2011/1/22 Johan Helsingius <[email protected]>: > Matteo, > >> all you need is at >> >> http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdump&apropos=0&sektion=0&manp ath=OpenBSD+Current&arch=i386&format=html > > Thanks, but as I wrote: > >>> I am getting a fair bit of log lines that are shown as >>> "rule def/(short)", and I can't find anything explaining >>> the meaning of things like "(short)" - the tcpdump man >>> page only lists "short" as one of the possible values, >>> without explaining what it means. > > So the tcpdump(8) page states: > > reason code B B B B True if the packet was logged with the specified PF > B B B B B B B B B B B B reason code. B The known codes are: match, bad-offset, > B B B B B B B B B B B B fragment, short, normalize, memory, bad-timestamp, > B B B B B B B B B B B B congestion, ip-option, proto-cksum, state-mismatch, > B B B B B B B B B B B B state-insert, state-limit, src-limit, and synproxy > > But... What does reason code "short" mean? What causes it? I am sure > the *meaning* of the reason codes are documented somewhere (rather > than just listing the possible codes), but I haven't found it. I guess > the next step is to look at the source. > > B B B B Julf > >
Sorry Johan. I answered too quickly. Best regards -- Matteo Filippetto http://op83.blogspot.com
