--=.''H7h24KV3UvCyN Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Can someone please explain the following: Nov 25 18:58:52 linux kernel: Shorewall:net2all:DROP:IN=eth1 OUTMAC=00:60:1d:f0:a6:f9:00:60:1d:f6:35:50:08:00 SRC=206.52.253.8 DST=64.216.105.3 LEN=56 TOS=0x00 PREC=0x00 TTL=110 ID=18558 PROTO=ICMP TYPE=3 CODE=3 [SRC=64.216.105.3 DST=172.16.1.10 LEN=128 TOS=0x00 PREC=0x00 TTL=47 ID=0 DF PROTO=UDP SPT=53 DPT=2857 LEN=108 ] 64.216.105.3 is external on my firewall... 172.16.0.0/24 is my internal LAN... The brackets are kind of confusing as well, I''ve seen them in the logs periodically, and just never asked... The only thing kinda strange in my setup is I forward port 23 to another machine for my BBS.... I have mail, web, ftp on the firewall, and 2 other computers masq''ing through it.. BBS is on .2, .4 and .5 are the other workstations and .254 is the internal interface on the firewall... --- Homer Parker http://www.homershut.net telnet://bbs.homershut.net --=.''H7h24KV3UvCyN Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE94x88rgrN227HZ+8RAiF2AJ4x2rycX8oDotnWcWT4FZojG8cktgCeLUbV UQ5/8BBx1Mj5F22YBPxKy38=BInN -----END PGP SIGNATURE----- --=.''H7h24KV3UvCyN--
--On Tuesday, November 26, 2002 01:14:02 AM -0600 Homer Parker <hparker@homershut.net> wrote:> Can someone please explain the following: > > Nov 25 18:58:52 linux kernel: Shorewall:net2all:DROP:IN=eth1 OUT> MAC=00:60:1d:f0:a6:f9:00:60:1d:f6:35:50:08:00 SRC=206.52.253.8 > DST=64.216.105.3 LEN=56 TOS=0x00 PREC=0x00 TTL=110 ID=18558 PROTO=ICMP > TYPE=3 CODE=3 [SRC=64.216.105.3 DST=172.16.1.10 LEN=128 TOS=0x00 PREC=0x00 > TTL=47 ID=0 DF PROTO=UDP SPT=53 DPT=2857 LEN=108 ] > > 64.216.105.3 is external on my firewall... 172.16.0.0/24 is my internal > LAN... The brackets are kind of confusing as well, I''ve seen them in the > logs periodically, and just never asked... The only thing kinda strange in > my setup is I forward port 23 to another machine for my BBS.... I have > mail, web, ftp on the firewall, and 2 other computers masq''ing through > it.. BBS is on .2, .4 and .5 are the other workstations and .254 is the > internal interface on the firewall... >Homer -- search the archives for the last month or two. I''ve given several explainations of ICMP packets. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net
--On Tuesday, November 26, 2002 06:54:11 AM -0800 Tom Eastep <teastep@shorewall.net> wrote:> > > > Homer -- search the archives for the last month or two. I''ve given > several explainations of ICMP packets. >Since this is becoming a FAQ, I''ve added FAQ #21 (http://shorewall.sf.net/FAQ.htm#faq21) -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net
--=.pi(gR?VucK1FIS Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Tue, 26 Nov 2002 09:13:43 -0800 Tom Eastep <teastep@shorewall.net> wrote....> > > --On Tuesday, November 26, 2002 06:54:11 AM -0800 Tom Eastep > <teastep@shorewall.net> wrote: > > > > > > > > > Homer -- search the archives for the last month or two. I''ve given > > several explainations of ICMP packets. > > > > Since this is becoming a FAQ, I''ve added FAQ #21 > (http://shorewall.sf.net/FAQ.htm#faq21)That makes sense.... The 172.16.1.10 is behind a NAT on the other end... Kind of threw me for a loop, as the 172.16.0.0 isn''t as popular as the 192.168.0.0 or the 10.0.0.0 blocks... So, I figured it was my end... Thanks for clearing that up! ;) --- Homer Parker http://www.homershut.net telnet://bbs.homershut.net --=.pi(gR?VucK1FIS Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE948b4rgrN227HZ+8RAjoDAJ4rgT60j6KRS/sUeo4qlP07Oz39pACeMn6m 9tWRfOD3Zil9Lo2kD8oTAr0=kX6H -----END PGP SIGNATURE----- --=.pi(gR?VucK1FIS--