[logs] Re: Cisco PIX message documentation

From: Jian Zhen (jlzat_private)
Date: Thu Jul 11 2002 - 23:50:10 PDT

Next message: Marco van Berkum: "[logs] strange DNS query's, familiar to anyone ?"

Previous message: Terje Bless: "[logs] Re: Cisco PIX message documentation"
In reply to: Terje Bless: "[logs] Re: Cisco PIX message documentation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Terje Bless (linkat_private) [020711 22:58]:
> Jian Zhen <jlzat_private> wrote:
> 
> >Has ne1 actually done any parsing with the pix logs? I am finding some
> >of the log msgs are very confusing as they do not clearly show the src
> >and dst of the connection..
> >
> >e.g.
> >
> >%pix-6-302005: built udp connection for faddr 10.10.10.10/12215 gaddr
> >11.11.11.11/55224 laddr 11.11.11.11/55224
> 
> faddr == Foreign Address
> gaddr == Gateway Address
> laddr == Local Address
> 
> Surely?

Actually gaddr I believe is global addr, the external IP of the local IP.

However, knowing that still doesn't provide any clue as to what's the src
and dst tho.

thx

// Jian

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Marco van Berkum: "[logs] strange DNS query's, familiar to anyone ?"
Previous message: Terje Bless: "[logs] Re: Cisco PIX message documentation"
In reply to: Terje Bless: "[logs] Re: Cisco PIX message documentation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 12 2002 - 01:53:40 PDT