ann kok wrote:> Hi all
>
> The machine provides the name service
>
> I got the following in the dmesg.
>
> What is it?
>
> Can I have rules to prevent it?
>
> UDP: bad checksum. From outside-ip:61479 to
> machine-ip:61 ulen 45
> UDP: bad checksum. From outside-ip:62499 to
> machine-ip:61 ulen 45
> UDP: bad checksum. From outside-ip:64135 to
> machine-ip:61 ulen 45
> UDP: bad checksum. From outside-ip:64135 to
> machine-ip:61 ulen 45
> UDP: bad checksum. From outside-ip:65383 to
> machine-ip:61 ulen 45
>
> outside-ip sent an invalid ICMP type 3, code 3 error
> to a broadcast: 248.32.x.x on eth0
> outside-ip sent an invalid ICMP type 3, code 3 error
> to a broadcast: 248.32.x.x on eth0
> outside-ip sent an invalid ICMP type 3, code 3 error
> to a broadcast: 248.32.x.x on eth0
>
'outside-ip', is that the IP of this system, or some random external
internet IP, or what? odd, 248.32.x.x isn't a broadcast or
multicast address AFAIK, is that part of one of your subnets or something?
I'm not sure what udp/61 is, /etc/services says 'NI-MAIL', that
appears
to be something from the dusty basement of pre-internet networking ("JNT
mail over NIFTP").
ICMP type 3 code 3 is 'port unreachable'. see:
http://www.iana.org/assignments/icmp-parameters if you block those you
won't be able to do traceroutes.
if you just got a few of those, I'd ignore them. if you got lots and
lots, it may be a weak attempt at a denial of service attack
anyways, dunno why you'd need any rules, the kernel rejected those
packets on the grounds given.