nocerasuperiore>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.217:46562->185.203.26.17:53, len 62
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:60670->172.19.96.81:45473, len 3227
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:60670->172.19.96.81:45473, len 3227
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:59567->172.19.96.81:45473, len 3227
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:59567->172.19.96.81:45473, len 3227
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:63204->172.19.96.81:45473, len 2877
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:63204->172.19.96.81:45473, len 2877
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:22166->172.19.96.81:45473, len 2867
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:22166->172.19.96.81:45473, len 2867
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:22166->172.19.96.81:45473, len 2867
forward: in:ether6_RB_CED out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:8d:8c:03:f9:56, proto UDP, 10.1.0.254:37832->79.11.43.150:161, len 75
forward: in:<pppoe-919_vincenzo.muro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.135:45904->96.47.5.157:4431, len 60
forward: in:<pppoe-919_vincenzo.muro> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.135:45904->96.47.5.157:4431, len 60
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:34275->172.19.96.81:45473, len 2873
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:34275->172.19.96.81:45473, len 2873
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:34275->172.19.96.81:45473, len 2873
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:34275->172.19.96.81:45473, len 2873
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.103:15601->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-gaetano.dibenedetto>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.103:15601->185.203.25.204:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.30.11:34450->185.203.25.237:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-caronte.hightek_01>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.30.11:34450->185.203.25.237:443, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 162.142.125.247:16762->185.203.24.242:39822, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 162.142.125.247:16762->185.203.24.242:39822, len 44
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:31872->89.89.0.16:161, len 106
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:31872->89.89.0.16:161, len 106
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 199.45.154.150:40778->185.203.24.174:7780, len 60
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:37613->172.19.96.81:45473, len 3344
forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac d4:01:c3:34:0c:41, proto UDP, 185.203.26.201:37613->172.19.96.81:45473, len 3344
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.82:16873->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.82:16873->185.203.25.231:53, len 62
forward: in:<pppoe-1471_1115_nappicarol> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:6a:cc, proto UDP, 10.0.254.67:53391->1.96.163.132:123, len 76
forward: in:<pppoe-1471_1115_nappicarol> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:6a:cc, proto UDP, 10.0.254.67:53391->1.96.163.132:123, len 76
forward: in:<pppoe-893_giovanna.dacunzi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.252:50892->192.168.1.234:55443, len 60
forward: in:<pppoe-893_giovanna.dacunzi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.252:50892->192.168.1.234:55443, len 60
forward: in:<pppoe-893_giovanna.dacunzi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.252:50894->192.168.1.234:55443, len 60
forward: in:<pppoe-893_giovanna.dacunzi> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.249.252:50894->192.168.1.234:55443, len 60
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.69:3065, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.69:3065, len 44
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 162.19.80.39:44025->185.203.24.209:2543, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 162.19.80.39:44025->185.203.24.209:2543, len 52
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.82:16873->185.203.25.231:53, len 62
detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-cava.gioxiii.seg>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 164.163.5.82:16873->185.203.25.231:53, len 62
^C
Reference in New Issue View Git Blame Copy Permalink