-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
perhaps, but I think the real answer is to not allow icmp traffic to hit
the braodcast address of the network or subnetwork in consideration, which
is a slightly, if not totally different issue then multicast traffic
passing the perimiter. Though I'm up for educatiting and clues if I am
mistaken here.
thanks,
Ron DuFresne
On Tue, 1 Nov 2005, Zoltan Nagy wrote:
consider dropping all multicast packets
$ipt -d 224.0.0.0/4 -j DROP
Paulo Andre wrote:
I have the following log:
Nov 1 09:10:40 guardian ---SA_IN--- IN=eth1 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:e0:1e:83:d5:19:08:00 SRC=64.34.170.237
DST=255.255.255.255 LEN=1072 TOS=00 PREC=0x40 TTL=243 ID=12209 DF
PROTO=ICMP TYPE=8 CODE=0 ID=0 SEQ=0
I am receiving thousands of these a day, icmp traffic is blocked with
iptables. But still this traffic is coming up the line. Is my only
solution to contact the ISP or is there something I can do in
iptables/linux?
Paulo
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover
instead of creating the perfect love.
-Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDaTFnst+vzJSwZikRAlzaAJ4pwFiHxbgneeHnq2unfoO1ap7m8ACgzS9j
lylmKFXRvyyJGK8wTWJRyEU=
=CGLX
-----END PGP SIGNATURE-----
