Ok, I added a rule allowing icmp on port 3 out to my domain servers. It
seems to have fixed the problem.
Thanks!
Drew
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Denis R
Sent: Tuesday, November 21, 2000 3:50 PM
To: [EMAIL PROTECTED]
Subject: Re: Unknown log entry
If you look at /etc/protocols, PROTO=1, it is icmp protocol. Port 3 on both
Source machine and target is 'destination unreachable'. Your rule in
firewall script denies sending a 'dest. unreachable' info from your machine
to the ISP (or vice versa, I don't know which IP is your ISP, you get the
idea).
Port 3 and 11 are used for outgoing/incoming traceroute commands. Seems
that your ISP is maybe troubleshooting the connection to your box and you
are rejecting the output.
Take care,
Denis
>>>>>>>>>>>>
Date: Tue, 21 Nov 2000 07:56:28 -0800 (PST)
From: "Todd A. Jacobs" <[EMAIL PROTECTED]>
To: RedHat general mailling list <[EMAIL PROTECTED]>
Subject: Re: Unknown log entry
Reply-To: [EMAIL PROTECTED]
On Mon, 20 Nov 2000, Drew Hunt wrote:
> Kernel entries:
>
> Nov 20 14:34:59 tenchi kernel: Packet log: output REJECT eth0 PROTO=1
> 24.221.123.186:3 24.221.30.4:3 L=56 S=0x00 I=12811 F=0x0000 T=127 (#50)
>
> 1) What is it rejecting?
It's rejecting (denying the packet with an ICMP response) packets from
24.221.123.186 with source port 3 to 24.221.30.4 with destination port 3.
Since it's not listed in /etc/services, I don't know what 24.221.123.186
is trying to find on port 3, but that's what's going on.
--
Todd A. Jacobs
Senior Network Consultant
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
