Re: mysterious ipchains deny from 192.168.*.* ??
On Tue, 10 Apr 2001, will trillich wrote:
> here's a logcheck message i got recently, where ipchains is
> logging certain unwelcome hits (based on what's primarily the
> default ipmasq filtering rules)--
>
> ----- Forwarded message from root <root@serensoft.com> -----
>
> Security Violations
> =-=-=-=-=-=-=-=-=-=
> Apr 8 17:45:10 server kernel: Packet log: input DENY eth0 PROTO=1 172.149.223.27:10 224.0.0.2:0 L=28 S=0x00 I=11290 F=0x0000 T=128 (#7)
PROTO=1 means that it was an ICMP packet. Someone is trying to ping you.
Look at /usr/include/netinet/ip_icmp.h for an explanation of ICMP types. The
type is listed after the : on your host address.
Type 0 is ICMP_ECHOREPLY
-B
--
Brandon High armitage@freaks.com
War is Peace. Slavery is Freedom. AOL is the Internet.
Reply to: