Re: firewall log messages
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
> Packet log: input REJECT eth0 PROTO=17 65.6.x.x:513
> 65.255.255.255:513
> L=160 S=0x00 I=20143 F=0x0000 T=64 (#5)
> 24.7.73.5 sent an invalid ICMP error to a broadcast.
> 24.7.73.5 sent an invalid ICMP error to a broadcast.
>
> where the 65.6.x.x is my address.
>
> Why are these coming?
Someone broadcasted them :)
> Are they warning me of something important? and if not, can I send
> them to a log instead of my console?
I wouldn't worry about the blocked UDP packet.
The ICMP messages are because a... weird system is spewing garbage. VMS
is one such system :) Harmless, but annoying and ugly if you look at the
raw logs often. Putting
net.ipv4.icmp_ignore_bogus_error_responses = 1
into /etc/sysctl.conf and rebooting should make the messages go away.
Running
sysctl -w net.ipv4.icmp_ignore_bogus_error_responses=1
as root will make that change immediate.
- --
- ----------------------------------------------------------------------
Phil Brutsche pbrutsch@tux.creighton.edu
GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6302U/ZTSZFDeHPwRAiqvAJ9fC3QWuKzF2VNAu4ToX9yzUuLTJACfUgoJ
hbULABRDQDUgP2vaQA5eghg=
=Tz1n
-----END PGP SIGNATURE-----
Reply to: