Re: Truncated firewall log entries.
From: Rincewind (rinso_at_unseen.edu)
Date: 07/11/05
- Next message: Chris Lowth: "Re: Recompiling the kernel"
- Previous message: dorantes_at_mac.com: "Re: gpg help"
- In reply to: Tauno Voipio: "Re: Truncated firewall log entries."
- Next in thread: scud: "Re: Truncated firewall log entries."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 11 Jul 2005 21:15:30 GMT
On Mon, 11 Jul 2005 20:19:04 +0000, Tauno Voipio mumbled something like
this:
> Rincewind wrote:
>> I was just checking my firewall logs and found these two entries in
>> among the usual rubbish:
>>
>> Jul 10 18:03:41 gateway kernel: IPTABLES-IN=eth1 OUT=
>> MAC=00:c0:26:a5:02:46:00:0e:39:d1:58:8c:08:00 SRC=134.241.122.135
>> DST=82.7.13.76 LEN=196 TOS=0x00 PREC=0x00 TTL=108 ID=26954 PROTO=46
<snip>
> The entries are not truncated: iptables cannot dissect the protocol 46 any
> further - it's not TCP or UDP traffic and as such there are no ports to
> report.
Ah, I see, thanks. I should have looked further.
IP Protocol 46 - RSVP
Which seems to be used by Windows 2000(and 2003 and XP?). I'm surprised I
haven't seen it showing up before, though.
--
Rinso
/\
/ \
/wizz\
~~~~~~~~~~~~
- Next message: Chris Lowth: "Re: Recompiling the kernel"
- Previous message: dorantes_at_mac.com: "Re: gpg help"
- In reply to: Tauno Voipio: "Re: Truncated firewall log entries."
- Next in thread: scud: "Re: Truncated firewall log entries."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
