[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tcpdump and rule -1/0



Really the only way anyone on this list can help is by providing your entire ruleset. Until then, most of us will be left in the dark.

-a

On Thursday, Sep 11, 2003, at 17:37 US/East-Indiana, Eaton, Andy wrote:

Hello all,

?

I am having a problem with filtering on a vlan aware bridge.?I am wondering if anyone has seen a tcpdump that looks like the following and what it means.?Particularly the part about the rule -1/0(match).

?

Sep 11 17:35:33.988497 rule -1/0(match): pass in on vlan16: 64.236.34.72.80 > 172.16.0.36.3114: . 63809:64321(512) ack 1 win 4096

Sep 11 17:35:33.988501 rule -1/0(match): pass out on vlan17: 64.236.34.72.80 > 172.16.0.36.3114: . 63809:64321(512) ack 1 win 4096

Sep 11 17:35:33.989717 rule -1/0(match): pass in on vlan17: 172.16.0.36.3114 > 64.236.34.72.80: . ack 64321 win 0 (DF)

Sep 11 17:35:33.989720 rule -1/0(match): pass out on vlan16: 172.16.0.36.3114 > 64.236.34.72.80: . ack 64321 win 0 (DF)

?

I have spent a lot of time debugging this and the rules are not being parsed right.?I thought I might start here.

?

?

Thanks in advance,

?

?

Andrew Eaton