[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Brandon Holland <brandon at cookssaw dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0wall dropping packets when using bittorrent
 Date:  Mon, 26 Jan 2004 18:44:02 +0100 
Brandon Holland wrote:

> 20:18:33.523088 vr0 @0:13 b 81.57.134.67,3620 -> 172.22.1.22,110 PR tcp
> len 20 44 -AR IN
> 
> What exactly does that mean?
> 
> At the time above, out the interface vr0, via the rule number? (What is
> the 0:13) a packet was blocked from ip/port above to ip/port above.
> Protocol tcp, len 20? What does that mean? 44? -AR?

http://www.freebsd.org/cgi/man.cgi?query=ipmon&apropos=0&sektion=0&manpath=FreeBSD+4.9-RELEASE&format=html

It means an *incoming* TCP packet on vr0 from 81.57.134.67 port 3620 to 
172.22.1.22 port 110 with a header length of 20 bytes and a total length 
of 44 bytes and with the TCP flags ACK and RST set was blocked by rule 
13 in group 0.

- Manuel