I just updated my RT-68P to FW 3.0.0.4.384_45149, and I poked around the UI afterwards. I noticed in the system log that most of the IPs were Russian or Chinese(!). But, I'm not sure how to interpret all of the info for a given entry. Can someone explain the pieces to me?
E.g.: Jan 3 17:57:31 kernel: DROP IN=vlan2 OUT= MAC=1c:87:2c:48:d9:b9:84:61:a0:63:a5:20:08:00:45:00:00:28 SRC=185.176.27.166 DST=192.168.20.253 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=63509 PROTO=TCP SPT=40137 DPT=3518 SEQ=3560613561 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0
1) What does "DROP IN=vlan2" mean?
2) How can the MAC address be 18 octets long? The normal first six match my LAN MAC.
3) Anything worth noting about the rest of the pieces?
How can I tell what device on my LAN is generating or supposed to receive this traffic?
Justin
E.g.: Jan 3 17:57:31 kernel: DROP IN=vlan2 OUT= MAC=1c:87:2c:48:d9:b9:84:61:a0:63:a5:20:08:00:45:00:00:28 SRC=185.176.27.166 DST=192.168.20.253 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=63509 PROTO=TCP SPT=40137 DPT=3518 SEQ=3560613561 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0
1) What does "DROP IN=vlan2" mean?
2) How can the MAC address be 18 octets long? The normal first six match my LAN MAC.
3) Anything worth noting about the rest of the pieces?
How can I tell what device on my LAN is generating or supposed to receive this traffic?
Justin
Last edited: