Here is a quick reference for the format used by the netfilter log messages.  This is all derived from the source of the netfilter kernel modules (Linux kernel 2.4.2). Below is a hypothetical log message generated by netfilter. It is based on a real log entry but I have added all possible IP and TCP [...]
Posts Tagged ‘netfilter’
Netfilter Log Format Issues
Posted: 28th July 2010 by admin in LinuxTags: firewall, logs, netfilter
Positives Netfilter logs are intuitive and easy to read by the occasional, non-expert admin. They provide much more information than f.e. ipchains, in particular about the transport protocol. Show the header of messages returned inside an ICMP packet. Consistency Issues Most items in the log use the LABEL=value format, but: flags appear on their own, [...]