Re: [leaf-user] Netfilter logs have bad dates in them (apologies to Shorewall)

2004-07-28 Thread John Desmond 
I figured out the same thing after finding a routine
for changing EST to UTC. The same odd dates show up in
logs all over the net as well as some that others have
posted to leaf-user, so I thought perhaps this is a
well-know thing.
Empty dates seem to translate to 1/1/70 00:00:00 UTC
and then get further translated to ones own TZ and
then into the logs they go.
-John

--- Erich Titl [EMAIL PROTECTED] wrote:
 Dec 31 19:00:00 for the date for REJECTS in the
 all2all chain.
 
 The puzzling thing is the time stamp, 5 hours off
 the 1st of january 
 (probably UTC), somehow it looks like an empty date
 field converted somehow 
 to east coast time 
 
 A guess would be to ask around in the netfilter
 team.
 
 Erich



---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Netfilter logs have bad dates in them (apologies to Shorewall)

2004-07-28 Thread Erich Titl 
John
At 17:05 28.07.2004, John Desmond wrote:
I figured out the same thing after finding a routine
for changing EST to UTC. The same odd dates show up in
logs all over the net as well as some that others have
posted to leaf-user, so I thought perhaps this is a
well-know thing.
Empty dates seem to translate to 1/1/70 00:00:00 UTC
and then get further translated to ones own TZ and
then into the logs they go.
Have you been able to pinpoint the problem, are these odd dates alwais 
related to iptables?
cheers
Erich

THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16

---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21alloc_id040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Netfilter logs have bad dates in them (apologies to Shorewall)

2004-07-28 Thread John Desmond 

--- Erich Titl [EMAIL PROTECTED] wrote:

 John
 
 At 17:05 28.07.2004, John Desmond wrote:
 I figured out the same thing after finding a
 routine
 for changing EST to UTC. The same odd dates show up
 in
 logs all over the net as well as some that others
 have
 posted to leaf-user, so I thought perhaps this is a
 well-know thing.
 Empty dates seem to translate to 1/1/70 00:00:00
 UTC
 and then get further translated to ones own TZ and
 then into the logs they go.
 
 Have you been able to pinpoint the problem, are
 these odd dates alwais 
 related to iptables?
 cheers
 Erich

All log entries with bad dates are from iptables.
The following set from shorewall.log I got by issuing
the command cat /var/log/shorewall.log |grep REJECT.
They include all the lines that have bad dates. It
also includes some with good dates. The bad ones have
no MACs. The good ones do. That's the only difference
I can see. I've sent an inquiry to the netfilter mail
list.
-John
== 8 
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.185
LEN=331 TOS=00 PREC=0x00 TTL=64 ID=39369 CE DF
PROTO=UDP SPT=67 DPT=68 LEN=311
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.185
LEN=331 TOS=00 PREC=0x00 TTL=64 ID=61980 CE DF
PROTO=UDP SPT=67 DPT=68 LEN=311
Jul 28 15:11:29 firewall Shorewall:all2all:REJECT:
IN=eth1 OUT=
MAC=00:60:08:08:78:81:00:50:da:60:19:20:08:00 
SRC=192.168.1.167 DST=192.168.1.254 LEN=84 TOS=00
PREC=0x00 TTL=64 ID=33058 CE PROTO=ICMP TYPE=0 CODE=0
ID=47691 SEQ=0
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.167
LEN=112 TOS=00 PREC=0x00 TTL=255 ID=64632 CE
PROTO=ICMP TYPE=3 CODE=1
Jul 28 15:11:30 firewall Shorewall:all2all:REJECT:
IN=eth1 OUT=
MAC=00:60:08:08:78:81:00:50:da:60:19:20:08:00 
SRC=192.168.1.167 DST=192.168.1.254 LEN=84 TOS=00
PREC=0x00 TTL=64 ID=33059 CE PROTO=ICMP TYPE=0 CODE=0
ID=47691 SEQ=256
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.167
LEN=112 TOS=00 PREC=0x00 TTL=255 ID=41846 CE
PROTO=ICMP TYPE=3 CODE=1
Jul 28 15:11:31 firewall Shorewall:all2all:REJECT:
IN=eth1 OUT=
MAC=00:60:08:08:78:81:00:50:da:60:19:20:08:00 
SRC=192.168.1.167 DST=192.168.1.254 LEN=84 TOS=00
PREC=0x00 TTL=64 ID=33060 CE PROTO=ICMP TYPE=0 CODE=0
ID=47691 SEQ=512
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.167
LEN=112 TOS=00 PREC=0x00 TTL=255 ID=50951 CE
PROTO=ICMP TYPE=3 CODE=1
Jul 28 15:11:32 firewall Shorewall:all2all:REJECT:
IN=eth1 OUT=
MAC=00:60:08:08:78:81:00:50:da:60:19:20:08:00 
SRC=192.168.1.167 DST=192.168.1.254 LEN=84 TOS=00
PREC=0x00 TTL=64 ID=33061 CE PROTO=ICMP TYPE=0 CODE=0
ID=47691 SEQ=768
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.167
LEN=112 TOS=00 PREC=0x00 TTL=255 ID=17950 PROTO=ICMP
TYPE=3 CODE=1
Jul 28 15:11:33 firewall Shorewall:all2all:REJECT:
IN=eth1 OUT=
MAC=00:60:08:08:78:81:00:50:da:60:19:20:08:00 
SRC=192.168.1.167 DST=192.168.1.254 LEN=84 TOS=00
PREC=0x00 TTL=64 ID=33062 CE PROTO=ICMP TYPE=0 CODE=0
ID=47691 SEQ=1024
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.167
LEN=112 TOS=00 PREC=0x00 TTL=255 ID=27414 PROTO=ICMP
TYPE=3 CODE=1
Jul 28 15:11:34 firewall Shorewall:all2all:REJECT:
IN=eth1 OUT=
MAC=00:60:08:08:78:81:00:50:da:60:19:20:08:00 
SRC=192.168.1.167 DST=192.168.1.254 LEN=84 TOS=00
PREC=0x00 TTL=64 ID=33063 CE PROTO=ICMP TYPE=0 CODE=0
ID=47691 SEQ=1280
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.167
LEN=112 TOS=00 PREC=0x00 TTL=255 ID=59951 CE
PROTO=ICMP TYPE=3 CODE=1
Jul 28 15:11:35 firewall Shorewall:all2all:REJECT:
IN=eth1 OUT=
MAC=00:60:08:08:78:81:00:50:da:60:19:20:08:00 
SRC=192.168.1.167 DST=192.168.1.254 LEN=84 TOS=00
PREC=0x00 TTL=64 ID=33064 CE PROTO=ICMP TYPE=0 CODE=0
ID=47691 SEQ=1536
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.167
LEN=112 TOS=00 PREC=0x00 TTL=255 ID=46897 CE
PROTO=ICMP TYPE=3 CODE=1
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.185
LEN=331 TOS=00 PREC=0x00 TTL=64 ID=17791 DF PROTO=UDP
SPT=67 DPT=68 LEN=311
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.185
LEN=331 TOS=00 PREC=0x00 TTL=64 ID=12037 DF PROTO=UDP
SPT=67 DPT=68 LEN=311
=



---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]