LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-23-2008, 01:59 AM   #1
procfs
Member
 
Registered: Jan 2006
Location: Sri Lanka
Posts: 601

Rep: Reputation: 34
How to read iptables logs


Hi

I was able to activate iptables loggin. how do I interpret the logs I dont understand the nmotations

I can recodnice like TYPE, TTL etc. is there a document that will explains all the columns at least what they stand for

Thanks

Regards
 
Old 07-23-2008, 02:27 AM   #2
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 61
[ Please, proofread and spell check your posts. ]

Jul 22 20:43:22 fw kernel: IN=eth2 OUT= MAC=xxx SRC=srcip DST=dstip LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=21125 PROTO=TCP SPT=5653 DPT=3513 WINDOW=1400 RES=0x00 ACK URGP=0

IN = Input interface
OUT = Output interface
MAC = Ethernet hardware address (aka MAC address)
SRC = Source IP address
DST = Destination IP address
LEN = Packet length
TOS = Type of Service (for packet prioritization)
PREC = Precedent bits
TTL = Time to Live
ID = Packet identifier
PROTO = Protocol (eg. TCP, UDP)
SPT = Source port
DPT = Destination port
WINDOW = Size of TCP window
RES = Reserved bits
ACK = Acknowledge bit set
URGP = Urgent packet

Your output may be different.

Last edited by Mr. C.; 07-23-2008 at 02:00 PM.
 
Old 07-23-2008, 05:25 AM   #3
procfs
Member
 
Registered: Jan 2006
Location: Sri Lanka
Posts: 601

Original Poster
Rep: Reputation: 34
Hi Mr. C Thanks for the info

Best regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
unable to read logs gsr_kashyap Other *NIX 6 03-03-2006 04:34 PM
how do i read logs from Freebsd?? human *BSD 2 03-01-2005 07:19 PM
iptables logs ddaas Linux - Security 1 01-20-2005 09:26 AM
how to read mail logs? djfranknitti Linux - Newbie 2 09-21-2004 09:41 AM
how to read fwlogwatch logs rosscopeeko Mandriva 1 04-20-2004 02:22 AM


All times are GMT -5. The time now is 05:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration