If you're using a default Bering install without monkeying with the Bering settings, and you're using DHCP, then your gateway should be 192.168.1.254, and 192.168.1.1 would be a machine on your LAN.
Either way, if you're getting a flood of ICMP packets from anywhere to anywhere, it's questionable. I don't know of anything that would generate ICMP from a Bering box to anything without user input, at least in the basic setup, so a little forensics work would be in order to find out what's really going on.
Given the number of worms and virii out there that use ICMP sweeps to find vulnerable systems, I'd be hesitant to allow ICMP of any kind. It technically breaks RFC standards, but I don't know of anything that it actually causes a problem with by doing.
Matt wrote:
hi, i'm new to bering-uclibc and shorewall (but have used lrp and dachstein).
I'm getting hundreds of icmp "hits" showing up in the shorewall log between my bering box and one of my local machines. here's an example:
Jan 1 00:00:00 unity Shorewall:all2all:REJECT: IN= OUT=eth0 MAC= SRC=192.168.1.1 DST=192.168.1.5 LEN=83 TOS=00 PREC=0x00 TTL=64 ID=29297 PROTO=ICMP TYPE=3 CODE=0
eth0 is my lan interface (192.168.1.1), and ppp0 is the net interface (dialup). I think that a solution would be to add the following line to the shorewall policy, but i have some questions on it... fw loc ACCEPT
this seems like a very "normal" thing to do, so why is it not set in the default config? are there any reasons to not accept these connections (other than local attacks on the firewall)?
thanks, -matt
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
