I am trying to understand some iptables logs and am a little confused by the content. I'm afraid it is not obvious to me WHY a log message is significant. From the log statment, I can't take a look at it an instantly see whether I should be worried or not. There is nothing that jumps out at me to tell me that the message was logged because a jerk spoofed his IP...or sent nasty headers. Things I would like to be able to determine are: was the packet dropped, accepted or denied? what rule was violated? what about the connection cause the rule to be violated? Perhaps the answer is that I should use a commercial firewall if I want that kind of information? I find that answer unpleasant and hope its not the case. I suppose there is an M out there I should be RTFing....perhaps someone would be kind enough to point me in the right direction? Taylor _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Tue Aug 12 2003 - 09:31:47 PDT