Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Meaning of letters in the Firewall Log Files "Proto" field
« previous
next »
Print
Pages: [
1
]
Author
Topic: Meaning of letters in the Firewall Log Files "Proto" field (Read 3775 times)
JohnDoe17
Newbie
Posts: 40
Karma: 5
Meaning of letters in the Firewall Log Files "Proto" field
«
on:
September 26, 2017, 09:21:07 pm »
What does "TCP:SEC" mean in the Firewall Log Files "Proto" field?
I think the "S" means "Syn," but does "E" mean "ECE" and "C" mean "CWR"
OR
is it "S" and "EC" for "Syn" and "ECE"?
I have a lot of this kind of stuff in my Firewall Log files. Is that normal?
[Edited to add]: Also, do I need to be creating rules to allow this type of traffic? Or are simple rules to allow only "Syns" sufficient?
Thanks.
«
Last Edit: September 26, 2017, 09:23:59 pm by JohnDoe17
»
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: Meaning of letters in the Firewall Log Files "Proto" field
«
Reply #1 on:
September 27, 2017, 06:44:24 am »
Hi,
There is a prominent help text on the standard log view header right below the filter options:
TCP Flags: F - FIN, S - SYN, A or . - ACK, R - RST, P - PSH, U - URG, E - ECE, W - CWR
And yes, TCP works this way.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Meaning of letters in the Firewall Log Files "Proto" field