Re: ipchains log

To: debian-user@lists.debian.org
Subject: Re: ipchains log
From: Mark Ferlatte <ferlatte@cryptio.net>
Date: Thu, 6 Dec 2001 17:27:43 -0800
Message-id: <[🔎] 20011206172743.D12926@radix.cryptio.net>
Mail-followup-to: Mark Ferlatte <ferlatte@cryptio.net>, debian-user@lists.debian.org
In-reply-to: <[🔎] 20011206115528.A14703@ormond.unimelb.edu.au>; from rdrid@ormond.unimelb.edu.au on Thu, Dec 06, 2001 at 11:55:28AM +1100
References: <[🔎] 20011206115528.A14703@ormond.unimelb.edu.au>

On Thu, Dec 06, 2001 at 11:55:28AM +1100, Rebecca Dridan wrote (1.00):
> pluto kernel: Packet log: input DENY eth0 PROTO=1 210.86.82.93:3 xx.xx.xx.xx:3
> .....
> 
> I've found out that that's an ICMP packet, with type Desination Unreadable and
> code Port Unreachable, but I'm not sure what this means.  Is it important, and
> is there any way of stopping it?

This means that pluto is trying to connect to a closed port on
xxx.xxx.xxx.xxx, and the remote end is trying to tell you to cut it out,
like it's supposed to.  If you block those messages, you'll have to wait
for your connects to timeout, instead of stopping.

Blocking all ICMP isn't a good idea.  At the very least, you should
allow the Destination Unreachable type through, and maybe a couple of
others.  Searching google for "ICMP Blocking" will probably bring up
many articles like
<http://www.networkmagazine.com/article/NMG20000829S0003>, which might
be of help in deciding what to allow through.

M

Reply to:

References:
- ipchains log
  - From: Rebecca Dridan <rdrid@ormond.unimelb.edu.au>

Prev by Date: Re: What happened to compose? - further information
Next by Date: Re: XMMS kills Gnome activity!
Previous by thread: Re: ipchains log
Next by thread: mozilla-cvs
Index(es):
- Date
- Thread