Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Iptables Log, what does this mean?
Robert83
post Mar 3 2004, 11:48 AM
Post #1


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hi,

what is this?

Mar 3 09:18:05 WindowsXP kernel: iptablesIN=eth1 OUT= MAC=00:30:4f:25:e6:15:00:30:b8:80:49:ee:08:00 SRC=194.44.39.138 DST=217.26.69.17 LEN=56 TOS=0x00 PREC=0x00 TTL=241 ID=47353 PROTO=ICMP TYPE=4 CODE=0 [SRC=217.26.69.17 DST=194.44.39.44 LEN=112 TOS=0x00 PREC=0x00 TTL=51 ID=45298 PROTO=UDP SPT=20140 DPT=18747 LEN=72 ]
Mar 3 09:18:05 WindowsXP kernel: iptablesIN=eth1 OUT= MAC=00:30:4f:25:e6:15:00:30:b8:80:49:ee:08:00 SRC=194.44.39.138 DST=217.26.69.17 LEN=56 TOS=0x00 PREC=0x00 TTL=241 ID=47358 PROTO=ICMP TYPE=4 CODE=0 [SRC=217.26.69.17 DST=194.44.39.44 LEN=112 TOS=0x00 PREC=0x00 TTL=51 ID=45298 PROTO=UDP SPT=20140 DPT=18747 LEN=72 ]
Mar 3 09:18:05 WindowsXP kernel: iptablesIN=eth1 OUT= MAC=00:30:4f:25:e6:15:00:30:b8:80:49:ee:08:00 SRC=194.44.39.138 DST=217.26.69.17 LEN=56 TOS=0x00 PREC=0x00 TTL=241 ID=47360 PROTO=ICMP TYPE=4 CODE=0 [SRC=217.26.69.17 DST=194.44.39.44 LEN=112 TOS=0x00 PREC=0x00 TTL=51 ID=45298 PROTO=UDP SPT=20140 DPT=18747 LEN=72 ]
Mar 3 09:18:05 WindowsXP kernel: iptablesIN=eth1 OUT= MAC=00:30:4f:25:e6:15:00:30:b8:80:49:ee:08:00 SRC=194.44.39.138 DST=217.26.69.17 LEN=56 TOS=0x00 PREC=0x00 TTL=241 ID=47363 PROTO=ICMP TYPE=4 CODE=0 [SRC=217.26.69.17 DST=194.44.39.44 LEN=112 TOS=0x00 PREC=0x00 TTL=51 ID=45298 PROTO=UDP SPT=20140 DPT=18747 LEN=72 ]
Mar 3 09:18:06 WindowsXP kernel: iptablesIN=eth1 OUT= MAC=00:30:4f:25:e6:15:00:30:b8:80:49:ee:08:00 SRC=194.44.39.44 DST=217.26.69.17 LEN=56 TOS=0x00 PREC=0x00 TTL=113 ID=63502 PROTO=ICMP TYPE=3 CODE=3 [SRC=217.26.69.17 DST=194.44.39.44 LEN=92 TOS=0x00 PREC=0x00 TTL=51 ID=45298 PROTO=UDP SPT=20140 DPT=18747 LEN=72 ]

what was hapening here?

Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post
hughesjr
post Mar 3 2004, 01:18 PM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



PROTO=ICMP TYPE=4 CODE=0 is know as ICMP: Source quench. It is many things, including a primative method of flow control.

You will see many port scans and other such things on your firewall....see this thread


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 14th December 2017 - 02:04 PM