Firewall Wizards mailing list archives
weird IP options.
From: esteban <esteban () reed edu>
Date: Mon, 26 Jul 1999 17:16:33 -0700 (PDT)
hi- I am trying to find out what the following entries in my PIX log might be (IP's have been changed) to protect the innocent. 7/25/99,5:59:50 PM,10.254.254.246,pix.foo.com,LOCAL4,CRITICAL,%PI X-2-106012: Deny IP from 4.19.19.136 to 210.222.222.123, IP options 0x80350ce4 7/25/99,5:59:57 PM,10.254.254.246,pix.foo.com,LOCAL4,CRITICAL,%PI X-2-106012: Deny IP from 4.19.19.136 to 210.222.222.123, IP options 0x8030b6e4 7/25/99,6:00:08 PM,10.254.254.246,pix.foo.com,LOCAL4,CRITICAL,%PI X-2-106012: Deny IP from 4.19.19.136 to 210.222.222.123, IP options 0x80380814 7/25/99,6:06:07 PM,10.254.254.246,pix.foo.com,LOCAL4,CRITICAL,%PI X-2-106012: Deny IP from 4.19.19.136 to 210.222.222.123, IP options 0x802bf8c4 7/25/99,6:06:13 PM,10.254.254.246,pix.foo.com,LOCAL4,CRITICAL,%PI X-2-106012: Deny IP from 4.19.19.136 to 210.222.222.123, IP options 0x802b9e94 These IP options don't seem to correspond to anything to which I can find reference. From what I can tell, the IP option here is of type 128? That would indicate that only the copy bit in the Type code octet is set. Or maybe I am reading the number wrong. -esteban
Current thread:
- weird IP options. esteban (Jul 27)
- Re: weird IP options. Ge' Weijers (Jul 27)
- Re: weird IP options. Andy Smith (Jul 29)