• March 28, 2024, 10:47:00 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: 1 [2]

Author Topic: what is this every second more than 3 packets drop  (Read 13108 times)

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: what is this every second more than 3 packets drop
« Reply #15 on: September 27, 2014, 06:31:06 AM »

Hi,

if you do what I asked you for this could help to figure out, if your Internet access suffers from DOS attacks (pfirewall.log would show this the same way, your router log does) or if you really have a router problem.

PT
Logged

nikhil92

  • Level 1 Member
  • *
  • Posts: 11
Re: what is this every second more than 3 packets drop
« Reply #16 on: September 27, 2014, 06:41:06 AM »

ya i will do that but 1st help me to change fw

i cant able to change it
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: what is this every second more than 3 packets drop
« Reply #17 on: September 27, 2014, 07:12:22 AM »

Hi,

look here for background information.

The easiest way is to open a Windows Command Prompt (important: right click the Icon for Command prompt and select "Run as administrator") and enter the following command:

Code: [Select]
netsh advfirewall set allprofiles logging droppedconnections enable
Connect your Windows 8 PC to your modem. Wait a few minutes while surfing in the Internet.

Dropped packets will be logged in the file C:\Windows\System32\LogFiles\Firewall\pfirewall.log. If you are not allowed, to open it, just copy it to the desktop or somewhere else and open the copied file.

Stop logging by entering the following command in  a command prompt you started with administrative rights:

Code: [Select]
netsh advfirewall set allprofiles logging droppedconnections disable
Post the contents of your pfirewall.log here for inspection.

PT
« Last Edit: September 27, 2014, 07:14:02 AM by PacketTracer »
Logged

nikhil92

  • Level 1 Member
  • *
  • Posts: 11
Re: what is this every second more than 3 packets drop
« Reply #18 on: September 27, 2014, 07:54:44 AM »

#Version: 1.5
#Software: Microsoft Windows Firewall
#Time Format: Local
#Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path

2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 287 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 296 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 359 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 355 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 335 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 367 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 349 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 287 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 296 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 359 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 355 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 335 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 367 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 349 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 288 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 297 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 360 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 356 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 336 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 368 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 350 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 288 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 297 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 360 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 356 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 336 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 368 - - - - - - - RECEIVE
2014-09-27 20:06:23 DROP UDP 192.168.0.1 239.255.255.250 1159 1900 350 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 287 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 296 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 359 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 355 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 335 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 367 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 349 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 287 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 296 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 359 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 355 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 335 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 367 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 349 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 288 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 297 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 360 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 356 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 336 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 368 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 350 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 288 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 297 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 360 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 356 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 336 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 368 - - - - - - - RECEIVE
2014-09-27 20:15:23 DROP UDP 192.168.0.1 239.255.255.250 1239 1900 350 - - - - - - - RECEIVE

see  this with router

now i will try without router
« Last Edit: September 27, 2014, 08:02:18 AM by nikhil92 »
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: what is this every second more than 3 packets drop
« Reply #19 on: September 27, 2014, 08:34:26 AM »

Hi,

nothing exciting, it's just your router advertising its services via multicasts using SSDP protocol. Just a hint: For longer output use the ...

Code: [Select]
... "Insert Code" edit function "#", which includes a scrolling feature.
PT
« Last Edit: September 27, 2014, 08:39:12 AM by PacketTracer »
Logged

nikhil92

  • Level 1 Member
  • *
  • Posts: 11
Re: what is this every second more than 3 packets drop
« Reply #20 on: September 28, 2014, 02:13:38 AM »

hi i didnt get it
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: what is this every second more than 3 packets drop
« Reply #21 on: September 28, 2014, 06:32:03 AM »

Hi,

Quote
hi i didnt get it
--> some more details might be helpful.

Looking at your very first post, I used 'whois' to analyze, where the addresses belong to. If not spoofed, the four addresses seen in the log all belong to ISPs of your region:

  • 202.71.23.81 --> rkinfratel.com
  • 223.30.4.4 --> sifycorp.com
  • 117.220.167.32 --> bsnl.in
  • 1.23.189.147 --> tikona.in

Hence, addresses might belong to customer devices that may be part of a botnet used for DDOS attacks.

Here is another guy having a problem that looks quite similar to your's.

PT
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: what is this every second more than 3 packets drop
« Reply #22 on: October 20, 2014, 09:20:20 AM »

Any status on this?  ???

please help me

I am using Dlink 600L B1 2.04

i am facing problem
lots of packets are droping
my internet is working like **** because of this



now when i use router this happen but when i connect dircet cable connection my net nic or we can say work properly

i am using windows 8
isp cable connection (PPPoE) 1mb upload/download
Location india,mumbai
Factory Reset been performed many times
i uploaded  FW 2.04 again but same thing

Automatic Ip and Dns
connection allwys on

tried with firwall on and off same thing
tried with new ssid name

tried with different channels 6 or 11

i think i give you almost all info plz try to help me what shoud i do now
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: what is this every second more than 3 packets drop
« Reply #23 on: November 13, 2014, 12:36:49 PM »

Hi nikhil92,

not sure if you are still interested, ....

Quote
when i try to play online games is droping packets and ping increases

Last week I attended an IT meeting, where another participant, working in computer game industry, reported that DDOS attacks are weapons used by unfair gamers to thwart concurrent gamers.

Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: what is this every second more than 3 packets drop
« Reply #24 on: November 13, 2014, 12:47:06 PM »

Interesting that you note that. Often wondered what does on when gaming and lag and such is experienced. I presume attackers do pose a threat.  :-\

Hi nikhil92,

not sure if you are still interested, ....

Quote
when i try to play online games is droping packets and ping increases

Last week I attended an IT meeting, where another participant, working in computer game industry, reported that DDOS attacks are weapons used by unfair gamers to thwart concurrent gamers.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.
Pages: 1 [2]