On Wed, Dec 19, 2001 at 09:52:41AM -0500, Hal Burgiss <[EMAIL PROTECTED]> wrote: | On Wed, Dec 19, 2001 at 02:36:27PM +0100, Leonard den Ottolander wrote: | > A friend for whom I build a RH 6.2 firewall found the following entry in his | > log: | > Dec 16 12:32:38 xxxxxxxx kernel: IP_MASQ:reverse ICMP: failed checksum from | > 213.145.187.145! | > Does anybody know what this person is trying to achieve? Should I block | > certain ICMP messages on this masquearading firewall? Which ICMP messages | > should I definitely allow to pass through the firewall? Any links to short | > introductions to ICMP? Thanx. | | I allow incoming: | | $IPTABLES -A INPUT -p icmp --icmp-type destination-unreachable -j ACCEPT | $IPTABLES -A INPUT -p icmp --icmp-type time-exceeded -j ACCEPT | $IPTABLES -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT | | then drop the rest. It would be interesting to other opinions...
I let all ICMP in. Fer gahd's sake - they're useful info. -- Cameron Simpson, DoD#743 [EMAIL PROTECTED] http://www.zip.com.au/~cs/ If you give me six lines written by the most honest man, I will find something in them to hang him. - Cardinal Richilieu _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list