[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Addendum to Bridging firewall and ICMP traffic

To: "Miscellaneous Support OpenBSD (E-mail)" <misc@openbsd.org>
Subject: Addendum to Bridging firewall and ICMP traffic
From: "Collin B. McClendon" <Collin@macrosys.com>
Date: Thu, 26 Apr 2001 13:58:28 -0400

I did notice that the hosts that can be pinged have K-S in their flags
field, where as blocked pings do not carry any such
flags. What exactly would this imply?
-Collin

Apr 26 13:50:27 beezle ipmon[27381]: 13:50:26.995244             fxp0 @0:17 
b x.x.x.229 -> x.x.x.250 PR icmp len 20 60 icmp 8/0 IN
Apr 26 13:50:28 beezle ipmon[27381]: 13:50:28.482870             fxp0 @0:17 
b x.x.x.229 -> x.x.x.250 PR icmp len 20 60 icmp 8/0 IN
Apr 26 13:50:33 beezle ipmon[27381]: 13:50:33.322678             fxp0 @0:20 
p x.x.x.229 -> x.x.x.245 PR icmp len 20 60 icmp 8/0 K-S IN
Apr 26 13:50:33 beezle ipmon[27381]: 13:50:33.324790             fxp1
@65535:0 
p x.x.x.245 -> x.x.x.229 PR icmp len 20 60 icmp 0/0 K-S IN
Apr 26 13:50:34 beezle ipmon[27381]: 13:50:34.343302             fxp0 @0:20 
p x.x.x.229 -> x.x.x.245 PR icmp len 20 60 icmp 8/0 K-S IN
Apr 26 13:50:34 beezle ipmon[27381]: 13:50:34.343738             fxp1
@65535:0 
p x.x.x.245 -> x.x.x.229 PR icmp len 20 60 icmp 0/0 K-S IN

Prev by Date: Re: 2.8-STABLE locked up again
Next by Date: Re: 2.8-STABLE locked up again
Prev by thread: Strange Behavior on an OpenBSD Bridging Firewall
Next by thread: Re: named fails to do zone transfers -- gives
Index(es):
- Date
- Thread