Date: Thu, 27 Mar 2008 10:14:41 -0700 From: Christopher Cowart <ccowart@rescomp.berkeley.edu> To: Paul Hoffman <phoffman@proper.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Suppressing "Limiting icmp unreach response" log messages Message-ID: <20080327171441.GF53767@hal.rescomp.berkeley.edu> In-Reply-To: <p06240819c411630beacb@[10.20.30.162]> References: <p06240819c411630beacb@[10.20.30.162]>
next in thread | previous in thread | raw e-mail | index | archive | help
--sClP8c1IaQxyux9v Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Paul Hoffman wrote: > How can I eliminate the "Limiting icmp unreach response" messages from=20 > getting to /var/log/messages or to the console? I have a spate of them th= at=20 > is causing log rollovers. I think I know the source of the problem, but= =20 > need to get rid of the messages first. The icmp unreach responses happen when someone sends a UDP packet to your computer on a port with no running service (or at least, this is the most likely explanation). Some options: * Set up a firewall to deny the inbound traffic * Configure blackhole(4) to do the same I wouldn't recommend attacking the problem from the point of view of just making the log messages go away, but if you're comfortable with that, then the other post recommendinding syslog-ng might work for you (though I'd recommend configuring a pattern match on the message you want to discard or re-route). --=20 Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley --sClP8c1IaQxyux9v Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iQIVAwUBR+vWASPHEDszU3zYAQKWphAAlKauPSB3bENkMBtFIVaz1FXWorVViLRY bzwXwXsSpcBPS/zsj5HtaRVPg8cudw2YdYcnHJYpzCoC154tHcl6XsrusMSTyUNm chJXqiaMNDqQWGDB/Mmyawv/KHwfW5YnASndygqo78qdK/jrgez/f8ERJP6eSDSh G92K3qSsOx8gE1WjSXdaxUb8pzOJ2KnH59IJ/7zZo/CRBMW+AuVL4QjgS5op8p7d RT3XsujASDvdtOh96a50u4ZcxMkwYTrQu+NNqxaJFQptnGQ7hc6ohWrnfnYuX9z4 RUngcDv4nGGdaUDSEToHVKsuymhmDUIvedMnaNN6F4ChYF0K5UX/lqOkHxQg85w6 4GgyIv2TvRcczwnxIJyieFdwsopmTumXOL0/u+hJ2eLWIDBJVPHeIHWSaojwOTou 0rZC0psw7u9WITHw18UYJ+/mH4olZH2RxfyVzFdcQsSbBKVrP+4cV8j9vp276dOy sarJPtTVCXnS00WUo0fHHhizrDdcctxYFBzaMZ8f1fzYmN7zvTwWAVedcBStr4Rx WnYrHXEo5N153G/mj1QVIv+KY4mDxvzr3UwsjCFA90ymdDmRzXzqKQjTzK3gvCHU 4z15mjzMit/w6WhyAY74pVJr/X5oPDyunNatvdpe9Ie2ckSPbiM1r+9hcVt6UGfh vkWfFGXyWy4= =ASDH -----END PGP SIGNATURE----- --sClP8c1IaQxyux9v--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080327171441.GF53767>