On 07/04/2017 12:01 AM, Maik Linnemann wrote: > Dear List, > > > > i found that in some log lines theres a „DF“ behind the ID (see > example). Not in all but in some. I couldnt find out what it is for and > how to disable it (for log parsing). May I ask someone to give an > explanation or a hint?! Thanks in advance! > > > > Jul 2 15:57:35 HOST Shorewall:loc-net:ACCEPT: IN=eth1.1 OUT=eth0 > MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.0.1 > DST=xxx.xxx.xx.xxx LEN=48 TOS=00 PREC=0x00 TTL=127 ID=10882 DF PROTO=TCP > SPT=50764 DPT=443 SEQ=3276908360 ACK=0 WINDOW=8192 SYN URGP=0 MARK=0 >
It is the 'Don't Fragment' flag in the IP header, and I know of no way to suppress it. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
