This log entry means the attempt has been blocked. TCP flags, the important one here is "SYN" meaning it it attempting to make a NEW connection. Source port Detestation port TCP window size Length of the payload portion of the raw packet Type of service, Presedence, Time to live (how many hops left before the packet will die from too many hops) Identification Protocol (in this case TCP). Those are the IP addresses for where the packet came from, SRC, and where is it supposed to going, DST and should be your IP address. The extra 2 bytes (08:00) at the end are the frame type, in this case it means "ethernet frame carried an IPv4 datagram". In your case the source is probably the MAC of your ISP gateway NIC. These are the Machine Address Codes for the local area destination (a6:8d:e2:51:62:4c (eth0)) and source (f0:4b:3a:4f:80:30) network interface cards. syn- a prefix occurring in loanwords from Greek, having the same function as co- (synthesis synoptic) used, with the meaning with, together, in the formation of compound words (synsepalous) or synthetic in such compounds (syngas). The OUT is blank because the packet is not been re-transmitted, which might be the case if this was a router application. The IN is the network interface name that the packet arrived on. To make this more efficient, the receiving host can ACK the SYN, and send its own SYN in the same packet, creating the three-way process we are used to seeing. The seriously annoying thing about UFW is that it uses the same prefix for every type of log entry, making it difficult to correlate back to the iptables rule set. Whenever iptables does a log entry there is an optional -log-prefix, in this case. Line 1: Feb 6 16:27:08 jonasgroenbek kernel: ĭate and time, your computer name, and kernel time since boot. UFW is just a front end for iptables, and so those log entries are actually from iptables.
0 Comments
Leave a Reply. |