Format of ipchains packet log entries?

To: "Debian Firewalling Mailing List" <debian-firewall@lists.debian.org>
Subject: Format of ipchains packet log entries?
From: "Ralf G. R. Bergs" <rabe@RWTH-Aachen.DE>
Date: Tue, 18 Jan 2000 15:03:30 +0100
Message-id: <[🔎] E12AZDP-0004hp-00@ADSL-Bergs.RZ.RWTH-Aachen.DE>
Reply-to: "Ralf G. R. Bergs" <rabe@RWTH-Aachen.DE>

Hi there,

is there any documentation available about the format that ipchains uses to 
log rules that have "-l" set?

Here's a typical entry I find in kern.log:

Jan 18 12:50:48 <hostname> kernel: Packet log: input DENY atm0 PROTO=17 
212.159.138.104:137 tar.get.ho.st:137 L=78 S=0x00 I=49987 F=0x0000 T=117 

Everything up to the target portion is pretty obvious, but then I don't know 
for sure what the other tokens mean.

L=78 is probably the length of the packet, right? But what about the other 
fields?

Thanks for your insights,

Ralf


-- 
Sign the EU petition against SPAM:          L I N U X       .~.
http://www.politik-digital.de/spam/        The  Choice      /V\
                                            of a  GNU      /( )\
                                           Generation      ^^-^^

Reply to:

Follow-Ups:
- Re: Format of ipchains packet log entries?
  - From: Jim B <vader@conflict.net>

Prev by Date: Re: /proc/sys/net/ipv4/ip_forward
Next by Date: Re: Format of ipchains packet log entries?
Previous by thread: Re: /proc/sys/net/ipv4/ip_forward
Next by thread: Re: Format of ipchains packet log entries?
Index(es):
- Date
- Thread