Firewall Wizards mailing list archives
Question re: PIX message 302001
From: Trevor Nightingale <Trevor.Nightingale () sas com>
Date: Tue, 16 Jul 2002 16:18:39 -0400
From the PIX Version 5.3 manual:
============================= %PIX-6-302001: Built inbound|outbound TCP connection id for faddr faddr/fport gaddr gaddr/gport laddr laddr/lport (username) Explanation This is a connection-related message. This message reports that an authenticated inbound or outbound TCP connection was started to foreign address faddr using the global address gaddr from local address laddr. If the connection required authentication, the username is reported in the last field of the message. Action None required. ============================== I am trying to determine when laddr or faddr are the source address and when they are the destination address. If this is an 'outgoing' TCP connection then I assume that the laddr value is the source address and the faddr value is the destination address. If this is an 'incoming' TCP connection then I assume that the faddr value is the source addres and the laddr value is the destination address. Does anyone know if this is a correct assumption ? Regards, Trevor _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Question re: PIX message 302001 Trevor Nightingale (Jul 16)
- Re: Question re: PIX message 302001 Anton A. Chuvakin (Jul 17)