![在 Journctl 中获取一堆内核:[UFW BLOCK] IN=wlp1s0 OUT](https://linux22.com/image/1032088/%E5%9C%A8%20Journctl%20%E4%B8%AD%E8%8E%B7%E5%8F%96%E4%B8%80%E5%A0%86%E5%86%85%E6%A0%B8%EF%BC%9A%5BUFW%20BLOCK%5D%20IN%3Dwlp1s0%20OUT.png)
我的 Ubuntu 服务器一段时间后就无法访问了,这意味着我无法通过 samba 访问它,甚至 SSH 也无法使用,Apache 也显示退出代码
当我检查 journalctl 时,我发现了一堆内核:[UFW BLOCK] IN=wlp1s0 OUT
以下是日志 -
Dec 26 12:13:24 homeserver kernel: hid-generic 0003:1C4F:0002.0001: input,hidraw0: USB HID v1.10 Keyboard [SIGMACHIP USB Keyboard] on usb-0000:00:14.0-11/input0
Dec 26 12:13:24 homeserver kernel: input: SIGMACHIP USB Keyboard Consumer Control as /devices/pci0000:00/0000:00:14.0/usb1/1-11/1-11:1.1/0003:1C4F:0002.0002/input/input13
Dec 26 12:13:24 homeserver kernel: input: SIGMACHIP USB Keyboard System Control as /devices/pci0000:00/0000:00:14.0/usb1/1-11/1-11:1.1/0003:1C4F:0002.0002/input/input14
Dec 26 12:13:24 homeserver kernel: hid-generic 0003:1C4F:0002.0002: input,hidraw1: USB HID v1.10 Device [SIGMACHIP USB Keyboard] on usb-0000:00:14.0-11/input1
Dec 26 12:13:24 homeserver systemd-logind[778]: Watching system buttons on /dev/input/event13 (SIGMACHIP USB Keyboard Consumer Control)
Dec 26 12:13:24 homeserver systemd-logind[778]: Watching system buttons on /dev/input/event14 (SIGMACHIP USB Keyboard System Control)
Dec 26 12:13:24 homeserver systemd-logind[778]: Watching system buttons on /dev/input/event12 (SIGMACHIP USB Keyboard)
Dec 26 12:13:33 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24386 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:13:36 homeserver login[840]: pam_unix(login:session): session opened for user rahul(uid=1000) by LOGIN(uid=0)
Dec 26 12:13:36 homeserver systemd-logind[778]: New session 31 of user rahul.
Dec 26 12:13:36 homeserver systemd[1]: Started Session 31 of User rahul.
Dec 26 12:13:53 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24450 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:13:55 homeserver sudo[3127]: rahul : TTY=tty1 ; PWD=/home/rahul ; USER=root ; COMMAND=/usr/bin/systemctl status apache2
Dec 26 12:13:55 homeserver sudo[3127]: pam_unix(sudo:session): session opened for user root(uid=0) by rahul(uid=1000)
Dec 26 12:13:55 homeserver sudo[3127]: pam_unix(sudo:session): session closed for user root
Dec 26 12:14:13 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24474 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:14:33 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24504 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:14:52 homeserver sudo[3269]: rahul : TTY=tty1 ; PWD=/home/rahul ; USER=root ; COMMAND=/usr/bin/systemctl reload apache2
Dec 26 12:14:52 homeserver sudo[3269]: pam_unix(sudo:session): session opened for user root(uid=0) by rahul(uid=1000)
Dec 26 12:14:52 homeserver systemd[1]: apache2.service: Unit cannot be reloaded because it is inactive.
Dec 26 12:14:52 homeserver sudo[3269]: pam_unix(sudo:session): session closed for user root
Dec 26 12:14:53 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24549 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:15:01 homeserver CRON[3277]: pam_unix(cron:session): session opened for user www-data(uid=33) by (uid=0)
Dec 26 12:15:01 homeserver CRON[3278]: (www-data) CMD (php -f /home/rahul/Share/NC/cron.php)
Dec 26 12:15:02 homeserver CRON[3277]: pam_unix(cron:session): session closed for user www-data
Dec 26 12:15:13 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24567 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:15:33 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24615 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:15:47 homeserver sudo[3284]: rahul : TTY=tty1 ; PWD=/home/rahul ; USER=root ; COMMAND=/usr/bin/journalctl -xe
Dec 26 12:15:47 homeserver sudo[3284]: pam_unix(sudo:session): session opened for user root(uid=0) by rahul(uid=1000)
Dec 26 12:15:53 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24636 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:16:13 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24652 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:16:33 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24675 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:16:53 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24692 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:17:01 homeserver CRON[3296]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Dec 26 12:17:01 homeserver CRON[3297]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Dec 26 12:17:01 homeserver CRON[3296]: pam_unix(cron:session): session closed for user root
Dec 26 12:17:13 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24707 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:17:33 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24724 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:17:53 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24746 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:18:12 homeserver sudo[3284]: pam_unix(sudo:session): session closed for user root
Dec 26 12:18:13 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24765 PROTO=UDP SPT=1900 DPT=38500 LEN=290
Dec 26 12:18:24 homeserver sudo[3305]: rahul : TTY=tty1 ; PWD=/home/rahul ; USER=root ; COMMAND=/usr/bin/journalctl
Dec 26 12:18:24 homeserver sudo[3305]: pam_unix(sudo:session): session opened for user root(uid=0) by rahul(uid=1000)
Dec 26 12:18:33 homeserver kernel: [UFW BLOCK] IN=wlp1s0 OUT= MAC=3c:f8:62:ab:3c:1d:50:2b:73:4a:55:10:08:00 SRC=192.168.1.1 DST=192.168.1.150 LEN=310 TOS=0x00 PREC=0x00 TTL=64 ID=24783 PROTO=UDP SPT=1900 DPT=38500 LEN=290