Find the answer to your Linux question:
Results 1 to 2 of 2
Hey guys, please can you tell me what the following means? Code: ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=91.198.174.234 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=80 DPT=1094 SEQ=3428159326 ACK=0 WINDOW=0 ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 08-15-2010 #1
    Chris1989
    Chris1989 is offline
    Just Joined!
    Join Date
    Nov 2009
    Posts
    11

    Guarddog Iptables help reading logs please

    Hey guys, please can you tell me what the following means?

    Code:
    ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=91.198.174.234 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=80 DPT=1094 SEQ=3428159326 ACK=0 WINDOW=0 RES=0x00$
Aug 15 22:18:59 ppp-laptop kernel: [ 5571.426293] ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=91.198.174.234 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=80 DPT=1093 SEQ=2180674655 ACK=0 WINDOW=0 RES=0x00$
Aug 15 22:18:59 ppp-laptop kernel: [ 5571.427177] ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=91.198.174.232 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=80 DPT=3960 SEQ=784388191 ACK=0 WINDOW=0 RES=0x00 $
Aug 15 22:20:44 ppp-laptop kernel: [ 5676.598012] ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=72.51.46.230 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=TCP SPT=80 DPT=2187 SEQ=1019080214 ACK=0 WINDOW=0 RES=0x00 R$
Aug 15 22:21:17 ppp-laptop kernel: [ 5709.587830] ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=64.4.22.46 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=23319 DF PROTO=TCP SPT=80 DPT=1709 SEQ=2155892735 ACK=2273092797 WINDOW=$
Aug 15 22:21:17 ppp-laptop kernel: [ 5710.072010] ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=64.4.22.46 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=42758 DF PROTO=TCP SPT=80 DPT=1707 SEQ=3338803707 ACK=2273279073 WINDOW=$
Aug 15 22:21:18 ppp-laptop kernel: [ 5710.943115] ABORTED IN=eth0 OUT= MAC=00:1b:24:af:dc:a4:00:30:bd:6d:58:aa:08:00 SRC=64.4.22.46 DST=myip LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=13364 DF PROTO=TCP SPT=80 DPT=1708 SEQ=3344265012 ACK=2270214697 WINDOW=$
    Does this mean that connections from those IP's have been blocked or what?

    Thanks.
    Reply With Quote Reply With Quote
  2. 09-13-2010 #2
    ripp3r
    ripp3r is offline
    Just Joined!
    Join Date
    Sep 2010
    Posts
    6
    Mh... not BLOCKED but ABORTED... it should not be the same thing... ABORTED means that the connection IS NOT established (ACK=0 WINDOW=0).

    Are you sure that this lines are complete? Because the '$' at the end means that the line is not complete...
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules