Re: Log Entries with multiple PROTO fields?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 2004-03-17 at 16:10, Tim Evans wrote: [snipped]
> What do these kind of log message mean?  Note there are two PROTO fields:
> 
> Mar  8 08:19:43 kernel: IPT OUT_ICMP: IN= OUT=eth1 SRC=x.x.x.xDST=x.x.x.
> .x LEN=76 TOS=0x00 PREC=0xC0 TTL=64 ID=54844 PROTO=ICMP TYPE=11 CODE=0
> [SRC=x.x.x.x DST=x.x.x.x LEN=48 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=TCP
> SPT=110 DPT=4312 WINDOW=5840 RES=0x00 ACK SYN URGP=0 ]

this is an ICMP packet sent in response to the TCP packet which is
detailed inside []
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux