Two references are below
Sometime, in kern.log or dmesg contain the following message by issuing "ufw" more precisely iptable.
[UFW BLOCK INPUT]: IN=eth0 OUT= MAC=*************** SRC=*.*.*.* DST=**.**.***.*** LEN=52 TOS=0x00 PREC=0x00 TTL=42 ID=23860 DF PROTO=TCP SPT=8000 DPT=42776 WINDOW=35568 RES=0x00 ACK URGP=0
Here, some short explanations which I found in the references. Still not enough to understand for me.
SRC=The source address of the IP packet.
DST=The destination address of the IP packet.
LEN = The length of the IP packet.
TOS = The Type of Service of the IP packet.
PREC =The Precedence of the IP packet.
TTL = The time to live of the IP packet.
ID = The id of the IP packet.
flags = "CE" (congestion), "DF" (don't fragment), or "MF" (more fragments are coming).
PROTO = The name/number of the protocol that the IP packet encapsulates. This
will be 'TCP', 'UDP', 'ICMP', or a number corresponding to the protocol
in /etc/protocols or
http://www.iana.org/assignments/protocol-numbers/
TCP
SPT: The source port of the tcp packet.
DPT: The destination port of the tcp packet.
WINDOW:
The length of the TCP window.
RES : The reserved bits.
flags : any bination of "CWR" (Congestion Window
Reduced), "ECE" (Explicit Congestion Notification Echo), "URG"
(Urgent), "ACK" (Acknowledgement), "PSH" (Push), "RST" (Reset), "SYN"
(Synchronize), or "FIN" (Finished)
URGP: The urgent pointer.
UDP
SPT: The source port of the UDP packet.
DPT: The destination port of the UDP packet.
LEN: The length of the UDP packet
ICMP
TYPE: The numeric type of the ICMP packet
CODE: The numeric code of the ICMP packet
ID :
The id of the ICMP echo packet.
SEQ : The sequence number of the ICMP echo packet.