How to read iptables logs
 

Hi

I was able to activate iptables loggin. how do I interpret the logs I dont understand the nmotations

I can recodnice like TYPE, TTL etc. is there a document that will explains all the columns at least what they stand for

Thanks

Regards

[ Please, proofread and spell check your posts. ]

Jul 22 20:43:22 fw kernel: IN=eth2 OUT= MAC=xxx SRC=srcip DST=dstip LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=21125 PROTO=TCP SPT=5653 DPT=3513 WINDOW=1400 RES=0x00 ACK URGP=0

IN = Input interface
OUT = Output interface
MAC = Ethernet hardware address (aka MAC address)
SRC = Source IP address
DST = Destination IP address
LEN = Packet length
TOS = Type of Service (for packet prioritization)
PREC = Precedent bits
TTL = Time to Live
ID = Packet identifier
PROTO = Protocol (eg. TCP, UDP)
SPT = Source port
DPT = Destination port
WINDOW = Size of TCP window
RES = Reserved bits
ACK = Acknowledge bit set
URGP = Urgent packet

Your output may be different.

Hi Mr. C Thanks for the info

Best regards