Hello all

Can anyone explain what does this line means. I have seen in syslog. I can understand somewhat only.

----------------------------------------------------------
Aug 13 22:37:28 abc-proxy kernel: IN=eth0 OUT= MAC=00:c0:26:89:5c:d8:00:30:1d:00:a3:d1:08:00 SRC=202.70.73.167 DST=xxx.xx.xx.xx LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=15 DF PROTO=TCP SPT=3013 DPT=3128 WINDOW=8760 RES=0x00 SYN URGP=62468
Aug 13 22:37:31 abc-proxy kernel: IN=eth0 OUT= MAC=00:c0:26:89:5c:d8:00:30:1d:00:a3:d1:08:00 SRC=202.70.73.167 DST=XXX.XX.XX.XX LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=22 DF PROTO=TCP SPT=3013 DPT=3128 WINDOW=8760 RES=0x00 SYN URGP=62468
--------------------------------------------------------------

It's messages from the kernel firewall (netfilter/iptables): someone with IP 202.70.73.167 tried to connect (witness the TCP SYN flag at the end) to your TCP port 3128 (probably squid?)

Somehow you or a colleague of you ordered the firewall to log this kind of packets... You can see the firewall rules by doing "iptables -L -v" -- "man iptables" for more info, or visit www.netfilter.org

Greetings
nukkel