[iptables]iptables日志记录 

Mar 27 08:55:16  kernel: [5956021.859282] [iptables 911:] IN=eth1 OUT= MAC=f0:1f:af:da:6f:1e:80:fb:06:ae:fa:57:08:00 SRC=118.122.88.231 DST=125.65.xxx.x5 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=30361 DF PROTO=TCP SPT=6424 DPT=11060 WINDOW=14600 RES=0x00 SYN URGP=0

其中MAC=f0:1f:af:da:6f:1e:80:fb:06:ae:fa:57:08:00,前12位数字为destination mac,接下来12位是上一跳mac,08:00是08:00 : Type=08:00 (ethernet frame carried an IPv4 datagram)

对于wan访问来说,sourcemac其实没有意义。

参考:

https://access.redhat.com/site/solutions/70465

posted @ 2014-03-27 11:12  silence.li  阅读(1176)  评论(0编辑  收藏  举报