Mailinglist Archive: opensuse (1470 mails)

< Previous Next >
Re: [opensuse] What is the meaning of these firewall log entries?
On 2016-02-17 11:47, Eliezer Croitoru wrote:
But,

What is wrong with plain tcpdump and couple filters??

That I'm not familiar with it.

netstat or ss should show the state of the listening port unless it's
working in some shady way inside the kernel without reflection to the
userlands.

Remember that the port is normally open, except perhaps during the event.

The simplest way would be to login into both machines at the same time
and somehow make sense of it before diving into all the fw logging or
ICMP rules.

Don't you have access to both machines? Am I missing something?

Yes, you are missing that one of the machine is going into hibernation
the instant this happens. It is going into hibernation what triggers the
event, so it is not possible to log into it, and possibly, it is
impossible to rely on any particular application running.

A tcpdump would only run reliably on the destination machine, and it is
possible that it sees nothing wrong (the current hypothesis).

--
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 "Bottle" at Telcontar)

< Previous Next >
Follow Ups