Annotation of embedaddon/ipguard/doc/README.log, revision 1.1.1.1

1.1       misho       1: 
                      2: 00:0f:ea:d2:44:a4       192.168.1.1     - server MAC-IP pair
                      3: 00:d0:b7:b5:ca:6b       192.168.1.10    - client MAC-IP pair
                      4: 00:40:f4:53:e3:7d       192.168.1.66    - pirate MAC-IP pair
                      5: de:ad:6b:a8:de:5b                       - ipguard fake MAC
                      6: 
                      7: #### Log description
                      8: ################################
                      9: 
                     10: Normal ARP who-has client -> server
                     11: 
                     12: Ethernet        00:d0:b7:b5:ca:6b -> ff:ff:ff:ff:ff:ff
                     13: ARP sender      00:d0:b7:b5:ca:6b -  192.168.1.10
                     14: ARP target      0:0:0:0:0:0       -  192.168.1.1
                     15: 
                     16: Log record:
                     17: 
                     18: xxxx: 00:d0:b7:b5:ca:6b 192.168.1.10                           192.168.1.1
                     19: ^^^^^ ^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^                        ^^^^^^^^^^^^^^^
                     20: |1    |2                |3                                     |4
                     21: 
                     22: 1 - Label
                     23: 2 - ARP sender MAC
                     24: 3 - ARP sender IP
                     25: 4 - ARP target IP
                     26: 
                     27: Labels:
                     28: 
                     29: bnew: New pair (none of MAC or IP listed in `ethers')
                     30: 
                     31: Ethernet        00:40:f4:53:e3:7d -> ff:ff:ff:ff:ff:ff
                     32: ARP sender      00:40:f4:53:e3:7d -  192.168.1.66
                     33: ARP target      0:0:0:0:0:0       -  192.168.1.1
                     34: 
                     35: bsip: Bad sender IP (not listed in `ethers')
                     36: 
                     37: Ethernet        00:d0:b7:b5:ca:6b -> ff:ff:ff:ff:ff:ff
                     38: ARP sender      00:d0:b7:b5:ca:6b -  192.168.1.66
                     39: ARP target      0:0:0:0:0:0       -  192.168.1.1
                     40: 
                     41: bmac: Bad sender MAC (not listed in `ethers')
                     42: 
                     43: Ethernet        00:40:f4:53:e3:7d -> ff:ff:ff:ff:ff:ff
                     44: ARP sender      00:40:f4:53:e3:7d -  192.168.1.10
                     45: ARP target      0:0:0:0:0:0       -  192.168.1.1
                     46: 
                     47: btip: Bad target IP (not listed in `ethers')
                     48: 
                     49: Ethernet        00:d0:b7:b5:ca:6b -> ff:ff:ff:ff:ff:ff
                     50: ARP sender      00:d0:b7:b5:ca:6b -  192.168.1.10
                     51: ARP target      0:0:0:0:0:0       -  192.168.1.66
                     52: 
                     53: xxxx: Finally bad ARP request. Some of previous rules matched
                     54: 
                     55: #### Current MAC-IP table
                     56: ################################
                     57: 
                     58: dump of current pairs table
                     59: dump: MAC IP
                     60: 
                     61: #### Bad MAC-IP buffer
                     62: ################################
                     63: 
                     64: dump of current bad pairs buffer
                     65: dump: number MAC IP count timestamp
                     66: 
                     67: #### ARP statistics
                     68: ################################
                     69: 
                     70: Total ARP who-has packets 0
                     71:     total received ARP packets
                     72: 
                     73: Good MAC-IP pairs 0
                     74:     good packets
                     75: 
                     76: Gratuitous MAC-IP/weird 0/0
                     77:     gratuitous packets / weird gratuitous (Windows/MacOS)
                     78: 
                     79: Zero MAC/IP 0/0
                     80:     packets matched zero wildcard (00:00:00:00:00:00/0.0.0.0)
                     81: 
                     82: New MAC-IP pairs 0
                     83:     count of new MAC-IP pairs
                     84: 
                     85: Bad MAC-IP pairs 0
                     86:     all of bad ARP requests
                     87: 
                     88: Bad MAC/IP 0/0
                     89:     count of bad MACs/IPs
                     90: 
                     91: Bad gratuitous MAC-IP 0
                     92:     count of bad gratuitous packets
                     93: 
                     94: My/Fake/PreFake MAC 0/0/0
                     95:     count of packets sended by self
                     96: 
                     97: And counts of some strange packets:
                     98: 
                     99: Mismatch sender Ether/ARP MAC 0 
                    100: Non-zero target ARP MAC 0 
                    101: Non-bcast target Ether MAC 0 
                    102: 
                    103: #### PCAP statistics
                    104: ################################
                    105: 
                    106: Received/Dropped packets 0/0 
                    107:     packets that matched/not matched PCAP filter
                    108: 
                    109: ##  $Id: README.log,v 1.10 2010/07/12 03:46:52 sead Exp $

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>