Date: Tue, 18 May 2004 22:59:55 +1000 From: Norberto Meijome <freebsd@meijome.net> To: freebsd-questions@freebsd.org Subject: ipf log line Message-ID: <40AA08CB.3070605@meijome.net>
next in thread | raw e-mail | index | archive | help
[ posted again after sending to security@ - sorry for those subscribing to both] Hi list, I saw this in my ipf.log (using ipfmon): 18/05/2004 15:57:21.092537 fxp0 @25:1 S w.x.y.z -> a.b.c.d PR tcp len 20 (40) frag 20@8 IN where : - fpx0 is my interface connected to the outside world - w.x.y.z is an IP not related to any system under our control - a.b.c.d is the public IP used for NATed traffic from our LAN. - @25:1 is : @1 block in log quick from any to any with short group 25 Does the "S" after @25:1 mean it was a packet too short to be a proper tcp packet? What does the frag 20@8 mean? Thanks in advance! Beto
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40AA08CB.3070605>