4582.902:209): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 44.332933] audit: type=1400 audit(1757724583.283:210): avc: denied { mac_admin } for pid=2329 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 44.336213] audit: type=1401 audit(1757724583.283:210): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 44.339718] audit: type=1300 audit(1757724583.283:210): arch=c000003e syscall=188 success=no exit=-22 a0=c000964d80 a1=c000b36090 a2=c000964d50 a3=25 items=0 ppid=1 pid=2329 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 44.347346] audit: type=1327 audit(1757724583.283:210): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 44.355071] audit: type=1400 audit(1757724583.283:211): avc: denied { mac_admin } for pid=2329 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 44.361260] audit: type=1401 audit(1757724583.283:211): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 44.365025] audit: type=1300 audit(1757724583.283:211): arch=c000003e syscall=188 success=no exit=-22 a0=c00096da40 a1=c000b360a8 a2=c000964e10 a3=25 items=0 ppid=1 pid=2329 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 44.372309] audit: type=1327 audit(1757724583.283:211): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 44.379132] audit: type=1325 audit(1757724583.283:212): table=mangle:26 family=2 entries=2 op=nft_register_chain pid=2341 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 51.291599] kauditd_printk_skb: 40 callbacks suppressed [ 51.291602] audit: type=1131 audit(1757724590.239:226): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 52.713000] audit: type=1130 audit(1757724591.659:227): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 52.922755] audit: type=1400 audit(1757724591.870:228): avc: denied { mac_admin } for pid=2691 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 52.929085] audit: type=1401 audit(1757724591.870:228): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 52.932950] audit: type=1300 audit(1757724591.870:228): arch=c000003e syscall=188 success=no exit=-22 a0=c000830f60 a1=c000659fe0 a2=c000830f30 a3=25 items=0 ppid=1 pid=2691 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 52.942530] audit: type=1327 audit(1757724591.870:228): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 52.949838] audit: type=1400 audit(1757724591.870:229): avc: denied { mac_admin } for pid=2691 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 52.955315] audit: type=1401 audit(1757724591.870:229): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 52.958522] audit: type=1300 audit(1757724591.870:229): arch=c000003e syscall=188 success=no exit=-22 a0=c00082e600 a1=c0008aa000 a2=c000830ff0 a3=25 items=0 ppid=1 pid=2691 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 52.967287] audit: type=1327 audit(1757724591.870:229): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 58.080677] kauditd_printk_skb: 4 callbacks suppressed [ 58.080679] audit: type=1325 audit(1757724597.027:231): table=mangle:38 family=10 entries=1 op=nft_register_chain pid=2889 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 58.093661] audit: type=1325 audit(1757724597.029:232): table=mangle:39 family=2 entries=1 op=nft_register_chain pid=2890 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 58.104014] audit: type=1300 audit(1757724597.029:232): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffe9107ac40 a2=0 a3=7ffe9107ac2c items=0 ppid=2797 pid=2890 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 58.113648] audit: type=1327 audit(1757724597.029:232): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 58.119420] audit: type=1300 audit(1757724597.027:231): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffe6a0271b0 a2=0 a3=7ffe6a02719c items=0 ppid=2797 pid=2889 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 58.129874] audit: type=1327 audit(1757724597.027:231): proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 58.135078] audit: type=1325 audit(1757724597.055:233): table=nat:40 family=2 entries=1 op=nft_register_chain pid=2892 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 58.139387] audit: type=1300 audit(1757724597.055:233): arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffef755a7f0 a2=0 a3=7ffef755a7dc items=0 ppid=2797 pid=2892 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 58.147796] audit: type=1327 audit(1757724597.055:233): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 [ 58.152120] audit: type=1325 audit(1757724597.060:234): table=nat:41 family=10 entries=1 op=nft_register_chain pid=2893 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 70.588624] kauditd_printk_skb: 143 callbacks suppressed [ 70.588627] audit: type=1106 audit(1757724609.533:282): pid=2052 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 70.608428] audit: type=1104 audit(1757724609.533:283): pid=2052 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 70.636421] audit: type=1106 audit(1757724609.582:284): pid=2048 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 70.662389] audit: type=1104 audit(1757724609.593:285): pid=2048 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 70.684381] audit: type=1131 audit(1757724609.596:286): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.30.243:22-147.75.109.163:34830 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 72.364696] audit: type=1325 audit(1757724611.310:287): table=filter:89 family=2 entries=14 op=nft_register_rule pid=3251 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 72.370824] audit: type=1300 audit(1757724611.310:287): arch=c000003e syscall=46 success=yes exit=5248 a0=3 a1=7ffcc5c09cb0 a2=0 a3=7ffcc5c09c9c items=0 ppid=2797 pid=3251 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 72.398491] audit: type=1327 audit(1757724611.310:287): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 72.414081] audit: type=1325 audit(1757724611.344:288): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3251 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 72.420461] audit: type=1300 audit(1757724611.344:288): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffcc5c09cb0 a2=0 a3=0 items=0 ppid=2797 pid=3251 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 75.969190] kauditd_printk_skb: 19 callbacks suppressed [ 75.969193] audit: type=1325 audit(1757724614.914:295): table=filter:97 family=2 entries=20 op=nft_register_rule pid=3423 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 75.976481] audit: type=1300 audit(1757724614.914:295): arch=c000003e syscall=46 success=yes exit=8224 a0=3 a1=7ffd9197c820 a2=0 a3=7ffd9197c80c items=0 ppid=2797 pid=3423 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 75.988203] audit: type=1327 audit(1757724614.914:295): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 75.996413] audit: type=1325 audit(1757724614.941:296): table=nat:98 family=2 entries=12 op=nft_register_rule pid=3423 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 76.002526] audit: type=1300 audit(1757724614.941:296): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffd9197c820 a2=0 a3=0 items=0 ppid=2797 pid=3423 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 76.011411] audit: type=1327 audit(1757724614.941:296): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 79.255110] audit: type=1325 audit(1757724618.200:297): table=filter:99 family=2 entries=21 op=nft_register_rule pid=3470 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 79.265861] audit: type=1300 audit(1757724618.200:297): arch=c000003e syscall=46 success=yes exit=7480 a0=3 a1=7ffda72a9c10 a2=0 a3=7ffda72a9bfc items=0 ppid=2797 pid=3470 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 79.279868] audit: type=1327 audit(1757724618.200:297): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 79.308795] audit: type=1325 audit(1757724618.253:298): table=nat:100 family=2 entries=19 op=nft_register_chain pid=3470 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 93.186940] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 93.188883] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 94.879975] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 94.881991] IPv6: ADDRCONF(NETDEV_CHANGE): cali2d162fef528: link becomes ready [ 95.049810] kauditd_printk_skb: 2 callbacks suppressed [ 95.049813] audit: type=1400 audit(1757724633.995:299): avc: denied { write } for pid=4222 comm="tee" name="fd" dev="proc" ino=25233 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 95.062759] audit: type=1300 audit(1757724633.995:299): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffd66ddf7e5 a2=241 a3=1b6 items=1 ppid=4199 pid=4222 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 95.073399] audit: type=1307 audit(1757724633.995:299): cwd="/etc/service/enabled/cni/log" [ 95.080525] audit: type=1302 audit(1757724633.995:299): item=0 name="/dev/fd/63" inode=25228 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 95.092831] audit: type=1327 audit(1757724633.995:299): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 95.126283] audit: type=1400 audit(1757724634.071:300): avc: denied { write } for pid=4237 comm="tee" name="fd" dev="proc" ino=26154 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 95.138468] audit: type=1300 audit(1757724634.071:300): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffe636527e3 a2=241 a3=1b6 items=1 ppid=4192 pid=4237 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 95.148913] audit: type=1307 audit(1757724634.071:300): cwd="/etc/service/enabled/bird6/log" [ 95.152029] audit: type=1302 audit(1757724634.071:300): item=0 name="/dev/fd/63" inode=26138 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 95.161550] audit: type=1327 audit(1757724634.071:300): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:35 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:36 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:37 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: [ 100.525146] kauditd_printk_skb: 547 callbacks suppressed [ 100.525150] audit: type=1325 audit(1757724639.470:408): table=filter:105 family=2 entries=19 op=nft_register_rule pid=4615 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 100.529624] audit: type=1300 audit(1757724639.470:408): arch=c000003e syscall=46 success=yes exit=6736 a0=3 a1=7ffd9a553090 a2=0 a3=7ffd9a55307c items=0 ppid=2797 pid=4615 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 100.537533] audit: type=1327 audit(1757724639.470:408): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 100.540818] audit: type=1325 audit(1757724639.482:409): table=nat:106 family=2 entries=21 op=nft_register_chain pid=4615 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 100.548491] audit: type=1300 audit(1757724639.482:409): arch=c000003e syscall=46 success=yes exit=7044 a0=3 a1=7ffd9a553090 a2=0 a3=7ffd9a55307c items=0 ppid=2797 pid=4615 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 100.557545] audit: type=1327 audit(1757724639.482:409): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 100.806984] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 100.808128] IPv6: ADDRCONF(NETDEV_CHANGE): calibd2bb636d7a: link becomes ready [ 101.065838] audit: type=1325 audit(1757724640.009:410): table=filter:107 family=2 entries=36 op=nft_register_chain pid=4702 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 101.071833] audit: type=1300 audit(1757724640.009:410): arch=c000003e syscall=46 success=yes exit=19576 a0=3 a1=7fff7e0aab90 a2=0 a3=7fff7e0aab7c items=0 ppid=4202 pid=4702 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 101.093139] audit: type=1327 audit(1757724640.009:410): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 101.104622] IPv6: ADDRCONF(NETDEV_CHANGE): cali832bff5e98b: link becomes ready [ 101.182803] audit: type=1325 audit(1757724640.127:411): table=filter:108 family=2 entries=48 op=nft_register_chain pid=4724 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 101.224118] IPv6: ADDRCONF(NETDEV_CHANGE): cali08f62cf9d8d: link becomes ready [ 101.352749] IPv6: ADDRCONF(NETDEV_CHANGE): cali0b38c8fd994: link becomes ready [ 101.888933] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 101.891256] IPv6: ADDRCONF(NETDEV_CHANGE): calibebe9621c50: link becomes ready [ 102.677385] IPv6: ADDRCONF(NETDEV_CHANGE): calib574b3b1eb5: link becomes ready This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:42 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: [ 104.069136] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 104.070496] IPv6: ADDRCONF(NETDEV_CHANGE): cali08cadfaa167: link becomes ready This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:43 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:44 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:45 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: This is ip-172-31-30-243 (Linux x86_64 5.15.192-flatcar) 00:50:46 SSH host key: SHA256:vQvgDKrx9waK9PQqTcpEifxrp1HTHN5d+UMg104hdyY (RSA) SSH host key: SHA256:v5GVNDQfOwW1020dCpsG3Po2JmoFLl2PJN0oT/yORdY (ECDSA) SSH host key: SHA256:w0Dgt+pZ9cZmxF/EOjAby4N07I6d+6wbt0Qg8OJSEFE (ED25519) eth0: 172.31.30.243 fe80::417:7cff:fe1e:df5d ip-172-31-30-243 login: [ 107.878419] kauditd_printk_skb: 52 callbacks suppressed [ 107.878422] audit: type=1325 audit(1757724646.823:434): table=filter:122 family=2 entries=12 op=nft_register_rule pid=5322 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 107.883396] audit: type=1300 audit(1757724646.823:434): arch=c000003e syscall=46 success=yes exit=4504 a0=3 a1=7ffd45979010 a2=0 a3=7ffd45978ffc items=0 ppid=2797 pid=5322 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 107.890147] audit: type=1327 audit(1757724646.823:434): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 107.895678] audit: type=1325 audit(1757724646.838:435): table=nat:123 family=2 entries=22 op=nft_register_rule pid=5322 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 107.899685] audit: type=1300 audit(1757724646.838:435): arch=c000003e syscall=46 success=yes exit=6540 a0=3 a1=7ffd45979010 a2=0 a3=7ffd45978ffc items=0 ppid=2797 pid=5322 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 107.909365] audit: type=1327 audit(1757724646.838:435): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 108.173163] audit: type=1130 audit(1757724647.118:436): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.30.243:22-147.75.109.163:43528 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 108.460059] audit: type=1101 audit(1757724647.405:437): pid=5343 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 108.467129] audit: type=1103 audit(1757724647.412:438): pid=5343 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 108.471750] audit: type=1006 audit(1757724647.412:439): pid=5343 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 115.235453] kauditd_printk_skb: 7 callbacks suppressed [ 115.235456] audit: type=1130 audit(1757724654.179:445): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.30.243:22-147.75.109.163:32962 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 115.552308] audit: type=1101 audit(1757724654.495:446): pid=5612 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 115.587955] audit: type=1103 audit(1757724654.509:447): pid=5612 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 115.609307] audit: type=1006 audit(1757724654.509:448): pid=5612 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 115.615189] audit: type=1300 audit(1757724654.509:448): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe4f35fe10 a2=3 a3=0 items=0 ppid=1 pid=5612 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 115.626587] audit: type=1327 audit(1757724654.509:448): proctitle=737368643A20636F7265205B707269765D [ 115.679263] audit: type=1105 audit(1757724654.623:449): pid=5612 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 115.697694] audit: type=1103 audit(1757724654.623:450): pid=5673 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 117.906752] audit: type=1106 audit(1757724656.851:451): pid=5612 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 117.922002] audit: type=1104 audit(1757724656.861:452): pid=5612 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 120.546670] kauditd_printk_skb: 9 callbacks suppressed [ 120.546673] audit: type=1130 audit(1757724659.491:460): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@11-172.31.30.243:22-147.75.109.163:32986 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 120.557115] audit: type=1106 audit(1757724659.501:461): pid=5793 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 120.576889] audit: type=1104 audit(1757724659.520:462): pid=5793 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 120.635313] audit: type=1131 audit(1757724659.579:463): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.30.243:22-147.75.109.163:32978 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 120.690067] audit: type=1325 audit(1757724659.634:464): table=filter:124 family=2 entries=12 op=nft_register_rule pid=5964 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 120.697068] audit: type=1300 audit(1757724659.634:464): arch=c000003e syscall=46 success=yes exit=4504 a0=3 a1=7fffb6420b60 a2=0 a3=7fffb6420b4c items=0 ppid=2797 pid=5964 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 120.708553] audit: type=1327 audit(1757724659.634:464): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 120.715437] audit: type=1325 audit(1757724659.659:465): table=nat:125 family=2 entries=22 op=nft_register_rule pid=5964 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 120.721656] audit: type=1300 audit(1757724659.659:465): arch=c000003e syscall=46 success=yes exit=6540 a0=3 a1=7fffb6420b60 a2=0 a3=7fffb6420b4c items=0 ppid=2797 pid=5964 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 120.732265] audit: type=1327 audit(1757724659.659:465): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 125.838743] kauditd_printk_skb: 7 callbacks suppressed [ 125.838746] audit: type=1325 audit(1757724664.782:471): table=filter:126 family=2 entries=11 op=nft_register_rule pid=6045 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 125.847926] audit: type=1300 audit(1757724664.782:471): arch=c000003e syscall=46 success=yes exit=3760 a0=3 a1=7fffa06b9090 a2=0 a3=7fffa06b907c items=0 ppid=2797 pid=6045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 125.860069] audit: type=1327 audit(1757724664.782:471): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 125.871865] audit: type=1325 audit(1757724664.814:472): table=nat:127 family=2 entries=29 op=nft_register_chain pid=6045 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 125.878149] audit: type=1300 audit(1757724664.814:472): arch=c000003e syscall=46 success=yes exit=10116 a0=3 a1=7fffa06b9090 a2=0 a3=7fffa06b907c items=0 ppid=2797 pid=6045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 125.894461] audit: type=1327 audit(1757724664.814:472): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 127.699507] audit: type=1106 audit(1757724666.644:473): pid=5961 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.709616] audit: type=1104 audit(1757724666.653:474): pid=5961 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.741612] audit: type=1131 audit(1757724666.686:475): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@11-172.31.30.243:22-147.75.109.163:32986 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 128.114931] audit: type=1325 audit(1757724667.058:476): table=filter:128 family=2 entries=10 op=nft_register_rule pid=6050 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 132.660821] kauditd_printk_skb: 11 callbacks suppressed [ 132.660824] audit: type=1130 audit(1757724671.606:480): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.30.243:22-147.75.109.163:38346 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 132.945285] audit: type=1101 audit(1757724671.891:481): pid=6053 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 132.959380] audit: type=1103 audit(1757724671.904:482): pid=6053 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 132.971056] audit: type=1006 audit(1757724671.904:483): pid=6053 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 132.976592] audit: type=1300 audit(1757724671.904:483): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffe35eedb0 a2=3 a3=0 items=0 ppid=1 pid=6053 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 132.984991] audit: type=1327 audit(1757724671.904:483): proctitle=737368643A20636F7265205B707269765D [ 133.026061] audit: type=1105 audit(1757724671.971:484): pid=6053 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.036605] audit: type=1103 audit(1757724671.982:485): pid=6056 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 134.206750] audit: type=1106 audit(1757724673.152:486): pid=6053 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 134.217908] audit: type=1104 audit(1757724673.152:487): pid=6053 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.884873] kauditd_printk_skb: 20 callbacks suppressed [ 144.884876] audit: type=1325 audit(1757724683.830:504): table=filter:132 family=2 entries=22 op=nft_register_rule pid=6098 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 144.892194] audit: type=1300 audit(1757724683.830:504): arch=c000003e syscall=46 success=yes exit=12688 a0=3 a1=7ffc8fb04bc0 a2=0 a3=7ffc8fb04bac items=0 ppid=2797 pid=6098 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 144.900506] audit: type=1327 audit(1757724683.830:504): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 144.934055] audit: type=1325 audit(1757724683.879:505): table=nat:133 family=2 entries=24 op=nft_register_rule pid=6098 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 144.943266] audit: type=1300 audit(1757724683.879:505): arch=c000003e syscall=46 success=yes exit=7308 a0=3 a1=7ffc8fb04bc0 a2=0 a3=0 items=0 ppid=2797 pid=6098 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 144.952919] audit: type=1327 audit(1757724683.879:505): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 149.725740] audit: type=1325 audit(1757724688.671:506): table=filter:134 family=2 entries=34 op=nft_register_rule pid=6103 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 149.730180] audit: type=1300 audit(1757724688.671:506): arch=c000003e syscall=46 success=yes exit=12688 a0=3 a1=7ffea49084a0 a2=0 a3=7ffea490848c items=0 ppid=2797 pid=6103 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 149.739533] audit: type=1327 audit(1757724688.671:506): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 149.773751] audit: type=1325 audit(1757724688.717:507): table=nat:135 family=2 entries=24 op=nft_register_rule pid=6103 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 152.891666] kauditd_printk_skb: 2 callbacks suppressed [ 152.891670] audit: type=1130 audit(1757724691.837:508): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.30.243:22-147.75.109.163:51458 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 152.997831] audit: type=1106 audit(1757724691.943:509): pid=6076 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.021331] audit: type=1104 audit(1757724691.952:510): pid=6076 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.031754] audit: type=1131 audit(1757724691.956:511): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.30.243:22-147.75.109.163:38352 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 153.262141] audit: type=1101 audit(1757724692.208:512): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.271436] audit: type=1103 audit(1757724692.216:513): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.286337] audit: type=1006 audit(1757724692.216:514): pid=6131 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 153.299553] audit: type=1300 audit(1757724692.216:514): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff5aa3ef90 a2=3 a3=0 items=0 ppid=1 pid=6131 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 153.311475] audit: type=1327 audit(1757724692.216:514): proctitle=737368643A20636F7265205B707269765D [ 153.326624] audit: type=1105 audit(1757724692.270:515): pid=6131 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 160.056760] kauditd_printk_skb: 1 callbacks suppressed [ 160.056763] audit: type=1106 audit(1757724699.002:517): pid=6131 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 160.071279] audit: type=1104 audit(1757724699.016:518): pid=6131 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 160.094625] audit: type=1130 audit(1757724699.038:519): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.30.243:22-147.75.109.163:51460 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 160.106697] audit: type=1131 audit(1757724699.049:520): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.30.243:22-147.75.109.163:51458 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 160.337537] audit: type=1101 audit(1757724699.283:521): pid=6221 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 160.351509] audit: type=1103 audit(1757724699.293:522): pid=6221 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 160.361476] audit: type=1006 audit(1757724699.293:523): pid=6221 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 160.367337] audit: type=1300 audit(1757724699.293:523): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff07719f50 a2=3 a3=0 items=0 ppid=1 pid=6221 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 160.377796] audit: type=1327 audit(1757724699.293:523): proctitle=737368643A20636F7265205B707269765D [ 160.391775] audit: type=1105 audit(1757724699.337:524): pid=6221 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.677189] kauditd_printk_skb: 4 callbacks suppressed [ 167.677192] audit: type=1130 audit(1757724706.623:529): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.30.243:22-147.75.109.163:35226 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 167.939341] audit: type=1101 audit(1757724706.885:530): pid=6290 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.948523] audit: type=1103 audit(1757724706.894:531): pid=6290 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.957209] audit: type=1006 audit(1757724706.894:532): pid=6290 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 167.962284] audit: type=1300 audit(1757724706.894:532): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd94dbaa30 a2=3 a3=0 items=0 ppid=1 pid=6290 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 167.969543] audit: type=1327 audit(1757724706.894:532): proctitle=737368643A20636F7265205B707269765D [ 168.008718] audit: type=1105 audit(1757724706.953:533): pid=6290 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 168.018138] audit: type=1103 audit(1757724706.957:534): pid=6293 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.171928] audit: type=1106 audit(1757724708.117:535): pid=6290 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.180950] audit: type=1104 audit(1757724708.118:536): pid=6290 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.197352] kauditd_printk_skb: 1 callbacks suppressed [ 174.197355] audit: type=1130 audit(1757724713.143:538): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.30.243:22-147.75.109.163:56968 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 174.468677] audit: type=1101 audit(1757724713.414:539): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.481512] audit: type=1103 audit(1757724713.427:540): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.489478] audit: type=1006 audit(1757724713.427:541): pid=6306 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=19 res=1 [ 174.495200] audit: type=1300 audit(1757724713.427:541): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc89a49dd0 a2=3 a3=0 items=0 ppid=1 pid=6306 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 174.504257] audit: type=1327 audit(1757724713.427:541): proctitle=737368643A20636F7265205B707269765D [ 174.519607] audit: type=1105 audit(1757724713.465:542): pid=6306 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.529606] audit: type=1103 audit(1757724713.474:543): pid=6309 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 175.404174] audit: type=1106 audit(1757724714.350:544): pid=6306 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 175.414124] audit: type=1104 audit(1757724714.350:545): pid=6306 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 180.468180] kauditd_printk_skb: 1 callbacks suppressed [ 180.468183] audit: type=1130 audit(1757724719.414:547): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.30.243:22-147.75.109.163:56976 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 180.797943] audit: type=1101 audit(1757724719.743:548): pid=6367 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 180.808130] audit: type=1103 audit(1757724719.754:549): pid=6367 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 180.816785] audit: type=1006 audit(1757724719.754:550): pid=6367 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 180.820924] audit: type=1300 audit(1757724719.754:550): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffde1fc12b0 a2=3 a3=0 items=0 ppid=1 pid=6367 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 180.830045] audit: type=1327 audit(1757724719.754:550): proctitle=737368643A20636F7265205B707269765D [ 180.864200] audit: type=1105 audit(1757724719.809:551): pid=6367 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 180.876090] audit: type=1103 audit(1757724719.820:552): pid=6370 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 183.908526] audit: type=1325 audit(1757724722.847:553): table=filter:136 family=2 entries=33 op=nft_register_rule pid=6383 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 183.927831] audit: type=1300 audit(1757724722.847:553): arch=c000003e syscall=46 success=yes exit=11944 a0=3 a1=7ffca4ae7a60 a2=0 a3=7ffca4ae7a4c items=0 ppid=2797 pid=6383 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 188.780700] kauditd_printk_skb: 4 callbacks suppressed [ 188.780703] audit: type=1106 audit(1757724727.726:555): pid=6367 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.801436] audit: type=1104 audit(1757724727.736:556): pid=6367 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.845080] audit: type=1131 audit(1757724727.779:557): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.30.243:22-147.75.109.163:56976 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 190.900306] audit: type=1325 audit(1757724729.846:558): table=filter:138 family=2 entries=20 op=nft_register_rule pid=6419 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.908046] audit: type=1300 audit(1757724729.846:558): arch=c000003e syscall=46 success=yes exit=3016 a0=3 a1=7ffed3e54f70 a2=0 a3=7ffed3e54f5c items=0 ppid=2797 pid=6419 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.919536] audit: type=1327 audit(1757724729.846:558): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 190.929800] audit: type=1325 audit(1757724729.874:559): table=nat:139 family=2 entries=110 op=nft_register_chain pid=6419 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.947912] audit: type=1300 audit(1757724729.874:559): arch=c000003e syscall=46 success=yes exit=50988 a0=3 a1=7ffed3e54f70 a2=0 a3=7ffed3e54f5c items=0 ppid=2797 pid=6419 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.962084] audit: type=1327 audit(1757724729.874:559): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 193.770432] audit: type=1130 audit(1757724732.716:560): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.30.243:22-147.75.109.163:34812 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 194.094364] audit: type=1101 audit(1757724733.040:561): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 194.108418] audit: type=1103 audit(1757724733.051:562): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 194.132766] audit: type=1006 audit(1757724733.051:563): pid=6442 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 194.141016] audit: type=1300 audit(1757724733.051:563): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc6b4960d0 a2=3 a3=0 items=0 ppid=1 pid=6442 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 194.151791] audit: type=1327 audit(1757724733.051:563): proctitle=737368643A20636F7265205B707269765D [ 194.188211] audit: type=1105 audit(1757724733.134:564): pid=6442 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 194.204593] audit: type=1103 audit(1757724733.137:565): pid=6445 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 195.496955] audit: type=1106 audit(1757724734.442:566): pid=6442 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 195.508946] audit: type=1104 audit(1757724734.443:567): pid=6442 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 195.519664] audit: type=1131 audit(1757724734.455:568): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.30.243:22-147.75.109.163:34812 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 200.533575] audit: type=1130 audit(1757724739.479:569): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.30.243:22-147.75.109.163:34828 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 200.856445] audit: type=1101 audit(1757724739.800:570): pid=6455 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 200.876090] audit: type=1103 audit(1757724739.814:571): pid=6455 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 200.901527] audit: type=1006 audit(1757724739.815:572): pid=6455 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 200.919930] audit: type=1300 audit(1757724739.815:572): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe09418a20 a2=3 a3=0 items=0 ppid=1 pid=6455 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 200.945940] audit: type=1327 audit(1757724739.815:572): proctitle=737368643A20636F7265205B707269765D [ 200.950225] audit: type=1105 audit(1757724739.860:573): pid=6455 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 200.963951] audit: type=1103 audit(1757724739.862:574): pid=6458 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.824208] audit: type=1106 audit(1757724740.769:575): pid=6455 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.837523] audit: type=1104 audit(1757724740.769:576): pid=6455 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 206.858560] kauditd_printk_skb: 1 callbacks suppressed [ 206.858563] audit: type=1130 audit(1757724745.804:578): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.30.243:22-147.75.109.163:60550 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 207.171474] audit: type=1101 audit(1757724746.117:579): pid=6507 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 207.182947] audit: type=1103 audit(1757724746.127:580): pid=6507 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 207.193623] audit: type=1006 audit(1757724746.127:581): pid=6507 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 207.199956] audit: type=1300 audit(1757724746.127:581): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc236faa60 a2=3 a3=0 items=0 ppid=1 pid=6507 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 207.211165] audit: type=1327 audit(1757724746.127:581): proctitle=737368643A20636F7265205B707269765D [ 207.270732] audit: type=1105 audit(1757724746.216:582): pid=6507 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 207.283340] audit: type=1103 audit(1757724746.219:583): pid=6510 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 208.250775] audit: type=1106 audit(1757724747.196:584): pid=6507 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 208.266858] audit: type=1104 audit(1757724747.196:585): pid=6507 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 213.284672] kauditd_printk_skb: 1 callbacks suppressed [ 213.284675] audit: type=1130 audit(1757724752.229:587): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.30.243:22-147.75.109.163:42138 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 213.586070] audit: type=1101 audit(1757724752.532:588): pid=6544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 213.596840] audit: type=1103 audit(1757724752.542:589): pid=6544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 213.610809] audit: type=1006 audit(1757724752.542:590): pid=6544 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 213.616190] audit: type=1300 audit(1757724752.542:590): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc8e9d9fd0 a2=3 a3=0 items=0 ppid=1 pid=6544 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 213.627155] audit: type=1327 audit(1757724752.542:590): proctitle=737368643A20636F7265205B707269765D [ 213.657211] audit: type=1105 audit(1757724752.603:591): pid=6544 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 213.672106] audit: type=1103 audit(1757724752.615:592): pid=6547 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.969756] audit: type=1106 audit(1757724753.915:593): pid=6544 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.984309] audit: type=1104 audit(1757724753.927:594): pid=6544 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.018562] kauditd_printk_skb: 1 callbacks suppressed [ 220.018565] audit: type=1130 audit(1757724758.964:596): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.30.243:22-147.75.109.163:42154 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 220.374057] audit: type=1101 audit(1757724759.318:597): pid=6581 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.382341] audit: type=1103 audit(1757724759.325:598): pid=6581 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.396909] audit: type=1006 audit(1757724759.325:599): pid=6581 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 220.403454] audit: type=1300 audit(1757724759.325:599): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb30733f0 a2=3 a3=0 items=0 ppid=1 pid=6581 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 220.412157] audit: type=1327 audit(1757724759.325:599): proctitle=737368643A20636F7265205B707269765D [ 220.452570] audit: type=1105 audit(1757724759.398:600): pid=6581 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.463527] audit: type=1103 audit(1757724759.398:601): pid=6585 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 222.786270] audit: type=1106 audit(1757724761.732:602): pid=6581 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 222.796709] audit: type=1104 audit(1757724761.742:603): pid=6581 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success'