Greetings List, I have a question that hopefully someone here can clear up for me. I apologize if this is common knowledge, and if someone knows where this particular documentation resides, I would very much appreciate a link. I am getting the following logs from a SuSEfirewall2: Dec 7 23:01:58 mailserver kernel: SuSE-FW-DROP-ICMP-CRIT IN=eth0 OUT= MAC=00:b0:d0:c6:12:b5:00:e0:b6:03:dc:f2:08:00 SRC=203.134.26.220 DST=192.168.100.242 LEN=56 TOS=0x00 PREC=0x00 TTL=245 ID=29751 DF PROTO=ICMP TYPE=4 CODE=0 [SRC=192.168.100.242 DST=211.26.232.31 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=0 FRAG:64 PROTO=TCP ] Dec 7 23:01:58 mailserver kernel: SuSE-FW-DROP-ICMP-CRIT IN=eth0 OUT= MAC=00:b0:d0:c6:12:b5:00:e0:b6:03:dc:f2:08:00 SRC=203.134.26.220 DST=192.168.100.242 LEN=56 TOS=0x00 PREC=0x00 TTL=245 ID=29755 DF PROTO=ICMP TYPE=4 CODE=0 [SRC=192.168.100.242 DST=211.26.232.31 LEN=111 TOS=0x00 PREC=0x00 TTL=53 ID=0 FRAG:64 PROTO=TCP ] Dec 7 23:02:02 mailserver kernel: SuSE-FW-DROP-ICMP-CRIT IN=eth0 OUT= MAC=00:b0:d0:c6:12:b5:00:e0:b6:03:dc:f2:08:00 SRC=203.134.26.220 DST=192.168.100.242 LEN=56 TOS=0x00 PREC=0x00 TTL=245 ID=29843 DF PROTO=ICMP TYPE=4 CODE=0 [SRC=192.168.100.242 DST=211.26.232.31 LEN=72 TOS=0x00 PREC=0x00 TTL=53 ID=0 FRAG:64 PROTO=TCP ] My questions are: Why is the MAC address what appears to be 2 MAC addresses concatenated together? Why is there SRC and DST inside [] and why are they different from the other IPs mentioned? This system's IP address is 192.168.100.242, which appears as the DST in the non-[] text, but is the SRC in the test inside the []. What gives? Any comments are most welcome. Grant Pardon this rubbish: This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system.
participants (1)
-
Sturgis, Grant