[CS-FSLUG] Networking details #4 - switch
Ed Hurst
ehurst at asisaid.com
Fri Dec 10 11:51:29 CST 2004
Tim Young wrote:
> Could you send us the firewall log of a few of the packets that may have been
> coming from the switch?
>
> - Tim Young
Sure, but only to satisfy my curiosity. Parse:
date/time, machine name, kernel, firewall program, rule#, offending IP,
target IP, incoming/outgoing, etc.
Dec 9 18:34:20 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:64219
216.91.137.16:80 out via tun0
Dec 9 18:34:28 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:65365
216.91.137.16:80 out via tun0
Dec 9 18:35:09 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:53001
216.91.137.16:80 out via tun0
Dec 9 18:35:16 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:64108
216.239.63.104:80 out via tun0
Dec 9 18:35:16 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:49274
216.91.137.16:80 out via tun0
Dec 9 18:35:24 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:64219
216.91.137.16:80 out via tun0
Dec 9 18:35:32 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:65365
216.91.137.16:80 out via tun0
Dec 9 18:36:13 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:53001
216.91.137.16:80 out via tun0
Dec 9 18:36:20 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:64108
216.239.63.104:80 out via tun0
Dec 9 18:36:20 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:49274
216.91.137.16:80 out via tun0
Dec 9 18:36:28 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:64219
216.91.137.16:80 out via tun0
Dec 9 18:36:36 thud kernel: ipfw: 1000 Deny TCP 208.31.27.28:65365
216.91.137.16:80 out via tun0
My IP at the time was 208.31.95.128
--
Ed Hurst
-----------
A Bible Site -- http://webs.tconline.net/softedges/
Linux & Unix Help -- http://ed.asisaid.com/
Blog -- http://ed.asisaid.com/blog/
More information about the Christiansource
mailing list