Firewall Wizards mailing list archives

Question re: PIX message 302001

From: Trevor Nightingale <Trevor.Nightingale () sas com>
Date: Tue, 16 Jul 2002 16:18:39 -0400

From the PIX Version 5.3 manual:


=============================
%PIX-6-302001: Built inbound|outbound TCP connection id for faddr faddr/fport gaddr gaddr/gport laddr laddr/lport 
(username)

Explanation   This is a connection-related message. This message reports that an authenticated inbound or outbound TCP 
connection was started to foreign address faddr using the global address gaddr from local address laddr. If the 
connection required authentication, the username is reported in the last field of the message. 

Action None required. 
==============================

I am trying to determine when laddr or faddr are the source address and when they are the destination address.

If this is an 'outgoing' TCP connection then I assume that the laddr value is the source address and the faddr value is 
the destination address.

If this is an 'incoming' TCP connection then I assume that the faddr value is the source addres and the laddr value is 
the destination address.

Does anyone know if this is a correct assumption ?

Regards,
Trevor



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Question re: PIX message 302001 Trevor Nightingale (Jul 16)
- Re: Question re: PIX message 302001 Anton A. Chuvakin (Jul 17)