Hi,>From last some days I am facing the unexpected huge ICMP traffic is goingout from Server. I have blocked icmp ports in iptables and if I execute the Ping manualy its blocking. Some process is send this huge traffic. Below is tcpdump output. =============================== 16:23:27.817856 IP (tos 0xc0, ttl 64, id 55278, offset 0, flags [none], proto ICMP (1), length 104) example.com > ***.***.***.***: ICMP host example.com unreachable - admin prohibited, length 84 IP (tos 0x0, ttl 56, id 52085, offset 0, flags [DF], proto TCP (6), length 76) ***.***.***.***.5189 > example.com.https: Flags [P.], cksum 0xa427 (correct), seq 2571871600:2571871636, ack 1159342022, win 65535, length 36 =============================== How this can be controlled ? Thanks, Shital
On 01/06/2016 04:45 AM, Shital Sakhare wrote:> I have blocked icmp ports in iptables and if I execute the Ping manualy its > blocking....> How this can be controlled ?Drop the incoming traffic in iptables, rather than rejecting it?
Thanks, Dropped the ICMP type 3 port. Now question to find the cause. On Wed, Jan 6, 2016 at 6:49 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote:> On 01/06/2016 04:45 AM, Shital Sakhare wrote: > >> I have blocked icmp ports in iptables and if I execute the Ping manualy >> its >> blocking. >> > ... > >> How this can be controlled ? >> > > Drop the incoming traffic in iptables, rather than rejecting it? > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >