Actions
Bug #13449
open
Wrong logging if ICMP "Port unreachable"
Status:
New
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.6.0
Affected Architecture:
Description
It seems to me that there is a comma missing from these type of logs:
filterlog82349: 143,,,1611338923,vtnet2,match,pass,in,4,0xc0,,64,37963,0,none,1,icmp,356,10.3.0.3,10.3.0.252,unreachport,10.3.0.3,UDP, 68336
With "tcpdump":
10.3.0.3 > 10.3.0.252: ICMP 10.3.0.3 udp port 68 unreachable, length 336
So, the log should look like this:
filterlog82349: 143,,,1611338923,vtnet2,match,pass,in,4,0xc0,,64,37963,0,none,1,icmp,356,10.3.0.3,10.3.0.252,unreachport,10.3.0.3,UDP, 68,336
Otherwise, a parsing of the log is not possible
See also bug #7476.
Translated with www.DeepL.com/Translator (free version)
Updated by 
Updated by
Actions