Hotspot / Captive Portal

    Moin Moin,

    leider haben wir seit ca. 4 tagen das Problem das wir unseren Hotspot mit Captive Portal nicht mehr nutzen können. Es wurde nichts geändert oder umkonfiguriert. Wir kommen bis zum anmeldebildschirm, können Benutzername und Kennwort eintragen aber kommen dann nicht weiter. Es dreht die sanduhr und man kann stunden warten. In den logs haben wir folgendes gefunden:

    Web Proxy2013-04-05 11:29:25
    1080 192.168.100.9 TCP_MISS/200 2836 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlWeb Proxy2013-04-05 11:29:25
    1087 192.168.100.9 TCP_MISS/200 3657 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlFirewall2013-04-05 11:29:25
    PROXIES:HTTP-PROXY:- TCP (tun0) 192.168.100.9:52266 -> 192.168.100.254:80MAC= LEN=64 TOS=00 PREC=0x00 TTL=64 ID=11088 DF SEQ=112349861 ACK=0 WINDOW=65535 SYN URGP=0 Web Proxy2013-04-05 11:29:24
    505 127.0.0.1 TCP_MISS/200 2747 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 11:29:24
    506 127.0.0.1 TCP_MISS/200 3563 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlFirewall2013-04-05 11:29:23
    PROXIES:HTTP-PROXY:- TCP (tun0) 192.168.100.9:52265 -> 192.168.100.254:80MAC= LEN=64 TOS=00 PREC=0x00 TTL=64 ID=2407 DF SEQ=106361993 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:28:48
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.157:50119 -> 92.122.213.74:80 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=21243 DF SEQ=3362617069 ACK=0 WINDOW=8192 SYN URGP=0 Firewall2013-04-05 11:28:44
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=21237 LEN=69 System2013-04-05 11:28:24
    sudo: nobody TTY=unknown ; PWD=/home/httpd/cgi-bin ; USER=root ; COMMAND=/usr/bin/monit statusFirewall2013-04-05 11:28:10
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=21223 LEN=69 Firewall2013-04-05 11:27:36
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=21216 LEN=69 Firewall2013-04-05 11:26:52
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=21208 LEN=69 Antivirus2013-04-05 11:26:45
    clamd (28345) Self checking every 600 seconds. Antivirus2013-04-05 11:26:45
    clamd (28345) HTML support enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) PDF support enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) OLE2 support enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) Mail files support enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) Detection of broken executables enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) ELF support enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) Portable Executable support enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) Algorithmic detection enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) Archive support enabled. Antivirus2013-04-05 11:26:45
    clamd (28345) Limits: Files limit set to 1000. Antivirus2013-04-05 11:26:45
    clamd (28345) Limits: Recursion level limit set to 5. Antivirus2013-04-05 11:26:45
    clamd (28345) Limits: File size limit set to 26214400 bytes. Antivirus2013-04-05 11:26:45
    clamd (28345) Limits: Global size limit set to 52428800 bytes. Antivirus2013-04-05 11:26:45
    clamd (26974) TCP: Setting connection queue length to 30 Antivirus2013-04-05 11:26:45
    clamd (26974) TCP: Bound to address 127.0.0.1 on port 3310 Firewall2013-04-05 11:26:44
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.157:50118 -> 68.232.34.133:80 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=21098 DF SEQ=2586490676 ACK=0 WINDOW=8192 SYN URGP=0 Antivirus2013-04-05 11:26:44
    clamd (26974) Loaded 2087897 signatures. Firewall2013-04-05 11:26:14
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=21092 LEN=69 Firewall2013-04-05 11:26:04
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.157:50117 -> 212.227.109.221:80 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=21049 DF SEQ=742405160 ACK=0 WINDOW=8192 SYN URGP=0 Firewall2013-04-05 11:26:03
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.157:50116 -> 212.227.109.221:80 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=21032 DF SEQ=1870963406 ACK=0 WINDOW=8192 SYN URGP=0 Firewall2013-04-05 11:25:43
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.157:50115 -> 212.227.109.221:80 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=20993 DF SEQ=3172975771 ACK=0 WINDOW=8192 SYN URGP=0 Firewall2013-04-05 11:25:42
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.157:50114 -> 212.227.109.221:80 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=20978 DF SEQ=670689596 ACK=0 WINDOW=8192 SYN URGP=0 Firewall2013-04-05 11:25:42
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=20977 LEN=69 Firewall2013-04-05 11:25:08
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=20970 LEN=69 Firewall2013-04-05 11:24:55
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3405 -> 212.7.146.2:110 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44605 DF SEQ=3158289463 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:54
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3403 -> 62.214.80.83:110 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44590 DF SEQ=3460845324 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:43
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3372 -> 211.76.133.75:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44563 DF SEQ=301031215 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:39
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3401 -> 92.122.214.219:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44516 DF SEQ=2244114433 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:38
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3400 -> 94.245.70.51:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44514 DF SEQ=3271428341 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:38
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3398 -> 92.122.214.219:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44496 DF SEQ=846355252 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:38
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3397 -> 65.52.33.27:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44493 DF SEQ=1658752789 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:38
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3395 -> 65.55.58.195:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44476 DF SEQ=3429765018 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:37
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3393 -> 92.122.214.219:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44434 DF SEQ=3636116293 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:36
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3392 -> 86.109.254.101:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44432 DF SEQ=3645682576 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:36
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3372 -> 211.76.133.75:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44417 DF SEQ=301031215 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:36
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3390 -> 92.122.214.219:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44364 DF SEQ=3576359011 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3388 -> 62.214.9.142:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44357 DF SEQ=2920878111 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3386 -> 92.122.214.219:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44352 DF SEQ=3501743735 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3385 -> 94.245.115.213:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44345 DF SEQ=2494088428 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3383 -> 92.122.214.219:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44293 DF SEQ=890384535 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3382 -> 92.122.214.219:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44291 DF SEQ=796602808 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3381 -> 94.245.115.210:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44289 DF SEQ=4213108425 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3379 -> 94.245.115.210:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44274 DF SEQ=4059188231 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:35
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3377 -> 65.54.165.55:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44259 DF SEQ=1643733082 ACK=0 WINDOW=65535 SYN URGP=0 System2013-04-05 11:24:34
    dnsmasq (3765) using nameserver 62.72.64.237#53System2013-04-05 11:24:34
    dnsmasq (3765) using nameserver 62.72.64.241#53System2013-04-05 11:24:34
    dnsmasq (3765) reading /etc/dnsmasq/resolv.confFirewall2013-04-05 11:24:34
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3376 -> 65.54.165.55:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44252 DF SEQ=3915081446 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:34
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.11:3372 -> 211.76.133.75:80 (eth3) MAC=00:30:05:ba:2a:6f:ff:ff:08:00:0c:00 LEN=48 TOS=00 PREC=0x00 TTL=127 ID=44239 DF SEQ=301031215 ACK=0 WINDOW=65535 SYN URGP=0 Firewall2013-04-05 11:24:33
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=20956 LEN=69 Antivirus2013-04-05 11:24:21
    clamd (26974) Not loading PUA signatures. Antivirus2013-04-05 11:24:21
    clamd (26974) Reading databases from /usr/share/clamav Antivirus2013-04-05 11:24:21
    clamd (26974) Log file size limited to 2097152 bytes. Antivirus2013-04-05 11:24:21
    clamd (26974) Running as user clamav (UID 1000, GID 107) Antivirus2013-04-05 11:24:21
    clamd (26974) clamd daemon 0.96.5 (OS: linux-gnu, ARCH: i386, CPU: i586) System2013-04-05 11:24:02
    sudo: nobody TTY=unknown ; PWD=/home/httpd/cgi-bin ; USER=root ; COMMAND=/usr/local/bin/restartsquid.pyFirewall2013-04-05 11:24:00
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=20946 LEN=69 System2013-04-05 11:23:47
    sudo: nobody TTY=unknown ; PWD=/home/httpd/cgi-bin ; USER=root ; COMMAND=/usr/local/bin/restartsquid.py --forceSystem2013-04-05 11:23:31
    sudo: nobody TTY=unknown ; PWD=/home/httpd/cgi-bin ; USER=root ; COMMAND=/usr/bin/monit statusFirewall2013-04-05 11:23:28
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=20941 LEN=69 Firewall2013-04-05 11:23:09
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.12:49241 -> 17.146.232.26:80 (eth3) MAC=00:1d:72:e8:11:38:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=3719 DF SEQ=4191892047 ACK=0 WINDOW=8192 SYN URGP=0 Firewall2013-04-05 11:22:55
    OUTGOINGFW:ALLOW:1 UDP (br0) 192.168.0.157:55803 -> 94.245.121.251:3544 (eth3) MAC=e0:69:95:a6:bb:c5:ff:ff:08:00:0c:00 LEN=89 TOS=00 PREC=0x00 TTL=127 ID=20930 LEN=69 Firewall2013-04-05 11:22:51
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.12:49240 -> 192.221.125.254:80 (eth3) MAC=00:1d:72:e8:11:38:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=3469 DF SEQ=2158591284 ACK=0 WINDOW=8192 SYN URGP=0 Firewall2013-04-05 11:22:49
    OUTGOINGFW:ALLOW:1 TCP (br0) 192.168.0.12:49239 -> 80.239.216.51:80 (eth3) MAC=00:1d:72:e8:11:38:ff:ff:08:00:0c:00 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=3408 DF SEQ=1445042497 ACK=0 WINDOW=8192 SYN URGP=0 System2013-04-05 11:22:46
    sshd(pam_unix) (10064) session closed for user rootSystem2013-04-05 11:01:02
    fcron (21307) Job [ -x /bin/run-parts ] && run-parts --report /etc/cron.hourly completedSystem2013-04-05 11:01:00
    fcron (21307) Job [ -x /bin/run-parts ] && run-parts --report /etc/cron.hourly started for user root (pid 21308)System2013-04-05 10:51:02
    fcron (18549) Job [ -x /bin/run-parts ] && run-parts --report /etc/anacron.hourly completedSystem2013-04-05 10:50:39
    fcron (18549) Job [ -x /bin/run-parts ] && run-parts --report /etc/anacron.hourly started for user root (pid 18550)System2013-04-05 10:46:59
    mailfile (16384) "EFW-30100018"System2013-04-05 10:44:37
    backup-create Archive "/home/httpd/html/backup/backup-20130405104102-efw-127238711 7.localdomain-settings.tar.gz" successfully created!System2013-04-05 10:44:15
    backup-create Creating backup...System2013-04-05 10:41:02
    backup-create Prepare data for backup...Antivirus2013-04-05 10:37:23
    clamd (6985) TCP: bind() error: Address already in use Antivirus2013-04-05 10:36:40
    clamd (6985) Loaded 2087897 signatures. System2013-04-05 10:35:00
    fcron (7874) root"s [ -x /bin/run-parts ] && run-parts --report /etc/cron.cyclicSystem2013-04-05 10:34:37
    kernel Killed process 12643 (clamd)System2013-04-05 10:34:37
    kernel: Out of memory kill process 12643 (clamd) score 43467 or a childSystem2013-04-05 10:34:37
    kernel 823 pages pagetablesSystem2013-04-05 10:34:37
    kernel 1900 pages slabSystem2013-04-05 10:34:37
    kernel 806 pages mappedSystem2013-04-05 10:34:37
    kernel 0 pages writebackSystem2013-04-05 10:34:37
    kernel 0 pages dirtySystem2013-04-05 10:34:37
    kernel 240 pages swap cachedSystem2013-04-05 10:34:37
    kernel 12937 pages sharedSystem2013-04-05 10:34:37
    kernel 2354 reserved pagesSystem2013-04-05 10:34:37
    kernel 0 pages of HIGHMEMSystem2013-04-05 10:34:37
    kernel 130816 pages of RAMSystem2013-04-05 10:34:37
    kernel: Free swap 0kBSystem2013-04-05 10:34:37
    kernel Total swap = 524656kBSystem2013-04-05 10:34:37
    kernel Free swap = 0kBSystem2013-04-05 10:34:37
    kernel: Swap cache add 645682, delete 645442, find 72037/145407, race 0+21System2013-04-05 10:34:37
    kernel: Normal 25*4kB 3*8kB 1*16kB 0*32kB 1*64kB 0*128kB 0*256kB 1*512kB 0*1024kB 1*2048kB 0*4096kB = 2764kBSystem2013-04-05 10:34:37
    kernel: DMA 1*4kB 1*8kB 1*16kB 1*32kB 1*64kB 1*128kB 1*256kB 1*512kB 1*1024kB 0*2048kB 0*4096kB = 2044kBSystem2013-04-05 10:34:37
    kernel: lowmem_reserve[] 0 0 0System2013-04-05 10:34:37
    kernel Normal free:2764kB min:2788kB low:3484kB high:4180kB active:241924kB inactive:240060kB present:502920kB pages_scanned:769965 all_unreclaimable? yesSystem2013-04-05 10:34:37
    kernel: lowmem_reserve[] 0 491 491System2013-04-05 10:34:37
    kernel DMA free:2044kB min:88kB low:108kB high:132kB active:4764kB inactive:4616kB present:16256kB pages_scanned:14811 all_unreclaimable? yesSystem2013-04-05 10:34:37
    kernel free:1202 slab:1900 mapped:806 pagetables:823 bounce:0System2013-04-05 10:34:37
    kernel Active:61672 inactive:61169 dirty:0 writeback:0 unstable:0System2013-04-05 10:34:37
    kernel: CPU 0: Hot: hi: 186, btch: 31 usd: 18 Cold: hi: 62, btch: 15 usd 60System2013-04-05 10:34:37
    kernel Normal per-cpu:System2013-04-05 10:34:37
    kernel: CPU 0: Hot: hi: 0, btch: 1 usd: 0 Cold: hi: 0, btch: 1 usd 0System2013-04-05 10:34:37
    kernel DMA per-cpu:System2013-04-05 10:34:37
    kernel Mem-info:System2013-04-05 10:34:37
    kernel =======================System2013-04-05 10:34:37
    kernel [<c0660712>] error_code+0x72/0x80System2013-04-05 10:34:37
    kernel [<c0661dc0>] do_page_fault+0x0/0x620System2013-04-05 10:34:37
    kernel [<c0496a82>] sys_select+0x182/0x1b0Antivirus2013-04-05 10:28:42
    clamd (12642) No stats for Database check - forcing reload Antivirus2013-04-05 10:18:39
    clamd (12642) Self checking every 600 seconds. Antivirus2013-04-05 10:18:39
    clamd (12642) HTML support enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) PDF support enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) OLE2 support enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) Mail files support enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) Detection of broken executables enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) ELF support enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) Portable Executable support enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) Algorithmic detection enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) Archive support enabled. Antivirus2013-04-05 10:18:39
    clamd (12642) Limits: Files limit set to 1000. Antivirus2013-04-05 10:18:39
    clamd (12642) Limits: Recursion level limit set to 5. Antivirus2013-04-05 10:18:39
    clamd (12642) Limits: File size limit set to 26214400 bytes. Antivirus2013-04-05 10:18:39
    clamd (12642) Limits: Global size limit set to 52428800 bytes. Antivirus2013-04-05 10:18:39
    clamd (7026) TCP: Setting connection queue length to 30 Antivirus2013-04-05 10:18:39
    clamd (7026) TCP: Bound to address 127.0.0.1 on port 3310 Antivirus2013-04-05 10:18:28
    clamd (7026) Loaded 2087897 signatures. Antivirus2013-04-05 10:06:59
    clamd (7317) daemonize() failed: Cannot allocate memory Antivirus2013-04-05 10:06:59
    clamd (7317) TCP: Setting connection queue length to 30 Antivirus2013-04-05 10:06:59
    clamd (7317) TCP: Bound to address 127.0.0.1 on port 3310 Antivirus2013-04-05 10:06:44
    clamd (7317) Loaded 2087897 signatures. Antivirus2013-04-05 10:05:50
    clamd (7279) daemonize() failed: Cannot allocate memory Web Proxy2013-04-05 05:03:20
    771 127.0.0.1 TCP_MISS/200 2747 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlAntivirus2013-04-05 10:05:50
    clamd (7279) TCP: Setting connection queue length to 30 Web Proxy2013-04-05 04:35:00
    917 192.168.100.51 TCP_MISS/200 2836 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlAntivirus2013-04-05 10:05:50
    clamd (7279) TCP: Bound to address 127.0.0.1 on port 3310 Web Proxy2013-04-05 04:34:59
    456 127.0.0.1 TCP_MISS/200 2747 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlAntivirus2013-04-05 10:05:35
    clamd (7279) Loaded 2087897 signatures. OpenVPN2013-04-05 09:52:27
    openvpn[2353]: 89.246.130.184:54613 [tkraemer] Peer Connection Initiated with 89.246.130.184:54613OpenVPN2013-04-05 09:52:25
    openvpn[2353]: TCPv4_SERVER link remote: 89.246.130.184:54613OpenVPN2013-04-05 09:52:25
    openvpn[2353]: TCPv4_SERVER link local: [undef]OpenVPN2013-04-05 09:52:25
    openvpn[2353]: TCP connection established with 89.246.130.184:54613OpenVPN2013-04-05 09:52:25
    openvpn[2353]: LZO compression initializedOpenVPN2013-04-05 09:52:25
    openvpn[2353]: Re-using SSL/TLS contextOpenVPN2013-04-05 09:52:02
    openvpn[2353]: ENDOpenVPN2013-04-05 09:52:02
    openvpn[2353]: Max bcast/mcast queue length,0OpenVPN2013-04-05 09:52:02
    openvpn[2353]: GLOBAL STATSOpenVPN2013-04-05 09:52:02
    openvpn[2353]: Virtual Address,Common Name,Real Address,Last RefOpenVPN2013-04-05 09:52:02
    openvpn[2353]: ROUTING TABLEOpenVPN2013-04-05 09:52:02
    openvpn[2353]: Common Name,Real Address,Bytes Received,Bytes Sent,Connected SinceOpenVPN2013-04-05 09:52:02
    openvpn[2353]: Updated,Fri Apr 5 09:52:02 2013OpenVPN2013-04-05 09:52:02
    openvpn[2353]: OpenVPN CLIENT LISTOpenVPN2013-04-05 09:50:45
    openvpn[2353]: Initialization Sequence CompletedOpenVPN2013-04-05 09:50:45
    openvpn[2353]: TCPv4_SERVER link remote: [undef]OpenVPN2013-04-05 09:50:45
    openvpn[2353]: TCPv4_SERVER link local (bound): [undef]:443OpenVPN2013-04-05 09:50:45
    openvpn[2353]: Listening for incoming TCP connection on [undef]:443OpenVPN2013-04-05 09:50:45
    openvpn[2353]: UID set to openvpnOpenVPN2013-04-05 09:50:45
    openvpn[2353]: GID set to openvpnOpenVPN2013-04-05 09:50:45
    openvpn[2311]: TUN/TAP device tap0 openedOpenVPN2013-04-05 09:50:45
    openvpn[2311]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificateOpenVPN2013-04-05 09:50:45
    openvpn[2311]: WARNING: file "/var/efw/openvpn/pkcs12.p12" is group or others accessibleOpenVPN2013-04-05 09:50:40
    openvpn[2311]: NOTE: --script-security method="system" is deprecated due to the fact that passed parameters will be subject to shell expansionOpenVPN2013-04-05 09:50:40
    openvpn[2311]: NOTE: the current --script-security setting may allow this configuration to call user-defined scriptsOpenVPN2013-04-05 09:50:40
    openvpn[2311]: NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set toOpenVPN2013-04-05 09:50:39
    openvpn[2311]: OpenVPN 2.1_rc15 i586-pc-linux [SSL] [LZO2] [EPOLL] built on Aug 11 2009Web Proxy2013-04-05 09:40:10
    3 192.168.100.65 TCP_DENIED/403 3358 GET http://hotspot.endian.com/portal/welcome?loginurl=http%3a%2f %2fhotspot.endian.com%2fportal%2fwelcome%3fres%3dnotyet%26ua mip%3d192.168.100.254%26uamport%3d3990%26challenge%3d1627ab8 088dfdafcbd612db0ba532aec%26mac%3dB8-F6-B1-A4-E9-00%26ip%3d1 92.168.100.65%26called%3d00-60-E0-48-D5-6E%26nasid%3dnas01%2 6userurl%3dhttp%253a%252f%252fwww.apple.com%252flibrary%252f test%252fsuccess.html - NONE/- text/htmlWeb Proxy2013-04-05 09:40:10
    100 192.168.100.65 TCP_DENIED/403 3316 GET http://hotspot.endian.com/portal/welcome?loginurl=http%3a%2f %2fhotspot.endian.com%2fportal%2fwelcome%3fres%3dnotyet%26ua mip%3d192.168.100.254%26uamport%3d3990%26challenge%3ddae6571 6616b7a7c4f7713fcf6a6511f%26mac%3dB8-F6-B1-A4-E9-00%26ip%3d1 92.168.100.65%26called%3d00-60-E0-48-D5-6E%26nasid%3dnas01%2 6userurl%3dhttp%253a%252f%252fgsp1.apple.com%252fpep%252fgcc - NONE/- text/htmlOpenVPN2013-04-05 09:22:18
    openvpn[4811]: 192.168.0.10:51676 Connection reset, restarting [0]OpenVPN2013-04-05 09:22:18
    openvpn[4811]: TCPv4_SERVER link remote: 192.168.0.10:51676OpenVPN2013-04-05 09:22:18
    openvpn[4811]: TCPv4_SERVER link local: [undef]OpenVPN2013-04-05 09:22:18
    openvpn[4811]: TCP connection established with 192.168.0.10:51676OpenVPN2013-04-05 09:22:18
    openvpn[4811]: LZO compression initializedOpenVPN2013-04-05 09:22:18
    openvpn[4811]: Re-using SSL/TLS contextOpenVPN2013-04-05 09:22:17
    openvpn[4811]: 192.168.0.10:51675 Connection reset, restarting [0]OpenVPN2013-04-05 09:22:17
    openvpn[4811]: 192.168.0.10:51675 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1576 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attemping restart...]OpenVPN2013-04-05 09:22:17
    openvpn[4811]: TCPv4_SERVER link remote: 192.168.0.10:51675OpenVPN2013-04-05 09:22:17
    openvpn[4811]: TCPv4_SERVER link local: [undef]OpenVPN2013-04-05 09:22:17
    openvpn[4811]: TCP connection established with 192.168.0.10:51675OpenVPN2013-04-05 09:22:17
    openvpn[4811]: LZO compression initializedOpenVPN2013-04-05 09:22:17
    openvpn[4811]: Re-using SSL/TLS contextOpenVPN2013-04-05 09:22:16
    openvpn[4811]: 192.168.0.10:51672 Connection reset, restarting [0]OpenVPN2013-04-05 09:22:16
    openvpn[4811]: 192.168.0.10:51672 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1576 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attemping restart...]OpenVPN2013-04-05 09:22:16
    openvpn[4811]: TCPv4_SERVER link remote: 192.168.0.10:51672OpenVPN2013-04-05 09:22:16
    openvpn[4811]: TCPv4_SERVER link local: [undef]OpenVPN2013-04-05 09:22:16
    openvpn[4811]: TCP connection established with 192.168.0.10:51672OpenVPN2013-04-05 09:22:16
    openvpn[4811]: LZO compression initializedOpenVPN2013-04-05 09:22:16
    openvpn[4811]: Re-using SSL/TLS contextOpenVPN2013-04-05 09:22:15
    openvpn[4811]: 192.168.0.10:51671 Connection reset, restarting [0]OpenVPN2013-04-05 09:22:15
    openvpn[4811]: 192.168.0.10:51671 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1576 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attemping restart...]OpenVPN2013-04-05 09:22:15
    openvpn[4811]: TCPv4_SERVER link remote: 192.168.0.10:51671Web Proxy2013-04-05 08:40:47
    8662 192.168.100.62 TCP_MISS/200 2836 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlWeb Proxy2013-04-05 08:40:39
    271 127.0.0.1 TCP_MISS/200 2747 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 08:40:38
    453 192.168.100.62 TCP_MISS/200 3657 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlWeb Proxy2013-04-05 08:40:38
    243 127.0.0.1 TCP_MISS/200 3563 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 08:17:54
    265 192.168.100.61 TCP_MISS/000 0 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 -Web Proxy2013-04-05 08:17:54
    223 127.0.0.1 TCP_MISS/200 3563 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 08:17:54
    556 192.168.100.61 TCP_MISS/200 2836 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlWeb Proxy2013-04-05 08:17:54
    416 127.0.0.1 TCP_MISS/200 2747 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 07:48:12
    3094 192.168.100.60 TCP_MISS/200 3657 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlWeb Proxy2013-04-05 07:48:12
    2845 192.168.100.60 TCP_MISS/200 2836 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlWeb Proxy2013-04-05 07:48:11
    1649 127.0.0.1 TCP_MISS/200 2747 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 07:48:11
    1310 127.0.0.1 TCP_MISS/200 3563 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 07:18:24
    445 192.168.100.59 TCP_MISS/200 2836 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/htmlWeb Proxy2013-04-05 07:18:24
    388 127.0.0.1 TCP_MISS/200 2747 GET http://hotspot.endian.com/portal/welcome? - DIRECT/192.168.100.254 text/htmlWeb Proxy2013-04-05 07:00:29
    500 192.168.100.58 TCP_MISS/200 2836 GET http://hotspot.endian.com/portal/welcome? - FIRST_UP_PARENT/content1 text/html

    Leider hat das ausschlaten des Proxys nichts gebracht. Wir haben dann versuch eine alte Config rein zu schmeissen was auch nichts gebracht hat. Hat irgendjemand evt ne lösung dafür???

    MFG