Re: what does this mean: "kernel: 7.0.0.1:53 L=79 S=0x00 I=39869 F=0x4000 T=64"

From: Alexander E. Patrakov
Date: Thu Aug 23 2007 - 12:47:40 EST


martin f krafft wrote:
also sprach Alexander E. Patrakov <patrakov@xxxxxxxxxx> [2007.08.23.1730 +0200]:
I am staring at this log message:
kernel: 7.0.0.1:53 L=79 S=0x00 I=39869 F=0x4000 T=64
and I cannot figure out what it's trying to tell me. Could someone
please enlighten me?
Looks like some DNS packet got logged by your firewall rules.

But my firewall rules certainly do not log DNS packets, and if they
did, it would look very differently, no? I always prefix my iptables
LOG messages anyway.

Sorry. Indeed, it differs very much from the normal packet log and cannot be obtained by truncation:

Aug 20 13:25:39 dsa kernel: packet trace: IN=eth0 OUT=eth2 SRC=192.168.0.96 DST=192.36.143.150 LEN=76 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=123 DPT=123 LEN=56

This is a Xen client, if it makes a difference.

None of the results of grep -r 'L=%' linux-2.6.22.1 match your string. So this must indeed be something out-of-tree - but Xen-3.1.0 or 3.0.4 doesn't match either. Or function that produced this message in the log doesn't use printf-like functions for formatting numbers.

However, the style does look similar to a message in ipw2100.c:

IPW_DEBUG_TX("TX%d V=%p P=%04X T=%04X L=%d\n", i,
&txq->drv[i],
(u32) (txq->nic + i * sizeof(struct ipw2100_bd)),
txq->drv[i].host_addr, txq->drv[i].buf_length);

--
Alexander E. Patrakov
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/