From owner-freebsd-questions Tue Jul 17 9:48:12 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by hub.freebsd.org (Postfix) with ESMTP id B276237B405 for ; Tue, 17 Jul 2001 09:47:59 -0700 (PDT) (envelope-from fgleiser@cactus.fi.uba.ar) Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by cactus.fi.uba.ar (8.11.3/8.9.3) with ESMTP id f6HGjWt98775; Tue, 17 Jul 2001 13:45:38 -0300 (ART) (envelope-from fgleiser@cactus.fi.uba.ar) Date: Tue, 17 Jul 2001 13:45:32 -0300 (ART) From: Fernando Gleiser To: Mark Cc: Subject: Re: how could this PACKET get through?! In-Reply-To: <20010717120556.A28512@tmd.df.ru> Message-ID: <20010717134041.G96585-100000@cactus.fi.uba.ar> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Without knowing your firewall rules it is difficult to tell, but a good guess is you are keeping state on the outgoing connections and the icmp packet was in response to one of those outgoing connections. Fer On Tue, 17 Jul 2001, Mark wrote: > Re, > > I am blocking most incoming icmp traffic: > > icmp-type 0 > icmp-type unreach code 3 > icmp-type unreach code 4 > icmp-type timex > > also.. im running jail, but icmp doesn't work from there.. how could this packet get through my firewall: > > Jul 17 05:12:53 ml ipmon[18381]: 05:12:52.177910 2x ed0 @0:35 p 0.so-3-0-0.XR1.ATL1.ALTER.NET -> jail PR icmp len 20 > 56 icmp 11/0 for jail,3366 - 63.108.161.50,1439 PR tcp len 20 40 IN > > Please, reply by e-mail. > > thanks in advance! > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message