Mailinglist Archive: opensuse (4348 mails)

< Previous Next >
RE: [SLE] reading output from iptables.
  • From: "Jeric" <jeric@xxxxxxxxxxxxx>
  • Date: Tue, 1 Oct 2002 18:22:39 -0500
  • Message-id: <NFEOKDIBEHGJNLLPPDALAEIPEOAA.jeric@xxxxxxxxxxxxx>
I have a book called "Linux Firewalls" 2nd edition by Robert L. Ziegler (New
Riders publication) for my firewall stuff. Pg 324-327 break apart the TCP
and UDP packets nicely, and easily. (The first edition was ipchains, which I
still use...but I am preparing for iptables for when I get 8.1 :D
Although, it pretty much just has the same info that Anders Johansson
replied with, but with slightly more detail.
The only thing I can't seem to find...what is the "OPT" line is about?

jeric

On Tuesday 01 October 2002 23.27, Ben Rosenberg wrote:
> Can someone recommend a document that will give me a heads up on how to
> read the output of iptables that's not 4 inches thick? ;)
>
> Example:
>
> Oct 1 14:21:32 zeus kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT=
> MAC=00:10:4b:10:69:c1:00:20:6f:13:82:d2:08:00 SRC=61.195.156.12
> DST=64.0.161.154 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=10094 DF PROTO=TCP
> SPT=1332 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0 OPT
> (020405B40402080A03E4463C0000000001030300)ยท
>
> I found the output from ipchains much easier to read. It was more "this
> is the ip of the attacker..this is the port their coming from and this
> is the port their trying to gain access to.." but iptables seems
> different to me.




< Previous Next >
References