From owner-freebsd-questions Wed Nov 13 16:37:57 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D92637B401 for ; Wed, 13 Nov 2002 16:37:55 -0800 (PST) Received: from sccrmhc02.attbi.com (sccrmhc02.attbi.com [204.127.202.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id 066DC43E6E for ; Wed, 13 Nov 2002 16:37:55 -0800 (PST) (envelope-from fozekizer@attbi.com) Received: from hume ([12.210.153.247]) by sccrmhc02.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with SMTP id <20021114003530.YESF21905.sccrmhc02.attbi.com@hume>; Thu, 14 Nov 2002 00:35:30 +0000 From: "Charles Pelletier" To: "Shane Hickey" , Subject: RE: 9th field in ipmon logs Date: Wed, 13 Nov 2002 18:31:15 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <1037233201.12898.11.camel@daneel.volumen.net> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Charles Pelletier Tech. Coordinator St Luke's School Irving, TX > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Shane Hickey > Sent: Wednesday, November 13, 2002 6:20 PM > To: freebsd-questions@freebsd.org > Subject: 9th field in ipmon logs > > > Howdy all, I just replaced my Cisco PIX 506 firewall with a 5/66 FreeBSD > box and I'm feeling fine. I'm wading through the logs generated by > ipmon and I need to know where i can get some in-depth answers on the > 9th field (tcp flags and such). > > The man page explains a little bit and then refers you to the manpage > for ipf.conf. Well, I don't have any such manpage. Or if I do, I'm > blind. Anyway, I understand the tcp flags part, but what are the > numbers that come afterwards? > > For example, I'm guessing that an entry ending with "-A 972648548 > 385190336 53352 IN" is an ACK packet, but what do those numbers stand > for? The IN is because it is an inbound packet? > > Next I need to get my FreeBSD box to talk IPSec 3DEC to a Cisco PIX > 525. Can anyone give any pointers in that direction? > > Thanks, > > Shane > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message try here: www.obfuscation.org/ipf/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message