Solved

Debug packet INT SRC MASK output confusion

Posted on 2004-09-09
1
188 Views
Last Modified: 2012-06-21
By using the debug command how can I tell if traffic was passed or rejected from a specific IP or range.  For instance here is the output I recieved in my test.  I know that it was blocked but what in the output will confirm that for me?

--------- PACKET ---------

-- IP --
Source ==>     Dest

        ver = 0x4       hlen = 0x5      tos = 0x0       tlen = 0x30
        id = 0x6321     flags = 0x40    frag off=0x0
        ttl = 0x7e      proto=0x6       chksum = 0xb494

        -- TCP --
                source port = 0x7b0     dest port = 0x17syn

                seq = 0x166cf6da
                ack = 0x0
                hlen = 0x7              window = 0xffff
                checksum = 0x88ff       urg = 0x0
tcp options:
                        0x2     0x4     0x5     0xb4    0x1     0x1     0x4
0x2
--------- END OF PACKET ---------

--------- PACKET ---------

-- IP --
Source ==>     Dest

        ver = 0x4       hlen = 0x5      tos = 0x0       tlen = 0x30
        id = 0x6322     flags = 0x40    frag off=0x0
        ttl = 0x7e      proto=0x6       chksum = 0xb493

        -- TCP --
                source port = 0x7b0     dest port = 0x17syn

                seq = 0x166cf6da
                ack = 0x0
                hlen = 0x7              window = 0xffff
                checksum = 0x88ff       urg = 0x0
tcp options:
                        0x2     0x4     0x5     0xb4    0x1     0x1     0x4
0x2
--------- END OF PACKET ---------

--------- PACKET ---------

-- IP --
Source ==>     Dest

        ver = 0x4       hlen = 0x5      tos = 0x0       tlen = 0x30
        id = 0x6323     flags = 0x40    frag off=0x0
        ttl = 0x7e      proto=0x6       chksum = 0xb492

        -- TCP --
                source port = 0x7b0     dest port = 0x17syn

                seq = 0x166cf6da
                ack = 0x0
                hlen = 0x7              window = 0xffff
                checksum = 0x88ff       urg = 0x0
tcp options:
                        0x2     0x4     0x5     0xb4    0x1     0x1     0x4
0x2
--------- END OF PACKET ---------


Thanks,

Sunny
0
Comment
Question by:sunnyd24
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
ID: 12027900
It doesn't.  This is only a packet capture.  You could compare this to what you see blocked in the fw logs ?
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question