On 25/05/07, Simon Hobson <[EMAIL PROTECTED]> wrote: > Jonathan Underwood wrote: > > SSH/ACCEPT net $FW - - - - 3/min:3 > > I would add logging to that statement and see what happens. > eg: > > SSH/ACCEPT:info net $FW - - - - 3/min:3 This results in these messages (with a couple of obfuscations in IP addresses:
Shorewall:net2fw:ACCEPT:IN=eth0 OUT= MAC=00:xx:xx:xx:c2:49:00:d0:79:xx:98:00:08:00 SRC=130.xx.69.87 DST=128.xx.2.35 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=26203 DF PROTO=TCP SPT=53708 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 Shorewall:net2fw:ACCEPT:IN=eth0 OUT= MAC=00:xx:xx:xx:xx:49:00:xx:79:xx:98:00:08:00 SRC=130.xx.69.87 DST=128.xx.2.35 LEN=64 TOS=0x00 PREC=0x00 TTL=53 ID=26293 DF PROTO=TCP SPT=53708 DPT=22 WINDOW=2485 RES=0x00 ACK URGP=0 Shorewall:net2fw:ACCEPT:IN=eth0 OUT= MAC=00:xx:xx:xx:xx:49:00:d0:79:95:98:00:08:00 SRC=130.xx.69.87 DST=128.xx.2.35 LEN=64 TOS=0x00 PREC=0x00 TTL=53 ID=26324 DF PROTO=TCP SPT=53708 DPT=22 WINDOW=3995 RES=0x00 ACK URGP=0 Shorewall:net2fw:ACCEPT:IN=eth0 OUT= MAC=00:xx:xx:xx:xx:49:00:d0:79:95:98:00:08:00 SRC=130.xx.69.87 DST=128.xx.2.35 LEN=72 TOS=0x00 PREC=0x00 TTL=53 ID=27573 DF PROTO=TCP SPT=53708 DPT=22 WINDOW=6036 RES=0x00 ACK URGP=0 > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
