understanding kernel log output

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: der.hans
Date:  
Subject: understanding kernel log output
Am 11. Oct, 2000 schwäzte Lucas Vogel so:

> Is there any documentation for understanding the output into the services
> file in the /var/log directory? I seem to be getting a lot of different
> requests for port 0 from all kinds of different ip addresses for some
> reason; in the last 5 minutes I have had over 2 dozen ip addresses be
> DENY'ed. I get output like this:
> Packet log: input DENY eth0 PROTO=24.69.13.250:8 24.1.221.97:0 L=28 S=0x00
> I=55837 F=0x0000 T=104 (#76)


I was running into this type of thing on the firewall at my girlfriend's
(cable modem). Proto probably isn't tcp or udp. Looks like you missed that
on the cut and paste as it should be between "PROTO=" and
"24.69.13.250:8".

Look at /etc/protocols to figure out what proto it is.

ciao,

der.hans
--
# home.pages.de/~lufthans/ www.Opnix.com
# A Polish friend of mine got an offer for a free account from AOL. The
# login ID was "HELLO" and the passwd "CYMBAL". She says "cymbal" is
# Polish for "sucker". "Hello sucker" a greeting from AOHell :).