On Sat, Jun 27, 2009 at 9:01 AM, Lyle Giese<[email protected]> wrote: > I recently installed pfSense 1.2.3-RC1 on a Soekris NET4801 box. > > 1) Is there any documentation on the syslog entries like below? These are > not the same as the entries from a mOnOwall router. > > 2) Can someone enlighten me on the entry below? It looks like a packet from > pfSense wiki host(source port 80) going to my Soekris router is blocked, but > that is all I can read into this entry. I do see them about every 15 mins in > the logs.(66.111.2.165 when put in a browser brings up the wiki pages for > pfSense and 209.112.71.50 is my dsl ip address, ns1.lcrcomputer.net). > > Jun 27 00:18:24 linuxgw pf: 2. 361279 rule 102/0(match): block in on ng0: > (tos 0x0, ttl 49, id 64249, offset 0, flags [DF], proto TCP (6), length 52) > 66.111.2.165.80 > 209.112.71.50.41228: ., cksum 0x4f45 (correct), ack 1 win > 33088 <nop,nop,timestamp 3992399005 26236787> >
This might help. http://www.mail-archive.com/[email protected]/msg02705.html There have been numerous explanations of the log formats. It's OpenBSD PF formatted. Scott --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
