Solved

Debug packet INT SRC MASK output confusion

Posted on 2004-09-09
1
184 Views
Last Modified: 2012-06-21
By using the debug command how can I tell if traffic was passed or rejected from a specific IP or range.  For instance here is the output I recieved in my test.  I know that it was blocked but what in the output will confirm that for me?

--------- PACKET ---------

-- IP --
Source ==>     Dest

        ver = 0x4       hlen = 0x5      tos = 0x0       tlen = 0x30
        id = 0x6321     flags = 0x40    frag off=0x0
        ttl = 0x7e      proto=0x6       chksum = 0xb494

        -- TCP --
                source port = 0x7b0     dest port = 0x17syn

                seq = 0x166cf6da
                ack = 0x0
                hlen = 0x7              window = 0xffff
                checksum = 0x88ff       urg = 0x0
tcp options:
                        0x2     0x4     0x5     0xb4    0x1     0x1     0x4
0x2
--------- END OF PACKET ---------

--------- PACKET ---------

-- IP --
Source ==>     Dest

        ver = 0x4       hlen = 0x5      tos = 0x0       tlen = 0x30
        id = 0x6322     flags = 0x40    frag off=0x0
        ttl = 0x7e      proto=0x6       chksum = 0xb493

        -- TCP --
                source port = 0x7b0     dest port = 0x17syn

                seq = 0x166cf6da
                ack = 0x0
                hlen = 0x7              window = 0xffff
                checksum = 0x88ff       urg = 0x0
tcp options:
                        0x2     0x4     0x5     0xb4    0x1     0x1     0x4
0x2
--------- END OF PACKET ---------

--------- PACKET ---------

-- IP --
Source ==>     Dest

        ver = 0x4       hlen = 0x5      tos = 0x0       tlen = 0x30
        id = 0x6323     flags = 0x40    frag off=0x0
        ttl = 0x7e      proto=0x6       chksum = 0xb492

        -- TCP --
                source port = 0x7b0     dest port = 0x17syn

                seq = 0x166cf6da
                ack = 0x0
                hlen = 0x7              window = 0xffff
                checksum = 0x88ff       urg = 0x0
tcp options:
                        0x2     0x4     0x5     0xb4    0x1     0x1     0x4
0x2
--------- END OF PACKET ---------


Thanks,

Sunny
0
Comment
Question by:sunnyd24
1 Comment
 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
ID: 12027900
It doesn't.  This is only a packet capture.  You could compare this to what you see blocked in the fw logs ?
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now