understanding kernel log output

der.hans PLUGd@LuftHans.com
Thu, 12 Oct 2000 00:36:19 -0700 (MST)


Am 11. Oct, 2000 schwäzte Lucas Vogel so:

> Is there any documentation for understanding the output into the services
> file in the /var/log directory? I seem to be getting a lot of different
> requests for port 0 from all kinds of different ip addresses for some
> reason; in the last 5 minutes I have had over 2 dozen ip addresses be
> DENY'ed. I get output like this:
> Packet log: input DENY eth0 PROTO=24.69.13.250:8 24.1.221.97:0 L=28 S=0x00
> I=55837 F=0x0000 T=104 (#76)

I was running into this type of thing on the firewall at my girlfriend's
(cable modem). Proto probably isn't tcp or udp. Looks like you missed that
on the cut and paste as it should be between "PROTO=" and
"24.69.13.250:8".

Look at /etc/protocols to figure out what proto it is.

ciao,

der.hans
-- 
#  der.hans@LuftHans.com   home.pages.de/~lufthans/   www.Opnix.com
#  A Polish friend of mine got an offer for a free account from AOL. The
#  login ID was "HELLO" and the passwd "CYMBAL". She says "cymbal" is
#  Polish for "sucker". "Hello sucker" a greeting from AOHell :).