understanding ipflog

John Murphy jfm at blueyonder.co.uk
Tue Jun 12 14:31:32 BST 2001


Hi
I'm trying to understand all the information in ipflog (IPFilter log).
I can't seem to find a www tutorial and I think the ipf mailing list
would find this too basic a question for them.

I've indicated the values I don't understand below:
(Times removed for shorter lines)

ed0 @0:17 b 217.120.20.6,21 -> 62.31.194.122,21 PR tcp len 20 40 -SF IN
    ^^^^^                                       ^^            ^^ ^^^

One of the strangest entries I've seen is this:

ed0 @0:11 b 10.48.0.1 -> 62.31.194.122 PR icmp len 20 56 icmp 5/0 for =
62.31.194.122,21 - 62.31.194.67,1029 PR tcp

10.48.0.1 is the ISP's "UBR" (always the first hop on a traceroute).

TIA
John.




More information about the Ukfreebsd mailing list