[ previous ] [ next ] [ threads ]
 
 From:  "Brandon Holland" <brandon at cookssaw dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  FW: [m0n0wall] Logs
 Date:  Wed, 7 Jan 2004 11:54:47 -0600
Oops, forgot to send it to m0n0 too. :'(

-----Original Message-----
From: Brandon Holland [mailto:brandon at cookssaw dot com] 
Sent: Wednesday, January 07, 2004 11:52 AM
To: 'Francisco Reyes'
Subject: RE: [m0n0wall] Logs

See that tiny letter there, the "B"?  That tells you it was blocked.

If it was accepted as per your rule and you had logging on, it'd have
been an A.

-----Original Message-----
From: Francisco Reyes [mailto:lists at natserv dot com] 
Sent: Wednesday, January 07, 2004 5:12 AM
To: M0N0Wall firewall
Subject: [m0n0wall] Logs

Except for remote loggin I am done. I am, however, still trying to
better
understand the logs.

For instance. Some samples:
10:28:44.207050 sis0 @0:9 B 10.0.0.2,138 -> 10.0.0.255,138 PR udp len 20
229 IN

Was that accepted or rejected?
What is the long number after the seconds? Fractions of a second? Seems
like overkill if so..so many decimal places...

If these logs are straight as reported from ipf could anyone recommend a
link that would explain ipf's logs? I have found many links and great
info
on ipf, but nothing on how to read it's logs.

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch