Log help

[Rhett Butler <rbutler () UU NET>]

Greetings,

I'm still a bit new to honeyd, if I've missed where this information is stored I'll be happy to drink from the 
firehose. Can someone help me to understand what the information in these entries mean?

2003-03-12-23:07:34.0153 tcp(6) - 61.172.195.154 80 192.168.0.112 43545: 40 RA
2003-03-13-02:59:05.0851 tcp(6) - 202.102.232.145 80 192.168.0.112 43545: 44 SA
2003-03-13-17:12:38.0643 tcp(6) - 61.172.246.21 80 192.168.0.112 43545: 40 RA

The parts I do not understand are: 

"How" is this traffic coming through my firewall. I'm not allowing port 43545 into this device. This device shouldn't 
be trying to get to any web pages, and I'm not seeing the SYN packet attempt on the way out. 

Also what do the characters after the port number mean? I believe the number is the time the "connection" was used, but 
is that in seconds? What do the last charaters mean SA RA? Why does that differ from this entry?

2003-03-15-00:36:57.0601 tcp(6) S 153.39.89.142 48795 192.168.0.112 80
2003-03-15-00:37:13.0824 tcp(6) E 153.39.89.142 48795 192.168.0.112 80: 386 20078

Thank You for any input,
Rhett