📄 netfilter log format.htm
字号:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0046)http://logi.cc/linux/netfilter-log-format.php3 -->
<HTML><HEAD><TITLE>Netfilter Log Format</TITLE>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<STYLE type=text/css>CAPTION.s12 {
FONT: 12pt sans-serif
}
P {
FONT: 12pt sans-serif
}
P.t6 {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; FONT: 6pt sans-serif
}
P.ErrorBig {
MARGIN-TOP: 18pt; MARGIN-BOTTOM: 18pt; FONT: bold 16pt sans-serif; COLOR: red; TEXT-DECORATION: blink
}
P.nomargin {
MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0pt
}
INPUT.button {
BORDER-RIGHT: #2c3a4b outset; BORDER-TOP: #acbaca outset; FONT: bold 10pt sans-serif; BORDER-LEFT: #acbaca outset; COLOR: white; BORDER-BOTTOM: #2c3a4b outset; BACKGROUND-COLOR: #597596
}
INPUT.button:active {
BORDER-LEFT-COLOR: #2c3a4b; BORDER-BOTTOM-COLOR: #acbaca; BORDER-TOP-COLOR: #2c3a4b; BORDER-RIGHT-COLOR: #acbaca
}
INPUT.i10 {
FONT: bold 8pt sans-serif; COLOR: white; BACKGROUND-COLOR: #597596
}
INPUT.s12 {
FONT: 12pt sans-serif
}
INPUT.s10 {
FONT: 10pt sans-serif
}
INPUT.s8 {
FONT: 8pt sans-serif
}
TD {
FONT: 12pt sans-serif
}
TD.s10 {
FONT: 10pt sans-serif
}
TD.s8 {
FONT: 8pt sans-serif
}
TD.s6 {
FONT: 6pt sans-serif
}
A {
FONT: 12pt sans-serif
}
A.s10 {
FONT: 10pt sans-serif
}
A.s8 {
FONT: 8pt sans-serif
}
A.s6 {
FONT: 6pt sans-serif
}
A.White10 {
FONT: bold 10pt sans-serif; COLOR: white
}
P.s12 {
FONT: 12pt sans-serif
}
P.s10 {
FONT: 10pt sans-serif
}
P.s8 {
FONT: 8pt sans-serif
}
P.s6 {
FONT: 8pt sans-serif
}
UL {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 9pt
}
H1 {
FONT: bold 20pt sans-serif
}
H2 {
FONT: bold 18pt sans-serif
}
H3 {
FONT: bold 16pt sans-serif
}
H4 {
FONT: bold 14pt sans-serif
}
H5 {
FONT: bold 12pt sans-serif
}
H6 {
FONT: bold 10pt sans-serif
}
TD.Title {
FONT: bold 20pt sans-serif; COLOR: white; BACKGROUND-COLOR: #597596; TEXT-ALIGN: center
}
A.SideMenu16 {
MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0pt; FONT: bold 16pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
P.SideMenu16 {
MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0pt; FONT: bold 16pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
A.SideMenu10 {
MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0pt; FONT: bold 10pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
P.SideMenu10 {
MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0pt; FONT: bold 10pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
TD.SideMenu {
MARGIN-TOP: 12pt; MARGIN-BOTTOM: 6pt; FONT: bold 12pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
P.SideMenu {
MARGIN-TOP: 12pt; MARGIN-BOTTOM: 6pt; FONT: bold 12pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
A.SideMenu {
MARGIN-TOP: 12pt; MARGIN-BOTTOM: 6pt; FONT: bold 12pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
A.SideMenu:link {
COLOR: white
}
A.SideMenu:visited {
COLOR: yellow
}
TD.SideSubMenu {
MARGIN-TOP: 2pt; MARGIN-BOTTOM: 0pt; FONT: bold 10pt sans-serif; MARGIN-LEFT: 8pt; COLOR: white; TEXT-ALIGN: left
}
P.SideSubMenu {
MARGIN-TOP: 2pt; MARGIN-BOTTOM: 0pt; FONT: bold 10pt sans-serif; MARGIN-LEFT: 8pt; COLOR: white; TEXT-ALIGN: left
}
A.SideSubMenu {
MARGIN-TOP: 2pt; MARGIN-BOTTOM: 0px; FONT: bold 10pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
A.SideSubMenu:link {
COLOR: white
}
A.SideSubMenu:visited {
COLOR: yellow
}
FORM.SideSubMenu {
MARGIN-TOP: 2pt; MARGIN-BOTTOM: 0px; FONT: 10pt sans-serif; MARGIN-LEFT: 8pt; COLOR: white; TEXT-ALIGN: left
}
INPUT.SideSubMenu {
PADDING-RIGHT: 0px; MARGIN-TOP: 0.3em; PADDING-LEFT: 0px; MARGIN-BOTTOM: 0px; PADDING-BOTTOM: 0px; FONT: 10pt sans-serif; COLOR: white; PADDING-TOP: 0px; TEXT-ALIGN: left
}
TD.SideSub2Menu {
MARGIN-TOP: 2pt; MARGIN-BOTTOM: 0pt; FONT: bold 10pt sans-serif; MARGIN-LEFT: 16pt; COLOR: white; TEXT-ALIGN: left
}
P.SideSub2Menu {
MARGIN-TOP: 2pt; MARGIN-BOTTOM: 0pt; FONT: bold 10pt sans-serif; MARGIN-LEFT: 16pt; COLOR: white; TEXT-ALIGN: left
}
A.SideSub2Menu {
MARGIN-TOP: 2pt; MARGIN-BOTTOM: 0px; FONT: bold 10pt sans-serif; COLOR: white; TEXT-ALIGN: left
}
A.SideSub2Menu:link {
COLOR: white
}
A.SideSub2Menu:visited {
COLOR: yellow
}
</STYLE>
<META content="MSHTML 6.00.2800.1400" name=GENERATOR></HEAD>
<BODY bgColor=#f0f0f0>
<TABLE cellSpacing=0 cellPadding=5 width="100%" border=0>
<TBODY>
<TR vAlign=top>
<TD align=left width="5%" bgColor=#597596 height=50> </TD>
<TD class=Title vAlign=center>Netfilter Log Format</TD>
<TR>
<TD vAlign=top align=left bgColor=#597596>
<P class=SideMenu><A class=SideMenu href="http://logi.cc/">HOME</A>
<BR>
<HR>
<P class=SideMenu><A class=SideMenu
href="http://logi.cc/nw/index.php3">Network:</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/nw/NetCalc.php3">NetCalc</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/nw/NetBitCalc.html">NetBitCalc</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/nw/whois.php3">Whois</A> <BR>
<HR>
<P class=SideMenu><A class=SideMenu
href="http://logi.cc/linux/index.php3">Linux:</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/linux/athome-firewall.php3">Firewall</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/linux/reject_or_deny.php3">REJECT or DENY?</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/linux/ipchains-log-format.php3">ipchains log
format</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/linux/netfilter-log-format.php3">Netfilter log
format</A>
<P class=SideSub2Menu><A class=SideSub2Menu
href="http://logi.cc/linux/NF-log-issues.php3">Issues</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://logi.cc/linux/NetfilterLogAnalyzer.php3">NetfilterLogAnalyzer</A>
<BR>
<HR>
<FORM method=post>
<P class=SideMenu>Links:
<P class=SideSubMenu><A class=SideSubMenu
href="http://www.linuxdoc.org/HOWTO/HOWTO-INDEX/howtos.html">Linux
HOWTOs</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://www.linuxsecurity.com/docs/colsfaq.html">c.o.l.security
FAQ</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://www.faqs.org/">FAQs.ORG</A>
<P class=SideSubMenu><A class=SideSubMenu
href="http://www.faqs.org/rfcs/rfc-index.html">RFC Index (full)</A>
<P class=SideSubMenu>RFC <INPUT maxLength=5 size=5
name=rfc> <INPUT class=SideSubMenu type=image height=11 alt=Go
width=11 src="Netfilter Log Format.files/r-arrow-b-w.gif" border=0>
</FORM><BR> <BR>
<HR>
</TD>
<TD vAlign=top>
<BLOCKQUOTE>
<TABLE cellSpacing=0 cellPadding=0 width=640 border=0>
<TBODY>
<TR>
<TD>Here is a quick reference for the format used by the netfilter
log messages. This is all derived from the source of
the netfilter kernel modules (Linux kernel 2.4.2).
<P>Below is a hypothetical log message generated by netfilter. It
is based on a real log entry but I have added all possible IP and
TCP flags as well as a fragment offset for illustrative purposes.
<P><B>Note:</B> If you want to cut-n-paste this into the <B><A
href="http://logi.cc/linux/NetfilterLogAnalyzer.php3">Netfilter
Log Analyzer</A></B>, then you will have to edit out the fragment
offset or set it to zero.
<P>
<TABLE cellSpacing=2 cellPadding=0 border=0>
<TBODY>
<TR>
<TD><TT>Apr 16 00:30:45 megahard kernel: </TT></TD>
<TD>
<TABLE cellSpacing=0 cellPadding=0 border=0>
<TBODY>
<TR>
<TD bgColor=#d0d0ff><TT>NF: D(I,Priv) </TT></TD>
<TD bgColor=#e0ffe0><TT>IN=eth1</TT></TD>
<TD><TT> </TT></TD></TR></TBODY></TABLE></TD>
<TD bgColor=#e0ffe0><TT>OUT=</TT></TD>
<TD><TT> </TT></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=2 cellPadding=0 border=0>
<TBODY>
<TR>
<TD
bgColor=#c0ffff><TT>MAC=00:80:8c:1e:12:60:00:10:76:00:2f:c2:08:00</TT></TD>
<TD><TT> </TT></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=2 cellPadding=0 border=0>
<TBODY>
<TR>
<TD bgColor=#e2e2e2><TT>SRC=211.251.142.65</TT></TD>
<TD><TT> </TT></TD>
<TD bgColor=#e2e2e2><TT>DST=203.164.4.223</TT></TD>
<TD><TT> </TT></TD>
<TD bgColor=#e2e2e2><TT>LEN=60</TT></TD>
<TD><TT> </TT></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=2 cellPadding=0 border=0>
<TBODY>
<TR>
<TD bgColor=#e2e2e2><TT>TOS=0x00</TT></TD>
<TD><TT> </TT></TD>
<TD bgColor=#e2e2e2><TT>PREC=0x00</TT></TD>
<TD><TT> </TT></TD>
<TD bgColor=#e2e2e2><TT>TTL=44</TT></TD>
<TD><TT> </TT></TD>
<TD bgColor=#e2e2e2><TT>ID=31526</TT></TD>
<TD><TT> </TT></TD>
<TD bgColor=#e2e2e2><TT>CE</TT></TD>
<TD><TT> </TT></TD>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -