Devuan's precursor's, as Tails, image in Qemu (11), part 2

(No. 0)  No. 1  No. 2  No. 3  No. 4  No. 5  No. 6  No. 7  No. 8  No. 9  No. 10  No. 11  No. 12  No. 13  No. 14 

I tried all kinds with virt-install, but I couldn't boot Tails.

Eventually I booted Tails the simple Qemu way.

---

See the uncenz records in the previous page. And if you peruse and analyze the network trace, what do you see of these IPs, under "Tor circuit for this site"?, in the screencast below, taken from the WEBM on thre previous page (at 3:50):

---

If you look up the section of the iptables rules in the previous page, the logs for in/out and forward in/forward out into the tap0 which is the Tails VM's interface on the bridge, should be logged (I'll only keep the logging when I need it, it's excessive) under the respective log prefix there.

See what they are, and find which one is probably surplus to requirements in the (very very shortened log below, but not even the complete syslog contains one of the four "mrfw_tap0..." entries that I prepared the iptables for, why?):

Mar  2 17:21:09 g0n kernel: [65556.816086] grsec: (miro:U:/) exec of
/usr/local/bin/uncenz-1st (uncenz-1st ) by
/usr/local/bin/uncenz-1st[bash:17991] uid/euid:1000/1000 gid/egid:1000/1000,
parent /bin/bash[bash:23114] uid/euid:1000/1000 gid/egid:1000/1000

Mar  2 17:21:09 g0n kernel: [65556.819901] grsec: (miro:U:/bin/cat) exec of
/bin/cat (cat .uncenz-dumper_permanent ) by /bin/cat[uncenz-1st:17992]
uid/euid:1000/1000 gid/egid:1000/1000, parent
/usr/local/bin/uncenz-1st[uncenz-1st:17991] uid/euid:1000/1000
gid/egid:1000/1000

...

Mar  2 17:21:44 g0n dhcpcd[3570]: tap0: no IPv6 Routers available

Mar  2 17:21:45 g0n kernel: [65592.405183] grsec: (miro:U:/usr/bin/sudo) exec
of /usr/bin/sudo (sudo -s uncenz-ipt-conf-states.sh ) by
/usr/bin/sudo[uncenz-1st:18184] uid/euid:1000/1000 gid/egid:1000/1000, parent
/usr/local/bin/uncenz-1st[uncenz-1st:18039] uid/euid:1000/1000
gid/egid:1000/1000

Mar  2 17:21:45 g0n sudo:     miro : TTY=pts/20 ; PWD=/Cmn/mr ; USER=root ;
COMMAND=/bin/bash -c uncenz-ipt-conf-states.sh

Mar  2 17:21:45 g0n kernel: [65592.409509] grsec: (root:U:/bin/bash) exec of
/bin/bash (/bin/bash -c uncenz-ipt-conf-states\.sh ) by /bin/bash[sudo:18184]
uid/euid:0/0 gid/egid:0/0, parent /usr/local/bin/uncenz-1st[uncenz-1st:18039]
uid/euid:1000/1000 gid/egid:1000/1000

Mar  2 17:21:45 g0n kernel: [65592.426607] grsec: (root:U:/) exec of
/usr/local/bin/uncenz-ipt-conf-states.sh (uncenz-ipt-conf-states.sh ) by
/usr/local/bin/uncenz-ipt-conf-states.sh[bash:18184] uid/euid:0/0 gid/egid:0/0,
parent /usr/local/bin/uncenz-1st[uncenz-1st:18039] uid/euid:1000/1000
gid/egid:1000/1000

Mar  2 17:21:45 g0n kernel: [65592.434164] grsec: (root:U:/) exec of /bin/cat
(cat .uncenz-ts ) by /bin/cat[uncenz-ipt-conf:18185] uid/euid:0/0 gid/egid:0/0,
parent /usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:21:45 g0n kernel: [65592.436710] grsec: (root:U:/bin/hostname) exec
of /bin/hostname (hostname ) by /bin/hostname[uncenz-ipt-conf:18186]
uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

Mar  2 17:21:45 g0n kernel: [65592.438026] grsec: (root:U:/bin/hostname) exec
of /bin/hostname (hostname ) by /bin/hostname[uncenz-ipt-conf:18187]
uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

Mar  2 17:21:45 g0n kernel: [65592.440131] grsec: (root:U:/sbin/xtables-multi)
exec of /sbin/xtables-multi (iptables -t filter -L -n -v ) by
/sbin/xtables-multi[uncenz-ipt-conf:18188] uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

Mar  2 17:21:45 g0n kernel: [65592.441025] grsec: (root:U:/sbin/xtables-multi)
denied open of /run/xtables.lock for reading by
/sbin/xtables-multi[iptables:18188] uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

Mar  2 17:21:45 g0n kernel: [65592.444132] grsec: (root:U:/sbin/xtables-multi)
exec of /sbin/xtables-multi (iptables -t nat -L -n -v ) by
/sbin/xtables-multi[uncenz-ipt-conf:18189] uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

Mar  2 17:21:45 g0n kernel: [65592.445037] grsec: (root:U:/sbin/xtables-multi)
denied open of /run/xtables.lock for reading by
/sbin/xtables-multi[iptables:18189] uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

Mar  2 17:21:45 g0n kernel: [65592.447978] grsec: (root:U:/sbin/xtables-multi)
exec of /sbin/xtables-multi (iptables -t mangle -L -n -v ) by
/sbin/xtables-multi[uncenz-ipt-conf:18190] uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

...

Mar  2 17:21:45 g0n kernel: [65592.480527] grsec: (root:U:/bin/mv) exec of
/bin/mv (mv -iv ipt-t_flt-L-n-v_g0n ipt-t_mgl-L-n-v_g0n ipt-t_nat-L-n-v_g0n
ipt-t_raw-L-n-v_g0n ip_link_show_g0n ip_addr_show_g0n ip_rout) by
/bin/mv[uncenz-ipt-conf:18197] uid/euid:0/0 gid/egid:0/0, parent
/usr/local/bin/uncenz-ipt-conf-states.sh[uncenz-ipt-conf:18184] uid/euid:0/0
gid/egid:0/0

Mar  2 17:21:50 g0n kernel: [65596.930394] mrfw_dropIN=br0 OUT= PHYSIN=eth1
MAC=00:0e:2e:ab:28:71:2c:95:7f:8b:44:87:08:00 SRC=192.168.1.1
DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=UDP SPT=67
DPT=68 LEN=556 

Mar  2 17:21:55 g0n kernel: [65602.560954] kvm [18127]: vcpu0, guest rIP:
0xffffffffb0860533 unhandled rdmsr: 0x3a

Mar  2 17:21:55 g0n kernel: [65602.560967] kvm [18127]: vcpu0, guest rIP:
0xffffffffb0860533 unhandled rdmsr: 0xd90

Mar  2 17:22:10 g0n kernel: [65617.212678] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=01:00:5e:00:00:01:24:9e:ab:c9:3d:77:08:00
SRC=192.168.1.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18407 PROTO=2 

Mar  2 17:22:10 g0n kernel: [65617.212749] mrfw_dropIN=br0 OUT= PHYSIN=eth1
MAC=01:00:5e:00:00:01:24:9e:ab:c9:3d:77:08:00 SRC=192.168.1.1 DST=224.0.0.1
LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18407 PROTO=2 

Mar  2 17:22:22 g0n kernel: [65629.303996] mrfw_dropIN=br0 OUT= PHYSIN=eth1
MAC=00:0e:2e:ab:28:71:2c:95:7f:8b:44:87:08:00 SRC=192.168.1.1
DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=UDP SPT=67
DPT=68 LEN=556 

Mar  2 17:23:21 g0n kernel: [65688.678769] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=ff:ff:ff:ff:ff:ff:50:54:00:3d:b7:19:08:00
SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x10 PREC=0x00 TTL=128 ID=0
PROTO=UDP SPT=68 DPT=67 LEN=308 

Mar  2 17:23:21 g0n kernel: [65688.678837] mrfw_tap0_inIN=br0 OUT= PHYSIN=tap0
MAC=ff:ff:ff:ff:ff:ff:50:54:00:3d:b7:19:08:00 SRC=0.0.0.0 DST=255.255.255.255
LEN=328 TOS=0x10 PREC=0x00 TTL=128 ID=0 PROTO=UDP SPT=68 DPT=67 LEN=308 

Mar  2 17:23:23 g0n kernel: [65690.641539] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=192.168.1.1 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=0
PROTO=UDP SPT=67 DPT=68 LEN=556 

Mar  2 17:23:23 g0n kernel: [65690.678761] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=ff:ff:ff:ff:ff:ff:50:54:00:3d:b7:19:08:00
SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x10 PREC=0x00 TTL=128 ID=0
PROTO=UDP SPT=68 DPT=67 LEN=308 

Mar  2 17:23:23 g0n kernel: [65690.678826] mrfw_tap0_inIN=br0 OUT= PHYSIN=tap0
MAC=ff:ff:ff:ff:ff:ff:50:54:00:3d:b7:19:08:00 SRC=0.0.0.0 DST=255.255.255.255
LEN=328 TOS=0x10 PREC=0x00 TTL=128 ID=0 PROTO=UDP SPT=68 DPT=67 LEN=308 

Mar  2 17:23:23 g0n kernel: [65690.696538] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=192.168.1.1 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=0
PROTO=UDP SPT=67 DPT=68 LEN=556 

Mar  2 17:23:26 g0n kernel: [65693.532883] mrfw_dropIN=br0 OUT= PHYSIN=eth1
MAC=00:0e:2e:ab:28:71:2c:95:7f:8b:44:87:08:00 SRC=192.168.1.1
DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=UDP SPT=67
DPT=68 LEN=556 

Mar  2 17:23:30 g0n kernel: [65697.408634] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=40742 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=29200 RES=0x00 SYN URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.408714] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=171.25.193.9 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=25598 DF
PROTO=TCP SPT=53166 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.447641] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=0 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=14600 RES=0x00 ACK SYN URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.448066] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40743 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=229 RES=0x00 ACK URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.448579] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=286 TOS=0x00 PREC=0x00 TTL=64 ID=40744 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=229 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.467833] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=171.25.193.9 DST=192.168.1.6 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=41005 DF
PROTO=TCP SPT=80 DPT=53166 WINDOW=65535 RES=0x00 ACK SYN URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.468273] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=171.25.193.9 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=25599 DF
PROTO=TCP SPT=53166 DPT=80 WINDOW=229 RES=0x00 ACK URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.475112] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=171.25.193.9 LEN=269 TOS=0x00 PREC=0x00 TTL=64 ID=25600 DF
PROTO=TCP SPT=53166 DPT=80 WINDOW=229 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.487838] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=38513 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=62 RES=0x00 ACK URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.488476] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=800 TOS=0x00 PREC=0x00 TTL=52 ID=38514 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=62 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.488688] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40745 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=240 RES=0x00 ACK URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.491583] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=166 TOS=0x00 PREC=0x00 TTL=64 ID=40746 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=240 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.533092] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=91 TOS=0x00 PREC=0x00 TTL=52 ID=38515 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=62 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.536865] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=171.25.193.9 DST=192.168.1.6 LEN=796 TOS=0x00 PREC=0x00 TTL=51 ID=7513 DF
PROTO=TCP SPT=80 DPT=53166 WINDOW=1043 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.537117] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=171.25.193.9 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=25601 DF
PROTO=TCP SPT=53166 DPT=80 WINDOW=240 RES=0x00 ACK URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.555204] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=171.25.193.9 LEN=166 TOS=0x00 PREC=0x00 TTL=64 ID=25602 DF
PROTO=TCP SPT=53166 DPT=80 WINDOW=240 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:30 g0n kernel: [65697.555287] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=40747 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=240 RES=0x00 ACK PSH URGP=0 

...

Mar  2 17:23:32 g0n kernel: [65699.129291] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=38994 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=161 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.129350] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=38995 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=161 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.137468] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=583 TOS=0x00 PREC=0x00 TTL=52 ID=38996 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.137801] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40905 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.146981] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=38997 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147055] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=38998 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147105] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=38999 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147281] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=39000 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147329] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=39001 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147412] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40906 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147506] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40907 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147529] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=39002 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147593] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=39003 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147658] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40908 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147771] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=39004 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147796] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40909 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147820] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=39005 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.147958] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40910 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.148385] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=40911 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.176888] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=52 ID=39006 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.177723] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=5769 TOS=0x00 PREC=0x00 TTL=52 ID=39007 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.177958] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40912 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.267646] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=39011 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.779190] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=31685 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=29200 RES=0x00 SYN URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.779307] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=19167 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=29200 RES=0x00 SYN URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.779371] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=192.42.113.102 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=6836 DF
PROTO=TCP SPT=51760 DPT=9001 WINDOW=29200 RES=0x00 SYN URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.808025] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=52 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=29200 RES=0x00 ACK SYN URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.808435] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19168 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=229 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.808670] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=282 TOS=0x00 PREC=0x00 TTL=64 ID=19169 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=229 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.810627] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=52 TOS=0x18 PREC=0x00 TTL=53 ID=0 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=29200 RES=0x00 ACK SYN URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.811300] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31686 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=229 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.811538] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=279 TOS=0x00 PREC=0x00 TTL=64 ID=31687 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=229 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.815042] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=192.42.113.102 DST=192.168.1.6 LEN=48 TOS=0x00 PREC=0x00 TTL=52 ID=0 DF
PROTO=TCP SPT=9001 DPT=51760 WINDOW=29200 RES=0x00 ACK SYN URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.815384] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=192.42.113.102 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=6837 DF
PROTO=TCP SPT=51760 DPT=9001 WINDOW=229 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.815607] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=192.42.113.102 LEN=288 TOS=0x00 PREC=0x00 TTL=64 ID=6838 DF
PROTO=TCP SPT=51760 DPT=9001 WINDOW=229 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.837915] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=7660 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=237 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.837993] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=796 TOS=0x00 PREC=0x00 TTL=54 ID=7661 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=237 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.838297] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19170 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=240 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.840888] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=166 TOS=0x00 PREC=0x00 TTL=64 ID=19171 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=240 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.842779] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=40 TOS=0x18 PREC=0x00 TTL=53 ID=60990 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=237 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.845655] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=787 TOS=0x18 PREC=0x00 TTL=53 ID=60991 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=237 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.845902] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31688 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=240 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.848358] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=166 TOS=0x00 PREC=0x00 TTL=64 ID=31689 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=240 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.851173] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=192.42.113.102 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=41032 DF
PROTO=TCP SPT=9001 DPT=51760 WINDOW=60 RES=0x00 ACK URGP=0 

Mar  2 17:23:32 g0n kernel: [65699.851457] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=192.42.113.102 DST=192.168.1.6 LEN=782 TOS=0x00 PREC=0x00 TTL=52 ID=41033
DF PROTO=TCP SPT=9001 DPT=51760 WINDOW=60 RES=0x00 ACK PSH URGP=0 

...

Mar  2 17:23:33 g0n kernel: [65700.742622] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61749 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.742657] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61750 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.742867] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61751 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.742906] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61752 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743093] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=925 TOS=0x00 PREC=0x00 TTL=64 ID=31913 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=2602 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743136] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=2944 TOS=0x18 PREC=0x00 TTL=53 ID=61753 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743353] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=31914 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=2894 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743395] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=2944 TOS=0x18 PREC=0x00 TTL=53 ID=61755 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743433] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31915 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=2829 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743556] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31916 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=2812 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743610] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61757 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743648] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61758 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.743850] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61759 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

...

Mar  2 17:23:33 g0n kernel: [65700.746110] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61778 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.746320] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61779 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.746359] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61780 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.746395] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31917 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=2794 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.746835] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31918 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=2696 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.746886] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=7994 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1738 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.746939] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31919 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=2650 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.747128] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19341 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=3612 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.747723] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=7995 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1738 RES=0x00 ACK URGP=0 

...

Mar  2 17:23:33 g0n kernel: [65700.748222] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8000 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1738 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.748428] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8001 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1738 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.748837] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61781 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.750064] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=13108 TOS=0x18 PREC=0x00 TTL=53 ID=61782 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

...

Mar  2 17:23:33 g0n kernel: [65700.762820] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=1492 TOS=0x18 PREC=0x00 TTL=53 ID=61855 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.774415] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=686 TOS=0x18 PREC=0x00 TTL=53 ID=61856 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.774736] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=1126 TOS=0x00 PREC=0x00 TTL=64 ID=31930 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=1979 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.776071] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8006 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1761 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.776114] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8007 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1761 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.795099] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19342 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=3551 RES=0x00 ACK URGP=0 

Mar  2 17:23:33 g0n kernel: [65700.823574] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=2944 TOS=0x00 PREC=0x00 TTL=54 ID=8008 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1761 RES=0x00 ACK URGP=0 

...

Mar  2 17:23:34 g0n kernel: [65700.944952] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8070 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.945179] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8071 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.945224] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19363 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=4658 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.945264] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19364 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=4703 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.945571] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8072 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.945623] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8073 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.945813] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8074 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.945863] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8075 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.946361] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8076 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.946412] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8077 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.946529] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19365 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=4749 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.946729] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19366 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=4885 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.950283] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=2944 TOS=0x00 PREC=0x00 TTL=54 ID=8078 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1823 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.950626] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19367 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=4930 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65700.951378] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=40 TOS=0x18 PREC=0x00 TTL=53 ID=61860 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

...

Mar  2 17:23:34 g0n kernel: [65701.068753] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8131 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.068938] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8132 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.068999] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8133 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.069180] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8134 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.069228] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8135 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.069363] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19381 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=5929 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.070161] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19382 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=5883 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.070202] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19383 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=5819 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.080433] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=31939 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=3313 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.085819] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=19384 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=5899 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.094217] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=1492 TOS=0x00 PREC=0x00 TTL=64 ID=31940 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=3313 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.095361] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=1492 TOS=0x00 PREC=0x00 TTL=64 ID=19385 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=5929 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.097818] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8136 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.097949] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8137 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.098149] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8138 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.098190] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8139 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.098389] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8140 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.098431] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8141 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.098639] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8142 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

Mar  2 17:23:34 g0n kernel: [65701.098749] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=1492 TOS=0x00 PREC=0x00 TTL=54 ID=8143 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1857 RES=0x00 ACK URGP=0 

...

Mar  2 17:23:34 g0n kernel: [65701.667686] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=8171 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1959 RES=0x00 ACK URGP=0 

Mar  2 17:23:35 g0n kernel: [65701.921090] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=31943 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=3313 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:35 g0n kernel: [65701.952132] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=40 TOS=0x18 PREC=0x00 TTL=53 ID=61866 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:35 g0n kernel: [65701.952383] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=583 TOS=0x18 PREC=0x00 TTL=53 ID=61867 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:35 g0n kernel: [65701.954326] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=31944 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=3336 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:35 g0n kernel: [65702.021758] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=40 TOS=0x18 PREC=0x00 TTL=53 ID=61868 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:23:35 g0n kernel: [65702.062768] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=583 TOS=0x18 PREC=0x00 TTL=53 ID=61869 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:35 g0n kernel: [65702.068772] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=31945 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=3344 RES=0x00 ACK PSH URGP=0 

Mar  2 17:23:35 g0n kernel: [65702.099664] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=40 TOS=0x18 PREC=0x00 TTL=53 ID=61870 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

...

Mar  2 17:25:58 g0n kernel: [65845.051837] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=583 TOS=0x18 PREC=0x00 TTL=53 ID=62384 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK PSH URGP=0 

Mar  2 17:25:58 g0n kernel: [65845.093064] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=32306 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=11353 RES=0x00 ACK URGP=0 

Mar  2 17:26:03 g0n kernel: [65850.062707] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=01:00:5e:01:01:4d:24:9e:ab:c9:3d:77:08:00
SRC=192.168.1.1 DST=224.1.1.77 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18713 PROTO=2 

Mar  2 17:26:04 g0n kernel: [65851.062791] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=01:00:5e:01:01:4d:24:9e:ab:c9:3d:77:08:00
SRC=192.168.1.1 DST=224.1.1.77 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18714 PROTO=2 

Mar  2 17:26:08 g0n kernel: [65855.407198] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=32307 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=11353 RES=0x00 ACK PSH URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.440191] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=583 TOS=0x00 PREC=0x00 TTL=64 ID=32308 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=11353 RES=0x00 ACK PSH FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.440290] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=171.25.193.9 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=25608 DF
PROTO=TCP SPT=53166 DPT=80 WINDOW=294 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.440348] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40914 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.440421] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=192.42.113.102 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=6889 DF
PROTO=TCP SPT=51760 DPT=9001 WINDOW=1474 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.440476] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19397 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=6189 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.469699] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=88.99.27.131 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=8173 DF
PROTO=TCP SPT=9001 DPT=56494 WINDOW=1959 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.471440] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=40 TOS=0x18 PREC=0x00 TTL=53 ID=62385 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.471502] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=5.39.64.7 DST=192.168.1.6 LEN=40 TOS=0x18 PREC=0x00 TTL=53 ID=62386 DF
PROTO=TCP SPT=9001 DPT=40756 WINDOW=2804 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.475956] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=192.42.113.102 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=41144 DF
PROTO=TCP SPT=9001 DPT=51760 WINDOW=185 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.480934] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=88.99.27.131 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=19398 DF
PROTO=TCP SPT=56494 DPT=9001 WINDOW=6189 RES=0x00 ACK URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.481127] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=5.39.64.7 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=42736 DF
PROTO=TCP SPT=40756 DPT=9001 WINDOW=11353 RES=0x00 ACK URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.481180] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=192.42.113.102 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=6890 DF
PROTO=TCP SPT=51760 DPT=9001 WINDOW=1474 RES=0x00 ACK URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.482139] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=178.62.86.96 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=39013 DF
PROTO=TCP SPT=9001 DPT=45224 WINDOW=165 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.482406] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=178.62.86.96 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=40915 DF
PROTO=TCP SPT=45224 DPT=9001 WINDOW=6061 RES=0x00 ACK URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.499750] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=171.25.193.9 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=47884 DF
PROTO=TCP SPT=80 DPT=53166 WINDOW=1043 RES=0x00 ACK URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.499831] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=50:54:00:3d:b7:19:2c:95:7f:8b:44:87:08:00
SRC=171.25.193.9 DST=192.168.1.6 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=18683 DF
PROTO=TCP SPT=80 DPT=53166 WINDOW=1043 RES=0x00 ACK FIN URGP=0 

Mar  2 17:26:08 g0n kernel: [65855.500222] mrfw_tap0_fwd_inIN=br0 OUT=br0
PHYSIN=tap0 PHYSOUT=eth1 MAC=2c:95:7f:8b:44:87:50:54:00:3d:b7:19:08:00
SRC=192.168.1.6 DST=171.25.193.9 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=1729 DF
PROTO=TCP SPT=53166 DPT=80 WINDOW=294 RES=0x00 ACK URGP=0 

Mar  2 17:26:16 g0n kernel: [65863.800642] kvm [18127]: vcpu0, guest rIP:
0xffffffffa6460533 unhandled rdmsr: 0xc0010048

Mar  2 17:26:20 g0n kernel: [65867.063710] mrfw_tap0_fwd_outIN=br0 OUT=br0
PHYSIN=eth1 PHYSOUT=tap0 MAC=01:00:5e:00:00:01:24:9e:ab:c9:3d:77:08:00
SRC=192.168.1.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18731 PROTO=2 

Mar  2 17:26:20 g0n kernel: [65867.063767] mrfw_dropIN=br0 OUT= PHYSIN=eth1
MAC=01:00:5e:00:00:01:24:9e:ab:c9:3d:77:08:00 SRC=192.168.1.1 DST=224.0.0.1
LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=18731 PROTO=2 

Mar  2 17:26:25 g0n dhcpcd[3570]: tap0: carrier lost

Mar  2 17:26:25 g0n kernel: [65871.901015] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:18236]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:26:25 g0n kernel: [65871.910287] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) chdir to /run/dhcpcd/resolv.conf by
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18239] uid/euid:0/0
gid/egid:0/0, parent /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18236]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:25 g0n kernel: [65871.912593] grsec: (root:U:/) exec of /bin/sed
(sed -n s/^domain //p br0.dhcp br0.dhcp6 br0.ra ) by
/bin/sed[dhcpcd-run-hook:18240] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18239] uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:25 g0n kernel: [65871.916256] br0: port 2(tap0) entered disabled
state

Mar  2 17:26:25 g0n kernel: [65871.917363] device tap0 left promiscuous mode

Mar  2 17:26:25 g0n kernel: [65871.917367] br0: port 2(tap0) entered disabled
state

...

Mar  2 17:26:25 g0n kernel: [65872.147182] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.tap0.dhcp ) by
/bin/rm[dhcpcd-run-hook:18310] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18300] uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:25 g0n kernel: [65872.150181] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.tap0.dhcp ) by
/bin/rm[dhcpcd-run-hook:18311] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18300] uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:31 g0n kernel: [65878.838748] grsec: (root:U:/usr/libexec/postfix)
exec of /usr/libexec/postfix/pickup (pickup -l -t unix -u ) by
/usr/libexec/postfix/pickup[master:18314] uid/euid:0/0 gid/egid:0/0, parent
/usr/libexec/postfix/master[master:4516] uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:32 g0n kernel: [65878.894788] grsec: (root:U:/usr/libexec/postfix)
chdir to /var/spool/postfix by /usr/libexec/postfix/pickup[pickup:18314]
uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/master[master:4516]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:32 g0n kernel: [65879.454903] sky2 0000:06:00.0 eth1: Link is down

Mar  2 17:26:32 g0n dhcpcd[3570]: eth1: carrier lost

...

Mar  2 17:26:32 g0n kernel: [65879.569648] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.eth1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:18351] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18342] uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:32 g0n kernel: [65879.571532] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.eth1.dhcp ) by
/bin/rm[dhcpcd-run-hook:18352] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18342] uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:32 g0n kernel: [65879.574138] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.eth1.dhcp ) by
/bin/rm[dhcpcd-run-hook:18353] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:18342] uid/euid:0/0 gid/egid:0/0

Mar  2 17:26:33 g0n dhcpcd[3570]: br0: carrier lost

Well, that's Tor employed in Tails, and if the Schmoog and the likes don't have too dominant share in the exit nodes, then it is likely that the exit node in France, which of course, is not in the logs, nor in the network trace (and I would need to delve into Tor development to see how the information got to me), so neither any surveilling subjects would have known about it, if I didn't tell about it here... If the spying Schmoog and the likes don't control significant share of exit nodes, that is.

---

The following logs are just what happens after:

# service libvirtd restart
# service libvirt-guests restart

and it might be that the understanding of it is necessary to set the right RBAC policies.

Important to note is also that a few seconds short of two minutes after the libvirtd and libvirt-guests restarting, [b]which restarting happened offline[/b], I set up the usual procedure with uncenz-1st run and with physically plugging in the wire to the cable to connect to internet.

So the below shows what exec'd in the system following the user (me, as root) having issued:

# service libvirtd restart
# service libvirt-guests restart

Actually after this log below follows the successful run of Tails in a virtual machine by pure Qemu, posted in this page first, but under local link.

In other words, the following happened first. The above posted happened next.

And the below is of interest if I want to check out how libvirt manages iptables and relatives.

First the user (me, as root) issued [b]service libvirtd restart[/b]:

Mar  2 17:19:17 g0n kernel: [65444.399413] grsec: (admin:S:/) exec of
/sbin/service (service libvirtd restart ) by /sbin/service[bash:17172]
uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:4692] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.400846] grsec: (admin:S:/) exec of
/etc/init.d/libvirtd (/etc/init.d/libvirtd restart ) by
/etc/init.d/libvirtd[service:17172] uid/euid:0/0 gid/egid:0/0, parent
/bin/bash[bash:4692] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.401979] grsec: (admin:S:/) chdir to / by
/etc/init.d/libvirtd[libvirtd:17172] uid/euid:0/0 gid/egid:0/0, parent
/bin/bash[bash:4692] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.411584] grsec: (admin:S:/) exec of
/lib64/rc/sh/openrc-run.sh (/lib64/rc/sh/openrc-run.sh /etc/init.d/libvirtd
stop ) by /lib64/rc/sh/openrc-run.sh[libvirtd:17175] uid/euid:0/0 gid/egid:0/0,
parent /etc/init.d/libvirtd[libvirtd:17172] uid/euid:0/0 gid/egid:0/0

and that starts a lot of work by libvirt...

Mar  2 17:19:17 g0n kernel: [65444.677291] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- net-pf-16-proto-9 ) by
/bin/kmod[kworker/u8:3:17240] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n libvirtd: SQL engine 'mysql' not supported

Mar  2 17:19:17 g0n libvirtd: auxpropfunc error no mechanism available

Mar  2 17:19:17 g0n libvirtd: _sasl_plugin_load failed on
sasl_auxprop_plug_init for plugin: sql

Mar  2 17:19:17 g0n kernel: [65444.691588] grsec: (admin:S:/) exec of
/lib64/rc/bin/eend (eend 0 Failed to start libvirtd ) by
/lib64/rc/bin/eend[openrc-run.sh:17243] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17202] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.701016] grsec: (admin:S:/) exec of
/usr/sbin/dnsmasq (/usr/sbin/dnsmasq --version ) by
/usr/sbin/dnsmasq[libvirtd:17242] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.735433] grsec: (admin:S:/) exec of
/lib64/rc/bin/service_set_value (service_set_value command /usr/sbin/libvirtd )
by /lib64/rc/bin/service_set_value[openrc-run.sh:17244] uid/euid:0/0
gid/egid:0/0, parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17202]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.736694] grsec: (admin:S:/) exec of
/usr/sbin/dnsmasq (/usr/sbin/dnsmasq --help ) by
/usr/sbin/dnsmasq[libvirtd:17245] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.743371] grsec: (admin:S:/) exec of
/lib64/rc/bin/service_set_value (service_set_value pidfile
/var/run/libvirtd.pid ) by /lib64/rc/bin/service_set_value[openrc-run.sh:17246]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17202] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.776615] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w -L -n ) by
/sbin/xtables-multi[libvirtd:17251] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.783592] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/ip6tables -w -L -n ) by
/sbin/xtables-multi[libvirtd:17252] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.796545] grsec: (admin:S:/) exec of
/sbin/ebtables (/sbin/ebtables --concurrent -L ) by
/sbin/ebtables[libvirtd:17253] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.837584] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table mangle --delete POSTROUTING
--out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSU) by
/sbin/xtables-multi[libvirtd:17254] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.842581] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 --destination 224.0.0.0/24 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17255] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:17 g0n kernel: [65444.846103] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 --destination 255.255.255.255/32 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17256] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.851485] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 -p tcp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17257] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.855608] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 -p udp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17258] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.860190] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 ! --destination 192.168.122.0/24 --jump MASQUERADE )
by /sbin/xtables-multi[libvirtd:17259] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.863698] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--destination 192.168.122.0/24 --out-interface virbr0 --match conntrack --ctst)
by /sbin/xtables-multi[libvirtd:17260] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.866085] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.866091] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.866095] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.866098] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

The sequence of the 4 lines above repeat a lot below, while of all the fifth lines to those four, I leave all of them intact... (in the first round --and I'm trying to keep it complete--) :

Mar  2 17:19:18 g0n kernel: [65444.868044] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD --source
192.168.122.0/24 --in-interface virbr0 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17261] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.872135] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--in-interface virbr0 --out-interface virbr0 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17262] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.876132] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--out-interface virbr0 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17263]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.880589] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--in-interface virbr0 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17264]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.884585] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr0 --protocol udp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17265] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.890590] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr0 --protocol tcp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17266] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.895599] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete OUTPUT
--out-interface virbr0 --protocol udp --destination-port 68 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17267] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.900603] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr0 --protocol udp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17268] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.906592] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17269] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.913150] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17270] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.917588] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr0 --protocol udp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17271] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.922131] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert OUTPUT
--out-interface virbr0 --protocol udp --destination-port 68 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17272] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.928159] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr0 --protocol tcp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17273] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.939601] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr0 --protocol udp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17274] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.945224] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--in-interface virbr0 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17275]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.950589] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--out-interface virbr0 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17276]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.954583] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--in-interface virbr0 --out-interface virbr0 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17277] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.959611] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD --source
192.168.122.0/24 --in-interface virbr0 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17278] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.964594] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--destination 192.168.122.0/24 --out-interface virbr0 --match conntrack --ctst)
by /sbin/xtables-multi[libvirtd:17279] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

So, again, all the lines in the section above, had four lines like the below (which are just like the first four such lines in the section further above).

Mar  2 17:19:18 g0n kernel: [65444.966974] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.966980] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.966983] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.966987] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

There, the 4 lines are identical but for the "[some.number]" after "Mar 2 17:19:18 g0n kernel:".

Mar  2 17:19:18 g0n kernel: [65444.970603] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 ! --destination 192.168.122.0/24 --jump MASQUERADE )
by /sbin/xtables-multi[libvirtd:17280] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.976599] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 -p udp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17281] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.980844] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 -p tcp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17282] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.985115] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 --destination 255.255.255.255/32 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17283] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.989863] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 --destination 224.0.0.0/24 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17284] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.993678] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table mangle --insert POSTROUTING
--out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSU) by
/sbin/xtables-multi[libvirtd:17285] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.997853] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--in-interface virbr1 --out-interface virbr1 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17286] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65444.999923] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.999928] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.999931] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65444.999935] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

The 2nd batch of syslog lines.

The same 4 lines just above, again, and removing them from just a little further below. The fifth line to the above four.

Mar  2 17:19:18 g0n kernel: [65445.002128] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--out-interface virbr1 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17287]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

The difference btwn the first batch of syslog lines that I struggle hard to abbreviate, and this second, is just, apparently:

"virbr0" in the first batch

"virbr1" in the second batch

Mar  2 17:19:18 g0n kernel: [65445.006605] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--in-interface virbr1 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17288]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.011307] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr1 --protocol udp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17289] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.015451] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr1 --protocol tcp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17290] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.019035] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete OUTPUT
--out-interface virbr1 --protocol udp --destination-port 68 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17291] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.023197] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr1 --protocol udp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17292] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.027134] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr1 --protocol tcp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17293] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.031591] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr1 --protocol tcp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17294] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.035593] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr1 --protocol udp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17295] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.040213] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert OUTPUT
--out-interface virbr1 --protocol udp --destination-port 68 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17296] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.045122] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr1 --protocol tcp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17297] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.050591] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr1 --protocol udp --destination-port 53 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17298] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.055277] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--in-interface virbr1 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17299]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.059598] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--out-interface virbr1 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17300]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17241]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.061542] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65445.061547] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65445.061550] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65445.061554] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

In this meantime below, the [b]dnsmasq[/b] said its statements, else, the 4 proverbial lines are same.

Mar  2 17:19:18 g0n kernel: [65445.064606] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--in-interface virbr1 --out-interface virbr1 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17301] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n dnsmasq[4289]: read /etc/hosts - 16 addresses

Mar  2 17:19:18 g0n dnsmasq[4289]: read
/var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses

Mar  2 17:19:18 g0n dnsmasq-dhcp[4289]: read
/var/lib/libvirt/dnsmasq/default.hostsfile

Mar  2 17:19:18 g0n kernel: [65445.066591] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65445.066596] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65445.066599] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65445.066602] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:18 g0n kernel: [65445.627181] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --version ) by
/sbin/xtables-multi[libvirtd:17302] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:18 g0n kernel: [65445.664718] grsec: (admin:S:/) exec of
/usr/sbin/dmidecode (/usr/sbin/dmidecode -q -t 0,1,2,4,17 ) by
/usr/sbin/dmidecode[libvirtd:17303] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17241] uid/euid:0/0 gid/egid:0/0

Next the user (me, as root) issued [b]service libvirt-guests restart[/b]:

Mar  2 17:19:23 g0n kernel: [65450.352993] grsec: (admin:S:/) exec of
/sbin/service (service libvirt-guests restart ) by /sbin/service[bash:17426]
uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:4692] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.366030] grsec: (admin:S:/) exec of
/etc/init.d/libvirt-guests (/etc/init.d/libvirt-guests restart ) by
/etc/init.d/libvirt-guests[service:17426] uid/euid:0/0 gid/egid:0/0, parent
/bin/bash[bash:4692] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.367647] grsec: (admin:S:/) chdir to / by
/etc/init.d/libvirt-guests[libvirt-guests:17426] uid/euid:0/0 gid/egid:0/0,
parent /bin/bash[bash:4692] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.378699] grsec: (admin:S:/) exec of
/lib64/rc/sh/openrc-run.sh (/lib64/rc/sh/openrc-run.sh
/etc/init.d/libvirt-guests stop ) by
/lib64/rc/sh/openrc-run.sh[libvirt-guests:17429] uid/euid:0/0 gid/egid:0/0,
parent /etc/init.d/libvirt-guests[libvirt-guests:17426] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.385664] grsec: (admin:S:/) exec of
/lib64/rc/bin/eval_ecolors (eval_ecolors ) by
/lib64/rc/bin/eval_ecolors[openrc-run.sh:17432] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17431] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.410679] grsec: (admin:S:/) exec of
/bin/mkdir (mkdir -p /sys/fs/cgroup/openrc/libvirt-guests ) by
/bin/mkdir[openrc-run.sh:17434] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.411481] grsec: (admin:S:/) chdir to /sys by
/bin/mkdir[mkdir:17434] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.411496] grsec: (admin:S:/) chdir to /sys/fs
by /bin/mkdir[mkdir:17434] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.411509] grsec: (admin:S:/) chdir to
/sys/fs/cgroup by /bin/mkdir[mkdir:17434] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.411523] grsec: (admin:S:/) chdir to
/sys/fs/cgroup/openrc by /bin/mkdir[mkdir:17434] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.413673] grsec: (admin:S:/) exec of
/bin/mkdir (mkdir -p /sys/fs/cgroup/openrc/libvirt-guests ) by
/bin/mkdir[openrc-run.sh:17435] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.413712] grsec: (:::kernel::::S:/) exec of
/lib64/rc/sh/cgroup-release-agent.sh (/lib64/rc/sh/cgroup-release-agent.sh
/libvirt-guests ) by /lib64/rc/sh/cgroup-release-agent.sh[kworker/u8:4:17436]
uid/euid:0/0 gid/egid:0/0, parent /[kthreadd:2] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.414429] grsec: (admin:S:/) chdir to /sys by
/bin/mkdir[mkdir:17435] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.414444] grsec: (admin:S:/) chdir to /sys/fs
by /bin/mkdir[mkdir:17435] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.414457] grsec: (admin:S:/) chdir to
/sys/fs/cgroup by /bin/mkdir[mkdir:17435] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.414469] grsec: (admin:S:/) chdir to
/sys/fs/cgroup/openrc by /bin/mkdir[mkdir:17435] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.417637] grsec: (:::kernel::::S:/) exec of
/bin/rmdir (rmdir /sys/fs/cgroup/openrc//libvirt-guests ) by
/bin/rmdir[cgroup-release-:17438] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/cgroup-release-agent.sh[cgroup-release-:17436] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.429936] grsec: (admin:S:/) exec of /bin/rm
(rm -f /var/lib/libvirt/libvirt-guests.state ) by /bin/rm[openrc-run.sh:17445]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.432675] grsec: (admin:S:/) exec of /bin/rm
(rm -f /var/lib/libvirt/libvirt-net.state ) by /bin/rm[openrc-run.sh:17446]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.438303] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo Stopping libvirt domains and networks for
qemu:///system ) by /lib64/rc/bin/einfo[openrc-run.sh:17447] uid/euid:0/0
gid/egid:0/0, parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.441032] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo  Shutting down domain(s) ... ) by
/lib64/rc/bin/einfo[openrc-run.sh:17448] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.444694] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system list --uuid --persistent ) by
/usr/bin/virsh[openrc-run.sh:17450] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17449] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.450664] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17451] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17449] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.467007] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17455] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17453] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.467698] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system domname
2823ce11-81b4-4c74-b465-2bb5980951c0 ) by /usr/bin/virsh[openrc-run.sh:17454]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17453] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.483438] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo   tails08 ) by
/lib64/rc/bin/einfo[openrc-run.sh:17457] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.488693] grsec: (admin:S:/) exec of
/usr/bin/gawk (awk $1 == "Autostart:" { print $2 } ) by
/usr/bin/gawk[openrc-run.sh:17460] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17458] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.489672] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17462] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17459] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.489884] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system dominfo
2823ce11-81b4-4c74-b465-2bb5980951c0 ) by /usr/bin/virsh[openrc-run.sh:17461]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17459] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.511699] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17465] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.511724] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system managedsave
2823ce11-81b4-4c74-b465-2bb5980951c0 ) by /usr/bin/virsh[openrc-run.sh:17464]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:23 g0n kernel: [65450.610268] grsec: (admin:S:/) exec of
/usr/libexec/libvirt_iohelper (/usr/libexec/libvirt_iohelper
/var/lib/libvirt/qemu/save/tails08.save 0 1 ) by
/usr/libexec/libvirt_iohelper[libvirtd:17491] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17225] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n dhcpcd[3570]: vnet0: carrier lost

Mar  2 17:19:32 g0n kernel: [65459.274432] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17494]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.283852] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17496] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17494] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.286820] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17497] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17494] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.288092] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17498] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17494] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.289504] virbr0: port 2(vnet0) entered
disabled state

Mar  2 17:19:32 g0n kernel: [65459.290917] device vnet0 left promiscuous mode

Mar  2 17:19:32 g0n kernel: [65459.290921] virbr0: port 2(vnet0) entered
disabled state

Mar  2 17:19:32 g0n dhcpcd[3570]: vnet0: deleting address
fe80::b025:7f23:4cfe:1d8

Mar  2 17:19:32 g0n kernel: [65459.293681] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh vnet0 stop ) by
/lib64/udev/net.sh[udevd:17502] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17501] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n dhcpcd[3570]: vnet0: deleting route to 169.254.0.0/16

Mar  2 17:19:32 g0n kernel: [65459.297864] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet0 ) by /bin/kmod[kworker/u8:2:17503]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:2:16971] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.299254] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet0 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:2:17504] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:2:16971] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.301359] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17505]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.309994] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet0.ipv4ll ) by
/usr/bin/cmp[dhcpcd-run-hook:17507] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17505] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.312961] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.ipv4ll ) by
/bin/rm[dhcpcd-run-hook:17508] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17505] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.314868] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.ipv4ll ) by
/bin/rm[dhcpcd-run-hook:17509] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17505] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.326841] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet0 ) by /bin/kmod[kworker/u8:4:17511]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:4:16806] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.329529] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet0 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:4:17512] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:4:16806] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.332830] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17513]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.342035] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17515] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17513] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.344785] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17516] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17513] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.349847] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17517] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17513] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n dhcpcd[3570]: vnet0: removing interface

Mar  2 17:19:32 g0n kernel: [65459.356854] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet0 ) by /bin/kmod[kworker/u8:4:17519]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:4:16806] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.358339] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet0 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:4:17520] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:4:16806] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.360829] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17521]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.370847] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17523] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17521] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.373392] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17524] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17521] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.375825] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17525] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17521] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.382840] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet0 ) by /bin/kmod[kworker/u8:2:17527]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:2:16971] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.384813] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet0 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:2:17528] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:2:16971] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.386831] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17529]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.396855] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17531] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17529] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.399181] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17532] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17529] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:32 g0n kernel: [65459.402049] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17533] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17529] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.069857] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17537] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17535] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.069890] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system domname
042b1507-6257-4e52-96b1-b9aef92e8b20 ) by /usr/bin/virsh[openrc-run.sh:17536]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17535] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.087372] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo   tails09 ) by
/lib64/rc/bin/einfo[openrc-run.sh:17539] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.091830] grsec: (admin:S:/) exec of
/usr/bin/gawk (awk $1 == "Autostart:" { print $2 } ) by
/usr/bin/gawk[openrc-run.sh:17542] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17540] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.094965] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system dominfo
042b1507-6257-4e52-96b1-b9aef92e8b20 ) by /usr/bin/virsh[openrc-run.sh:17543]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17541] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.095051] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17544] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17541] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.118887] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17547] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.118910] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system managedsave
042b1507-6257-4e52-96b1-b9aef92e8b20 ) by /usr/bin/virsh[openrc-run.sh:17546]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:33 g0n kernel: [65460.191854] grsec: (admin:S:/) exec of
/usr/libexec/libvirt_iohelper (/usr/libexec/libvirt_iohelper
/var/lib/libvirt/qemu/save/tails09.save 0 1 ) by
/usr/libexec/libvirt_iohelper[libvirtd:17568] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17225] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n dhcpcd[3570]: vnet1: carrier lost

Mar  2 17:19:43 g0n kernel: [65470.062030] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17571]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.070143] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17573] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17571] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.074008] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17574] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17571] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.075364] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17575] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17571] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.078570] virbr0: port 3(vnet1) entered
disabled state

Mar  2 17:19:43 g0n kernel: [65470.080121] device vnet1 left promiscuous mode

Mar  2 17:19:43 g0n kernel: [65470.080125] virbr0: port 3(vnet1) entered
disabled state

Mar  2 17:19:43 g0n dhcpcd[3570]: vnet1: deleting address
fe80::f262:408f:8915:68d

Mar  2 17:19:43 g0n kernel: [65470.083111] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh vnet1 stop ) by
/lib64/udev/net.sh[udevd:17579] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17577] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n dhcpcd[3570]: vnet1: deleting route to 169.254.0.0/16

Mar  2 17:19:43 g0n kernel: [65470.085432] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet1 ) by /bin/kmod[kworker/u8:4:17581]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:4:16806] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.087103] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet1 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:4:17582] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:4:16806] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.089453] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17583]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.097176] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet1.ipv4ll ) by
/usr/bin/cmp[dhcpcd-run-hook:17585] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17583] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.101080] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.ipv4ll ) by
/bin/rm[dhcpcd-run-hook:17586] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17583] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.104035] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.ipv4ll ) by
/bin/rm[dhcpcd-run-hook:17587] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17583] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.114196] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet1 ) by /bin/kmod[kworker/u8:3:17589]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:3:17077] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.119114] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet1 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:3:17590] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.123033] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17591]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.135050] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17593] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17591] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.138038] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17594] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17591] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.141018] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17595] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17591] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n dhcpcd[3570]: vnet1: removing interface

Mar  2 17:19:43 g0n kernel: [65470.147021] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet1 ) by /bin/kmod[kworker/u8:4:17597]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:4:16806] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.148674] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet1 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:4:17598] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:4:16806] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.152035] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17599]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.163050] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17601] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17599] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.165026] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17602] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17599] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.166930] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17603] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17599] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.173029] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-vnet1 ) by /bin/kmod[kworker/u8:3:17605]
uid/euid:0/0 gid/egid:0/0, parent /[kworker/u8:3:17077] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.176044] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- vnet1 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:3:17606] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.179028] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17607]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.187262] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17609] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17607] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.189122] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17610] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17607] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.190309] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.vnet1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17611] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17607] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n dhcpcd[3570]: virbr0: carrier lost

Mar  2 17:19:43 g0n kernel: [65470.199044] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17613]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.209073] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17615] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17613] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.211014] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17616] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17613] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.214135] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17617] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17613] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n dhcpcd[3570]: virbr0: deleting default route

Mar  2 17:19:43 g0n dhcpcd[3570]: virbr0: deleting route to 169.254.0.0/16

Mar  2 17:19:43 g0n kernel: [65470.237130] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17619]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.245274] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.ipv4ll )
by /usr/bin/cmp[dhcpcd-run-hook:17621] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17619] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.247107] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.ipv4ll ) by
/bin/rm[dhcpcd-run-hook:17622] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17619] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.248634] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.ipv4ll ) by
/bin/rm[dhcpcd-run-hook:17623] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17619] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.258821] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17625]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.267369] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17627] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17625] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.271035] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17628] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17625] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:43 g0n kernel: [65470.274056] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17629] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17625] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.862051] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17635] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17632] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.862753] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system list --uuid --persistent ) by
/usr/bin/virsh[openrc-run.sh:17634] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17632] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.877451] grsec: (admin:S:/) exec of /bin/wc
(wc -l ) by /bin/wc[openrc-run.sh:17633] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17631] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.881049] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo  Shutting down domain(s) ... ) by
/lib64/rc/bin/einfo[openrc-run.sh:17637] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.886051] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17640] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17638] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.887032] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system list --uuid --transient ) by
/usr/bin/virsh[openrc-run.sh:17639] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17638] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.909979] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system list --uuid --transient ) by
/usr/bin/virsh[openrc-run.sh:17645] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17643] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.910049] grsec: (admin:S:/) exec of /bin/wc
(wc -l ) by /bin/wc[openrc-run.sh:17644] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17642] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.915042] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17646] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17643] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.930729] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17650] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17648] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.931065] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system list --uuid --transient ) by
/usr/bin/virsh[openrc-run.sh:17649] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17648] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.948055] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo  Shutting down network(s): ) by
/lib64/rc/bin/einfo[openrc-run.sh:17652] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.951180] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-list --uuid --persistent ) by
/usr/bin/virsh[openrc-run.sh:17654] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17653] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.954418] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17655] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17653] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.970085] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-name
220a72af-13b1-4655-b909-bf08e943028a ) by /usr/bin/virsh[openrc-run.sh:17658]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17657] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.972131] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17659] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17657] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.988048] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo    default ) by
/lib64/rc/bin/einfo[openrc-run.sh:17661] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.991334] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17663] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65470.993241] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-destroy
220a72af-13b1-4655-b909-bf08e943028a ) by /usr/bin/virsh[openrc-run.sh:17662]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dnsmasq[4289]: exiting on receipt of SIGTERM

Mar  2 17:19:44 g0n kernel: [65471.007552] grsec: (default:D:/) denied unlink
of /run/libvirt/network/default.pid by /usr/sbin/dnsmasq[dnsmasq:4289]
uid/euid:65534/65534 gid/egid:65534/65534, parent /sbin/init[init:1]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0-nic: removing interface

Mar  2 17:19:44 g0n kernel: [65471.008552] device virbr0-nic left promiscuous
mode

Mar  2 17:19:44 g0n kernel: [65471.008557] virbr0: port 1(virbr0-nic) entered
disabled state

Mar  2 17:19:44 g0n kernel: [65471.010292] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr0-nic stop ) by
/lib64/udev/net.sh[udevd:17666] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17577] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.012031] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-virbr0-nic ) by
/bin/kmod[kworker/u8:3:17665] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.015108] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- virbr0-nic grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:3:17667] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.016836] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17668]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.026051] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0-nic.dhcp )
by /usr/bin/cmp[dhcpcd-run-hook:17670] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17668] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.027951] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17671] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17668] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.030682] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table mangle --delete POSTROUTING
--out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSU) by
/sbin/xtables-multi[libvirtd:17673] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.030896] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17672] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17668] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.035040] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 --destination 224.0.0.0/24 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17674] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: new hardware address:
00:00:00:00:00:00

Mar  2 17:19:44 g0n kernel: [65471.041047] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 --destination 255.255.255.255/32 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17676] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.046044] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 -p tcp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17677] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.050617] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 -p udp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17678] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.056626] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --delete POSTROUTING
--source 192.168.122.0/24 ! --destination 192.168.122.0/24 --jump MASQUERADE )
by /sbin/xtables-multi[libvirtd:17679] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.061616] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--destination 192.168.122.0/24 --out-interface virbr0 --match conntrack --ctst)
by /sbin/xtables-multi[libvirtd:17680] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.064123] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.064129] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.064132] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.064135] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.066049] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD --source
192.168.122.0/24 --in-interface virbr0 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17681] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

... [38 lines of repetitive patterns cut]...

Mar  2 17:19:44 g0n kernel: [65471.105664] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete INPUT
--in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17689] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17227] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.107857] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.107862] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.107866] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.107869] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: removing interface

Mar  2 17:19:44 g0n kernel: [65471.110027] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-virbr0 ) by
/bin/kmod[kworker/u8:3:17691] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.110297] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr0 stop ) by
/lib64/udev/net.sh[udevd:17690] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17577] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.113025] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- virbr0 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:3:17692] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.116032] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17693]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.119033] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17696] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17694] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.120039] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-name
7e4f38ed-8848-485e-b610-808c9e3bf0d8 ) by /usr/bin/virsh[openrc-run.sh:17695]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17694] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.125054] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17698] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17693] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.128816] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17699] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17693] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.130389] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17700] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17693] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.136210] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-virbr0 ) by
/bin/kmod[kworker/u8:4:17703] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:4:16806] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.142048] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- virbr0 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:4:17704] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:4:16806] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.143035] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo    Whonix ) by
/lib64/rc/bin/einfo[openrc-run.sh:17705] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.145160] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17706]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.146498] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-destroy
7e4f38ed-8848-485e-b610-808c9e3bf0d8 ) by /usr/bin/virsh[openrc-run.sh:17707]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.147025] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17708] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.153156] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17710] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17706] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.157071] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17711] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17706] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.160042] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17712] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17706] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1-nic: removing interface

Mar  2 17:19:44 g0n kernel: [65471.169353] device virbr1-nic left promiscuous
mode

Mar  2 17:19:44 g0n kernel: [65471.169362] virbr1: port 1(virbr1-nic) entered
disabled state

Mar  2 17:19:44 g0n kernel: [65471.171055] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-virbr1-nic ) by
/bin/kmod[kworker/u8:3:17715] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.172196] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr1-nic stop ) by
/lib64/udev/net.sh[udevd:17716] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17577] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.176047] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- virbr1-nic grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:3:17717] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.178458] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17718]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.186847] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr1-nic.dhcp )
by /usr/bin/cmp[dhcpcd-run-hook:17720] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17718] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.190052] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17721] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17718] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.193031] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17722] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17718] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.195070] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--in-interface virbr1 --out-interface virbr1 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17723] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: new hardware address:
00:00:00:00:00:00

Mar  2 17:19:44 g0n kernel: [65471.196953] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.196972] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.196977] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.196980] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.202055] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --delete FORWARD
--out-interface virbr1 --jump REJECT ) by /sbin/xtables-multi[libvirtd:17725]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/libvirtd[libvirtd:17226]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.204108] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

... [30 lines of repetitive patterns cut]...

Mar  2 17:19:44 g0n kernel: [65471.235266] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.235269] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.235272] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: removing interface

Mar  2 17:19:44 g0n kernel: [65471.237149] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr1 stop ) by
/lib64/udev/net.sh[udevd:17732] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17577] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.238045] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- netdev-virbr1 ) by
/bin/kmod[kworker/u8:6:17733] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:6:16637] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.240764] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- virbr1 grsec_modharden_netdev ) by
/bin/kmod[kworker/u8:6:17734] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:6:16637] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.243031] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17735]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.249382] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo  Shutting down network(s): ) by
/lib64/rc/bin/einfo[openrc-run.sh:17736] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.253055] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17739] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17735] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.253077] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17741] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17738] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.255673] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-list --uuid --transient ) by
/usr/bin/virsh[openrc-run.sh:17740] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17738] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.256062] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17742] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17735] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.258869] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17743] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17735] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.274076] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo Done stopping domains and networks for
qemu:///system ) by /lib64/rc/bin/einfo[openrc-run.sh:17746] uid/euid:0/0
gid/egid:0/0, parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17429]
uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.283865] grsec: (:::kernel::::S:/) exec of
/lib64/rc/sh/cgroup-release-agent.sh (/lib64/rc/sh/cgroup-release-agent.sh
/libvirt-guests ) by /lib64/rc/sh/cgroup-release-agent.sh[kworker/u8:3:17749]
uid/euid:0/0 gid/egid:0/0, parent /[kthreadd:2] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.288192] grsec: (:::kernel::::S:/) exec of
/bin/rmdir (rmdir /sys/fs/cgroup/openrc//libvirt-guests ) by
/bin/rmdir[cgroup-release-:17753] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/cgroup-release-agent.sh[cgroup-release-:17749] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.298920] grsec: (admin:S:/) exec of
/lib64/rc/sh/openrc-run.sh (/lib64/rc/sh/openrc-run.sh
/etc/init.d/libvirt-guests start ) by
/lib64/rc/sh/openrc-run.sh[libvirt-guests:17755] uid/euid:0/0 gid/egid:0/0,
parent /etc/init.d/libvirt-guests[libvirt-guests:17426] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.306183] grsec: (admin:S:/) exec of
/lib64/rc/bin/eval_ecolors (eval_ecolors ) by
/lib64/rc/bin/eval_ecolors[openrc-run.sh:17758] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17757] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.317646] grsec: (admin:S:/) exec of
/bin/mkdir (mkdir -p /sys/fs/cgroup/openrc/libvirt-guests ) by
/bin/mkdir[openrc-run.sh:17760] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.318492] grsec: (admin:S:/) chdir to /sys by
/bin/mkdir[mkdir:17760] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.318509] grsec: (admin:S:/) chdir to /sys/fs
by /bin/mkdir[mkdir:17760] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.318523] grsec: (admin:S:/) chdir to
/sys/fs/cgroup by /bin/mkdir[mkdir:17760] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.318538] grsec: (admin:S:/) chdir to
/sys/fs/cgroup/openrc by /bin/mkdir[mkdir:17760] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.319733] grsec: (admin:S:/) exec of
/bin/mkdir (mkdir -p /sys/fs/cgroup/openrc/libvirt-guests ) by
/bin/mkdir[openrc-run.sh:17761] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.320924] grsec: (admin:S:/) chdir to /sys by
/bin/mkdir[mkdir:17761] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.320941] grsec: (admin:S:/) chdir to /sys/fs
by /bin/mkdir[mkdir:17761] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.320956] grsec: (admin:S:/) chdir to
/sys/fs/cgroup by /bin/mkdir[mkdir:17761] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.321368] grsec: (admin:S:/) chdir to
/sys/fs/cgroup/openrc by /bin/mkdir[mkdir:17761] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.322129] grsec: (:::kernel::::S:/) exec of
/lib64/rc/sh/cgroup-release-agent.sh (/lib64/rc/sh/cgroup-release-agent.sh
/libvirt-guests ) by /lib64/rc/sh/cgroup-release-agent.sh[kworker/u8:3:17762]
uid/euid:0/0 gid/egid:0/0, parent /[kthreadd:2] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.326026] grsec: (:::kernel::::S:/) exec of
/bin/rmdir (rmdir /sys/fs/cgroup/openrc//libvirt-guests ) by
/bin/rmdir[cgroup-release-:17764] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/cgroup-release-agent.sh[cgroup-release-:17762] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.334096] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system connect ) by
/usr/bin/virsh[openrc-run.sh:17771] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.335052] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17772] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.352059] grsec: (admin:S:/) exec of
/lib64/rc/bin/ebegin (ebegin Starting libvirt networks ) by
/lib64/rc/bin/ebegin[openrc-run.sh:17774] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.356319] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-name
220a72af-13b1-4655-b909-bf08e943028a ) by /usr/bin/virsh[openrc-run.sh:17776]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17775] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.357086] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17777] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17775] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.373065] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo   default ) by
/lib64/rc/bin/einfo[openrc-run.sh:17779] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.381088] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-start
220a72af-13b1-4655-b909-bf08e943028a ) by /usr/bin/virsh[openrc-run.sh:17780]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.381119] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17781] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.399702] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr0 start ) by
/lib64/udev/net.sh[udevd:17783] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17577] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.400059] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr0-nic start ) by
/lib64/udev/net.sh[udevd:17784] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17578] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.403259] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- net-pf-16-proto-16-family-nl80211 ) by
/bin/kmod[kworker/u8:6:17785] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:6:16637] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.413562] virbr0: port 1(virbr0-nic) entered
blocking state

Mar  2 17:19:44 g0n kernel: [65471.413567] virbr0: port 1(virbr0-nic) entered
disabled state

Mar  2 17:19:44 g0n kernel: [65471.413649] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17787]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.413685] device virbr0-nic entered
promiscuous mode

Mar  2 17:19:44 g0n kernel: [65471.422912] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17788]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.430909] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17790] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17788] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.432264] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17791] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17788] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.434946] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17792] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17788] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: waiting for carrier

Mar  2 17:19:44 g0n kernel: [65471.440281] virbr0: port 1(virbr0-nic) entered
blocking state

Mar  2 17:19:44 g0n kernel: [65471.440286] virbr0: port 1(virbr0-nic) entered
listening state

Mar  2 17:19:44 g0n kernel: [65471.440350] IPv6: ADDRCONF(NETDEV_UP): virbr0:
link is not ready

Mar  2 17:19:44 g0n kernel: [65471.443073] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- net-pf-16-proto-16-family-nl80211 ) by
/bin/kmod[kworker/u8:3:17795] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.446622] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17796] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.448038] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17797]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.449500] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.449506] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.449509] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.449512] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.451551] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr0 --protocol udp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17798] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

... [48 lines of repetitive patterns cut]...

Mar  2 17:19:44 g0n kernel: [65471.491046] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert FORWARD
--destination 192.168.122.0/24 --out-interface virbr0 --match conntrack --ctst)
by /sbin/xtables-multi[libvirtd:17814] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.493588] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.493593] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.493596] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.493599] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0-nic: IAID 00:ea:ee:e9

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: carrier acquired

Mar  2 17:19:44 g0n kernel: [65471.496050] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 ! --destination 192.168.122.0/24 --jump MASQUERADE )
by /sbin/xtables-multi[libvirtd:17815] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.497285] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17816]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.500348] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 -p udp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17817] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.504150] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 -p tcp ! --destination 192.168.122.0/24 --jump MASQ)
by /sbin/xtables-multi[libvirtd:17818] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: IAID 00:ea:ee:e9

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: IAID conflicts with one assigned to
virbr0-nic

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: adding address
fe80::7e36:b0a1:9718:3d3a

Mar  2 17:19:44 g0n dhcpcd[3570]: if_addaddress6: Permission denied

Mar  2 17:19:44 g0n kernel: [65471.509054] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 --destination 255.255.255.255/32 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17819] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.512510] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table nat --insert POSTROUTING
--source 192.168.122.0/24 --destination 224.0.0.0/24 --jump RETURN ) by
/sbin/xtables-multi[libvirtd:17820] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.516373] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table mangle --insert POSTROUTING
--out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSU) by
/sbin/xtables-multi[libvirtd:17821] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.526947] grsec: (admin:S:/) exec of
/usr/sbin/dnsmasq (/usr/sbin/dnsmasq --version ) by
/usr/sbin/dnsmasq[libvirtd:17822] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0-nic: soliciting an IPv6 router

Mar  2 17:19:44 g0n kernel: [65471.532054] grsec: (admin:S:/) exec of
/usr/sbin/dnsmasq (/usr/sbin/dnsmasq --help ) by
/usr/sbin/dnsmasq[libvirtd:17823] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.537689] grsec: (admin:S:/) exec of
/usr/sbin/dnsmasq (/usr/sbin/dnsmasq
--conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
--dhcp-script=/usr/libexec/libvirt_leaseshelp) by
/usr/sbin/dnsmasq[libvirtd:17824] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.542047] grsec: (admin:S:/) exec of /bin/bash
(sh -c /usr/libexec/libvirt_leaseshelper init ) by /bin/bash[dnsmasq:17825]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/dnsmasq[dnsmasq:17824] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.548921] grsec: (admin:S:/) exec of
/usr/libexec/libvirt_leaseshelper (/usr/libexec/libvirt_leaseshelper init ) by
/usr/libexec/libvirt_leaseshelper[sh:17825] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/dnsmasq[dnsmasq:17824] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.555262] grsec: (admin:S:/) chdir to / by
/usr/sbin/dnsmasq[dnsmasq:17824] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dnsmasq[17827]: started, version 2.76 cachesize 150

Mar  2 17:19:44 g0n dnsmasq[17827]: compile time options: IPv6 GNU-getopt
no-DBus i18n IDN DHCP DHCPv6 no-Lua no-TFTP conntrack ipset no-auth no-DNSSEC
loop-detect inotify

Mar  2 17:19:44 g0n dnsmasq-dhcp[17827]: DHCP, IP range 192.168.122.2 --
192.168.122.254, lease time 1h

Mar  2 17:19:44 g0n dnsmasq-dhcp[17827]: DHCP, sockets bound exclusively to
interface virbr0

Mar  2 17:19:44 g0n dnsmasq[17827]: no servers found in /etc/resolv.conf, will
retry

Mar  2 17:19:44 g0n dnsmasq[17827]: read /etc/hosts - 16 addresses

Mar  2 17:19:44 g0n dnsmasq[17827]: read
/var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses

Mar  2 17:19:44 g0n dnsmasq-dhcp[17827]: read
/var/lib/libvirt/dnsmasq/default.hostsfile

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0-nic: carrier lost

Mar  2 17:19:44 g0n kernel: [65471.560063] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17829]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.569254] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0-nic.dhcp )
by /usr/bin/cmp[dhcpcd-run-hook:17831] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17829] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.571273] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17832] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17829] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.574011] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17833] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17829] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.576702] virbr0: port 1(virbr0-nic) entered
disabled state

Mar  2 17:19:44 g0n kernel: [65471.581115] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17837] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17835] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.581757] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-name
7e4f38ed-8848-485e-b610-808c9e3bf0d8 ) by /usr/bin/virsh[openrc-run.sh:17836]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17835] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.600075] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo   Whonix ) by
/lib64/rc/bin/einfo[openrc-run.sh:17839] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.603061] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system net-start
7e4f38ed-8848-485e-b610-808c9e3bf0d8 ) by /usr/bin/virsh[openrc-run.sh:17840]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.603289] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17841] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.616851] virbr1: port 1(virbr1-nic) entered
blocking state

Mar  2 17:19:44 g0n kernel: [65471.616855] virbr1: port 1(virbr1-nic) entered
disabled state

Mar  2 17:19:44 g0n kernel: [65471.616949] device virbr1-nic entered
promiscuous mode

Mar  2 17:19:44 g0n kernel: [65471.618045] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr1 start ) by
/lib64/udev/net.sh[udevd:17843] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17786] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.619047] grsec: (root:U:/) exec of
/lib64/udev/net.sh (/lib/udev/net.sh virbr1-nic start ) by
/lib64/udev/net.sh[udevd:17845] uid/euid:0/0 gid/egid:0/0, parent
/sbin/udevd[udevd:17577] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.619426] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- net-pf-16-proto-16-family-nl80211 ) by
/bin/kmod[kworker/u8:3:17844] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:3:17077] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.622039] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17846]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.630919] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17847]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.639071] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17850] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17847] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.641052] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17851] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17847] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.642516] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17852] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17847] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: waiting for carrier

Mar  2 17:19:44 g0n kernel: [65471.647074] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr1 --protocol tcp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17854] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.647733] virbr1: port 1(virbr1-nic) entered
blocking state

Mar  2 17:19:44 g0n kernel: [65471.647737] virbr1: port 1(virbr1-nic) entered
listening state

Mar  2 17:19:44 g0n kernel: [65471.648777] grsec: (:::kernel::::S:/) exec of
/bin/kmod (/sbin/modprobe -q -- net-pf-16-proto-16-family-nl80211 ) by
/bin/kmod[kworker/u8:4:17855] uid/euid:0/0 gid/egid:0/0, parent
/[kworker/u8:4:16806] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.649624] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.649629] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.649633] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.649636] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.651858] grsec: (admin:S:/) exec of
/sbin/xtables-multi (/sbin/iptables -w --table filter --insert INPUT
--in-interface virbr1 --protocol udp --destination-port 67 --jump ACCEPT ) by
/sbin/xtables-multi[libvirtd:17856] uid/euid:0/0 gid/egid:0/0, parent
/usr/sbin/libvirtd[libvirtd:17226] uid/euid:0/0 gid/egid:0/0

... [37 lines of (mostly the same) repetitive patterns cut]...

Mar  2 17:19:44 g0n kernel: [65471.683952] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.683955] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.683958] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n kernel: [65471.683961] xt_physdev: using --physdev-out and
--physdev-is-out are only supported in the FORWARD and POSTROUTING chains with
bridged traffic.

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: new hardware address:
52:54:00:04:29:f2

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1-nic: carrier acquired

Mar  2 17:19:44 g0n kernel: [65471.689042] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17871]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.706035] virbr1: port 1(virbr1-nic) entered
disabled state

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1-nic: IAID 00:04:29:f2

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: carrier acquired

Mar  2 17:19:44 g0n kernel: [65471.708615] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17872]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.710037] grsec: (admin:S:/) exec of
/lib64/rc/bin/eend (eend 0 ) by /lib64/rc/bin/eend[openrc-run.sh:17873]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.712228] grsec: (admin:S:/) exec of
/lib64/rc/bin/ebegin (ebegin Starting libvirt domains ) by
/lib64/rc/bin/ebegin[openrc-run.sh:17874] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: IAID 00:04:29:f2

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: IAID conflicts with one assigned to
virbr1-nic

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1: adding address
fe80::e632:55ca:57f0:da2e

Mar  2 17:19:44 g0n dhcpcd[3570]: if_addaddress6: Permission denied

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr1-nic: carrier lost

Mar  2 17:19:44 g0n kernel: [65471.715401] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17877] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17875] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.715494] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system domname
2823ce11-81b4-4c74-b465-2bb5980951c0 ) by /usr/bin/virsh[openrc-run.sh:17876]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17875] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.717244] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17878]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.725427] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr1-nic.dhcp )
by /usr/bin/cmp[dhcpcd-run-hook:17880] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17878] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.729061] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17881] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17878] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.730942] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1-nic.dhcp ) by
/bin/rm[dhcpcd-run-hook:17883] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17878] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.735017] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo   tails08 ) by
/lib64/rc/bin/einfo[openrc-run.sh:17885] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.737618] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17887] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.739919] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system start
2823ce11-81b4-4c74-b465-2bb5980951c0 ) by /usr/bin/virsh[openrc-run.sh:17886]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n dhcpcd[3570]: virbr0: soliciting an IPv6 router

Mar  2 17:19:44 g0n kernel: [65471.841180] grsec: (root:U:/) denied open of
/var/log/libvirt/qemu/tails08.log for appending by
/usr/sbin/virtlogd[virtlogd:4122] uid/euid:0/0 gid/egid:0/0, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:44 g0n kernel: [65471.841718] grsec: (root:U:/) denied open of
/var/log/libvirt/qemu/tails08.log for appending by
/usr/sbin/virtlogd[virtlogd:4122] uid/euid:0/0 gid/egid:0/0, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65471.880062] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system domname
042b1507-6257-4e52-96b1-b9aef92e8b20 ) by /usr/bin/virsh[openrc-run.sh:17915]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17914] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65471.880087] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17916] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17914] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65471.895256] grsec: (admin:S:/) exec of
/lib64/rc/bin/einfo (einfo   tails09 ) by
/lib64/rc/bin/einfo[openrc-run.sh:17918] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n dhcpcd[3570]: virbr0: soliciting a DHCP lease

Mar  2 17:19:45 g0n kernel: [65471.899073] grsec: (admin:S:/) exec of
/usr/bin/virsh (virsh -c qemu:///system start
042b1507-6257-4e52-96b1-b9aef92e8b20 ) by /usr/bin/virsh[openrc-run.sh:17919]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65471.900041] grsec: (admin:S:/) exec of /bin/head
(head -n -1 ) by /bin/head[openrc-run.sh:17920] uid/euid:0/0 gid/egid:0/0,
parent /lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65471.995824] grsec: (root:U:/) denied open of
/var/log/libvirt/qemu/tails09.log for appending by
/usr/sbin/virtlogd[virtlogd:4122] uid/euid:0/0 gid/egid:0/0, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65471.996360] grsec: more alerts, logging disabled
for 10 seconds

Mar  2 17:19:45 g0n kernel: [65472.040831] grsec: (admin:S:/) exec of
/lib64/rc/bin/eend (eend 0 ) by /lib64/rc/bin/eend[openrc-run.sh:17942]
uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/openrc-run.sh[openrc-run.sh:17755] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.047569] grsec: (:::kernel::::S:/) exec of
/lib64/rc/sh/cgroup-release-agent.sh (/lib64/rc/sh/cgroup-release-agent.sh
/libvirt-guests ) by /lib64/rc/sh/cgroup-release-agent.sh[kworker/u8:3:17945]
uid/euid:0/0 gid/egid:0/0, parent /[kthreadd:2] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.051039] grsec: (:::kernel::::S:/) exec of
/bin/rmdir (rmdir /sys/fs/cgroup/openrc//libvirt-guests ) by
/bin/rmdir[cgroup-release-:17948] uid/euid:0/0 gid/egid:0/0, parent
/lib64/rc/sh/cgroup-release-agent.sh[cgroup-release-:17945] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:45 g0n dhcpcd[3570]: virbr1: soliciting a DHCP lease

Mar  2 17:19:45 g0n dhcpcd[3570]: virbr0: carrier lost

Mar  2 17:19:45 g0n kernel: [65472.149099] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17949]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.156888] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17951] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17949] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.158738] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17952] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17949] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.160397] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17953] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17949] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.172447] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17955]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.179925] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17957] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17955] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.181294] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17958] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17955] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.183660] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr0.dhcp ) by
/bin/rm[dhcpcd-run-hook:17959] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17955] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n dhcpcd[3570]: virbr1: carrier lost

Mar  2 17:19:45 g0n kernel: [65472.189050] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17961]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.197198] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17963] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17961] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.199167] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17964] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17961] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.200429] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17965] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17961] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.215080] grsec:
(root:U:/lib64/dhcpcd/dhcpcd-run-hooks) exec of /lib64/dhcpcd/dhcpcd-run-hooks
(/lib/dhcpcd/dhcpcd-run-hooks ) by /lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd:17967]
uid/euid:0/0 gid/egid:0/0, parent /sbin/dhcpcd[dhcpcd:3570] uid/euid:0/0
gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.224057] grsec: (root:U:/) exec of
/usr/bin/cmp (cmp -s /etc/resolv.conf /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/usr/bin/cmp[dhcpcd-run-hook:17969] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17967] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.225528] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17970] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17967] uid/euid:0/0 gid/egid:0/0

Mar  2 17:19:45 g0n kernel: [65472.227069] grsec: (root:U:/bin/rm) exec of
/bin/rm (rm -f /run/dhcpcd/resolv.conf.virbr1.dhcp ) by
/bin/rm[dhcpcd-run-hook:17971] uid/euid:0/0 gid/egid:0/0, parent
/lib64/dhcpcd/dhcpcd-run-hooks[dhcpcd-run-hook:17967] uid/euid:0/0 gid/egid:0/0

Mar  2 17:20:01 g0n kernel: [65488.280635] grsec: (root:U:/usr/sbin/crond)
chdir to /root by /usr/sbin/crond[crond:17975] uid/euid:0/0 gid/egid:0/0,
parent /usr/sbin/crond[crond:3888] uid/euid:0/0 gid/egid:0/0

---