Date: Tue, 18 May 2004 16:44:25 +1000 From: Norberto Meijome <freebsd@meijome.net> To: freebsd-security@freebsd.org Subject: Confirming my understanding of an ipf log line Message-ID: <40A9B0C9.4040208@meijome.net>
next in thread | raw e-mail | index | archive | help
Hi list, I saw this in my ipf.log (using ipfmon): 18/05/2004 15:57:21.092537 fxp0 @25:1 S w.x.y.z -> a.b.c.d PR tcp len 20 (40) frag 20@8 IN where : - fpx0 is my interface connected to the outside world - w.x.y.z is an IP not related to any system under our control - a.b.c.d is the public IP used for NATed traffic from our LAN. - @25:1 is : @1 block in log quick from any to any with short group 25 Does the "S" after @25:1 mean it was a packet too short to be true? What does the frag 20@8 mean? Thanks!! Beto
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40A9B0C9.4040208>