Date: Tue, 3 Aug 1999 20:25:12 -0300 (ADT) From: Michael Richards <026809r@dragon.acadiau.ca> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: security@FreeBSD.ORG Subject: Re: Odd ICMP packets being logged Message-ID: <Pine.GSO.4.10.9908032020430.11002-100000@dragon> In-Reply-To: <199908032242.IAA27809@cheops.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 4 Aug 1999, Darren Reed wrote: > > I'm seeing some odd packets being logged via my ipf. I've looked around > > but not really found any good resources on ipfilter/ipnat. I can't find > > this documented: > > 03/08/1999 17:03:03.370491 vx0 @0:5 b ###.###.###.### -> 10.23.3.2 PR icmp > > len 20 43 icmp 8/0 > > Date Time interface group:rule block sourceIP -> destip PR protocol len > ip-header-length ip-length icmp type/code > > It's actually coming from rule #5. Type 8 is ECHO so it's a ping packet. Hrm. That's kinda odd... Rule #5 is: block return-rst in log quick on vx0 proto tcp from any to any port = 25 Can't see why that would be logging an ICMP... -Michael To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.10.9908032020430.11002-100000>