Return to README.log CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipguard / doc

ipguard

    1: 
    2: 00:0f:ea:d2:44:a4       192.168.1.1     - server MAC-IP pair
    3: 00:d0:b7:b5:ca:6b       192.168.1.10    - client MAC-IP pair
    4: 00:40:f4:53:e3:7d       192.168.1.66    - pirate MAC-IP pair
    5: de:ad:6b:a8:de:5b                       - ipguard fake MAC
    6: 
    7: #### Log description
    8: ################################
    9: 
   10: Normal ARP who-has client -> server
   11: 
   12: Ethernet        00:d0:b7:b5:ca:6b -> ff:ff:ff:ff:ff:ff
   13: ARP sender      00:d0:b7:b5:ca:6b -  192.168.1.10
   14: ARP target      0:0:0:0:0:0       -  192.168.1.1
   15: 
   16: Log record:
   17: 
   18: xxxx: 00:d0:b7:b5:ca:6b 192.168.1.10                           192.168.1.1
   19: ^^^^^ ^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^                        ^^^^^^^^^^^^^^^
   20: |1    |2                |3                                     |4
   21: 
   22: 1 - Label
   23: 2 - ARP sender MAC
   24: 3 - ARP sender IP
   25: 4 - ARP target IP
   26: 
   27: Labels:
   28: 
   29: bnew: New pair (none of MAC or IP listed in `ethers')
   30: 
   31: Ethernet        00:40:f4:53:e3:7d -> ff:ff:ff:ff:ff:ff
   32: ARP sender      00:40:f4:53:e3:7d -  192.168.1.66
   33: ARP target      0:0:0:0:0:0       -  192.168.1.1
   34: 
   35: bsip: Bad sender IP (not listed in `ethers')
   36: 
   37: Ethernet        00:d0:b7:b5:ca:6b -> ff:ff:ff:ff:ff:ff
   38: ARP sender      00:d0:b7:b5:ca:6b -  192.168.1.66
   39: ARP target      0:0:0:0:0:0       -  192.168.1.1
   40: 
   41: bmac: Bad sender MAC (not listed in `ethers')
   42: 
   43: Ethernet        00:40:f4:53:e3:7d -> ff:ff:ff:ff:ff:ff
   44: ARP sender      00:40:f4:53:e3:7d -  192.168.1.10
   45: ARP target      0:0:0:0:0:0       -  192.168.1.1
   46: 
   47: btip: Bad target IP (not listed in `ethers')
   48: 
   49: Ethernet        00:d0:b7:b5:ca:6b -> ff:ff:ff:ff:ff:ff
   50: ARP sender      00:d0:b7:b5:ca:6b -  192.168.1.10
   51: ARP target      0:0:0:0:0:0       -  192.168.1.66
   52: 
   53: xxxx: Finally bad ARP request. Some of previous rules matched
   54: 
   55: #### Current MAC-IP table
   56: ################################
   57: 
   58: dump of current pairs table
   59: dump: MAC IP
   60: 
   61: #### Bad MAC-IP buffer
   62: ################################
   63: 
   64: dump of current bad pairs buffer
   65: dump: number MAC IP count timestamp
   66: 
   67: #### ARP statistics
   68: ################################
   69: 
   70: Total ARP who-has packets 0
   71:     total received ARP packets
   72: 
   73: Good MAC-IP pairs 0
   74:     good packets
   75: 
   76: Gratuitous MAC-IP/weird 0/0
   77:     gratuitous packets / weird gratuitous (Windows/MacOS)
   78: 
   79: Zero MAC/IP 0/0
   80:     packets matched zero wildcard (00:00:00:00:00:00/0.0.0.0)
   81: 
   82: New MAC-IP pairs 0
   83:     count of new MAC-IP pairs
   84: 
   85: Bad MAC-IP pairs 0
   86:     all of bad ARP requests
   87: 
   88: Bad MAC/IP 0/0
   89:     count of bad MACs/IPs
   90: 
   91: Bad gratuitous MAC-IP 0
   92:     count of bad gratuitous packets
   93: 
   94: My/Fake/PreFake MAC 0/0/0
   95:     count of packets sended by self
   96: 
   97: And counts of some strange packets:
   98: 
   99: Mismatch sender Ether/ARP MAC 0 
  100: Non-zero target ARP MAC 0 
  101: Non-bcast target Ether MAC 0 
  102: 
  103: #### PCAP statistics
  104: ################################
  105: 
  106: Received/Dropped packets 0/0 
  107:     packets that matched/not matched PCAP filter
  108: 
  109: ##  $Id: README.log,v 1.1.1.1 2012/02/21 21:59:41 misho Exp $