Hello, julioarr@xxxxxxxxxxxx a écrit : > > What does this mean? > > May 18 12:14:55 firewall kernel: [97390.813579] INPUT_ALL_ACCEPT_lo-1 > IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=10.0.0.2 > DST=10.0.0.2 LEN=107 TOS=0x00 PREC=0xC0 TTL=64 ID=62342 PROTO=ICMP TYPE=3 > CODE=1 [SRC=10.0.0.2 DST=173.194.69.108 LEN=79 TOS=0x00 PREC=0x00 TTL=64 > ID=61005 DF PROTO=TCP SPT=38040 DPT=587 WINDOW=133 RES=0x00 ACK PSH FIN > URGP=0 ] Some iptables rule logged that the local machine 10.0.0.2 sent to itself an ICMP packet with type 3 (destination unreachable) and code 1 (host unreachable) in response to an attempt to send a TCP packet to 173.194.69.108. "Host unreachable" usually means ARP resolution failure, but 173.194.69.108 is not on the network directly connected to 10.0.0.2, so it probably means that the ARP resolution for the gateway IP address found in the routing table for that destination failed for any reason (wrong gateway address, network failure...). -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
