Hi there, is there any documentation available about the format that ipchains uses to log rules that have "-l" set?
Here's a typical entry I find in kern.log: Jan 18 12:50:48 <hostname> kernel: Packet log: input DENY atm0 PROTO=17 212.159.138.104:137 tar.get.ho.st:137 L=78 S=0x00 I=49987 F=0x0000 T=117 Everything up to the target portion is pretty obvious, but then I don't know for sure what the other tokens mean. L=78 is probably the length of the packet, right? But what about the other fields? Thanks for your insights, Ralf -- Sign the EU petition against SPAM: L I N U X .~. http://www.politik-digital.de/spam/ The Choice /V\ of a GNU /( )\ Generation ^^-^^
