You are looking at the IPTable firewall logs of a Honeywall.
In this case, an inbound attack infected the honeypot 192.168.1.101
with the Code Red II worm.  Once infected, the honeypot immediately
began scanning the Internet for victims.  The infected honeypot 
was left online for 5 hours to test Data Control. In this case the 
Honeywall was configured to permitted limit outbound TCP connections 
every hour.  We see this connection is met in the first one second of 
infection (remember, thousands of scans are going out every second).  
Once this limit is met, IPTables resets itself allowing however many 
connections per scale, or in this case 10 connections every hour, or 
one connection every six minutes.  Which you can see below.  In this case, 
the honeypot did find one vulnerable victim and attempted to infect him.  
However, snort_inline identified and blocked the attack.



Attack:
-------
Initial inbound infection of our honeypots.

Mar 28 16:39:54 laptop kernel: INBOUND TCP: IN=br0 PHYSIN=eth0 OUT=br0 PHYSOUT=vmnet1 SRC=218.4.94.218 DST=192.168.1.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=61857 DF PROTO=TCP SPT=3155 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 

Infection:
----------
Once infected, the honeypot immediately began scanning for vulnerable systems.
It reached its limit of 10 outbound TCP connections in the first one second.

Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.47.114 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=155 DF PROTO=TCP SPT=1030 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.194.72 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=156 DF PROTO=TCP SPT=1031 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.10.205 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=157 DF PROTO=TCP SPT=1032 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.38.181.90 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=158 DF PROTO=TCP SPT=1033 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.186.178.111 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=159 DF PROTO=TCP SPT=1034 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.79.174.133 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=160 DF PROTO=TCP SPT=1035 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.228.171.154 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=161 DF PROTO=TCP SPT=1036 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.120.168.175 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=162 DF PROTO=TCP SPT=1037 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.75.59.151 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=166 DF PROTO=TCP SPT=1038 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.162.251 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=167 DF PROTO=TCP SPT=1039 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:39:57 laptop kernel: Drop TCP after 10 attemptsIN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.229.65 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=168 DF PROTO=TCP SPT=1040 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 


Limit Met, Now One Connection Allowed Outbound Every Six Minutes.
-----------------------------------------------------------------
Once the limit was met, IPTables reset itself.  It then allowed 10 outbound
connections every hour.  This comes out to one connections allowed outbound
every six minutes.  All other attempts are blocked (remember, this is CD II,
so its scanning outbound like hell)

Mar 28 16:45:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.51.228 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=31979 DF PROTO=TCP SPT=3742 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:51:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.129.163.3 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=63871 DF PROTO=TCP SPT=2606 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 16:57:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.32.76 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=30392 DF PROTO=TCP SPT=1566 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:03:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.123.48.115 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=62629 DF PROTO=TCP SPT=4655 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:09:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.44.129 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=29184 DF PROTO=TCP SPT=3395 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:15:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.93.56 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=61198 DF PROTO=TCP SPT=2429 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:21:59 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.241.137.157 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=27720 DF PROTO=TCP SPT=1162 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:27:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.95.244 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59657 DF PROTO=TCP SPT=4045 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:33:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.125.175.138 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=26561 DF PROTO=TCP SPT=3466 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.208.177 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=58631 DF PROTO=TCP SPT=2184 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:39:57 laptop kernel: Drop TCP after 10 attemptsIN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.177.187 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=58636 DF PROTO=TCP SPT=2208 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 


Mar 28 17:45:58 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.103.61 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=25306 DF PROTO=TCP SPT=4943 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:51:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.43.177.130 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=57357 DF PROTO=TCP SPT=4141 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 17:57:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.33.254 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=24339 DF PROTO=TCP SPT=3094 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:03:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.69.148 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=56510 DF PROTO=TCP SPT=1902 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:09:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=124.249.179.24 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=23548 DF PROTO=TCP SPT=1119 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:15:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.141.167 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=55645 DF PROTO=TCP SPT=3939 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:21:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.61.206 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=22691 DF PROTO=TCP SPT=3174 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:27:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.252.48 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=54572 DF PROTO=TCP SPT=2044 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:33:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.215.240 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=20469 DF PROTO=TCP SPT=4651 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:39:58 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=166.22.115.164 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=52274 DF PROTO=TCP SPT=3443 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:39:58 laptop kernel: Drop TCP after 10 attemptsIN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=169.227.28.112 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=52275 DF PROTO=TCP SPT=3444 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 

Mar 28 18:45:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.239.6 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18403 DF PROTO=TCP SPT=2409 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:51:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.194.121.200 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=49889 DF PROTO=TCP SPT=1065 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 18:57:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=43.23.230.56 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=16084 DF PROTO=TCP SPT=3769 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:03:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.114.8.217 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=47823 DF PROTO=TCP SPT=2760 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:09:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.218.204 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=13845 DF PROTO=TCP SPT=1634 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:15:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.167.82 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=45410 DF PROTO=TCP SPT=4101 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:21:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.227.242.47 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=11671 DF PROTO=TCP SPT=3131 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:27:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.13.88.173 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=43275 DF PROTO=TCP SPT=1991 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:33:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.106.101 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=9309 DF PROTO=TCP SPT=4444 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.210.29.174 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=41102 DF PROTO=TCP SPT=3506 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:39:58 laptop kernel: Drop TCP after 10 attemptsIN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.66.232 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=41198 DF PROTO=TCP SPT=3599 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 

Mar 28 19:45:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.11.89.65 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=7189 DF PROTO=TCP SPT=2353 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:51:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=123.215.16.138 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=38693 DF PROTO=TCP SPT=1079 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 19:57:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=39.20.120.176 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=4964 DF PROTO=TCP SPT=3895 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:03:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.221.244.178 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=36536 DF PROTO=TCP SPT=2734 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:09:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.75.123.4 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=2400 DF PROTO=TCP SPT=1178 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:15:58 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.135.231.151 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=34248 DF PROTO=TCP SPT=3950 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:21:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.46.56 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=423 DF PROTO=TCP SPT=2896 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:27:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=111.174.170.208 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=31892 DF PROTO=TCP SPT=1769 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:33:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.135.13 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=63615 DF PROTO=TCP SPT=4275 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.2.226.2 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=29803 DF PROTO=TCP SPT=3247 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:39:58 laptop kernel: Drop TCP after 10 attemptsIN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.88.118 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=29842 DF PROTO=TCP SPT=3291 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 

Mar 28 20:45:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.184.48.116 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=61243 DF PROTO=TCP SPT=2122 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:51:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=211.130.52.80 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=27444 DF PROTO=TCP SPT=4608 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 20:57:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.232.161 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=59170 DF PROTO=TCP SPT=3607 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:03:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.122.130 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=25143 DF PROTO=TCP SPT=2477 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:09:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.83.40.212 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=56783 DF PROTO=TCP SPT=1253 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:15:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.29.36.151 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=22997 DF PROTO=TCP SPT=3961 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:21:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.160.159 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=54559 DF PROTO=TCP SPT=2610 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:27:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.154.66.154 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=20657 DF PROTO=TCP SPT=1586 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:33:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.70.217 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=52377 DF PROTO=TCP SPT=4317 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:39:57 laptop kernel: OUTBOUND CONN TCP: IN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=216.80.191.149 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18447 DF PROTO=TCP SPT=3184 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 
Mar 28 21:39:58 laptop kernel: Drop TCP after 10 attemptsIN=br0 PHYSIN=vmnet1 OUT=br0 PHYSOUT=eth0 SRC=192.168.1.101 DST=79.208.97.190 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=18582 DF PROTO=TCP SPT=3244 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0