From owner-freebsd-security Sun Feb 4 23:47:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from easynet-gw.netvalue.fr (unknown [212.180.121.161]) by hub.freebsd.org (Postfix) with ESMTP id 5904337B6C4 for ; Sun, 4 Feb 2001 23:46:55 -0800 (PST) Received: from mail.netvalue.fr (unknown [192.168.1.13]) by easynet-gw.netvalue.fr (Postfix) with ESMTP id 0B9838C32 for ; Mon, 5 Feb 2001 08:48:54 +0100 (CET) Received: from mail-hk.netvalue.fr ([192.168.100.13]) by mail.netvalue.fr (Netscape Messaging Server 3.6) with ESMTP id AAA943 for ; Mon, 5 Feb 2001 08:46:12 +0100 Received: from erwan.netvalue.fr ([192.168.100.100]) by mail-hk.netvalue.fr (Netscape Messaging Server 4.15) with ESMTP id G89XKJ00.ISB; Mon, 5 Feb 2001 15:45:55 +0800 Received: from netvalue.com (localhost [127.0.0.1]) by erwan.netvalue.fr (Postfix) with ESMTP id 5C4FD198A; Mon, 5 Feb 2001 15:45:58 +0800 (HKT) Message-ID: <3A7E5A36.5A3B66EA@netvalue.com> Date: Mon, 05 Feb 2001 15:45:58 +0800 From: Erwan Arzur Organization: NetValue Ltd. X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en, fr-FR MIME-Version: 1.0 To: Sam Wun Cc: freebsd-security@FreeBSD.ORG Subject: Re: packets in ipmon References: <00c901c08a66$5f1ce3c0$0101a8c0@pavilion> <3A789196.B9771209@esec.com.au> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sam Wun wrote: > > Hi, > > I am wondering which part of the output from ipmon message indicate number of packets has been blocked? > for example: > > Feb 1 09:25:14 swun ipmon[55]: 09:25:14.540972 dc0 @0:18 b 203.21.85.29,631 -> 203.21.85.255,631 PR udp len 20 34816 IN > > Thanks > Sam > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message Feb 5 04:11:03 gate ipmon[229]: 04:11:03.386880 2x xl0 @0:33 b xxx.xxx.xxx.xxx , 25057 -> ^^ yyy.yyy.yyy.yyy,53 PR udp len 20 15616 IN It's just after the timestamp part. -- Erwan Arzur NetValue ltd. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message