[clug] Dropped icmp packets - et al
Felix Karpfen
felixk at fwi.net.au
Fri Aug 29 06:46:32 EST 2003
* Marek Samoc <mjs111 at rsphy1.anu.edu.au> [28.08.03 09:33]:
> On Mon, 25 Aug 2003, Sam Couter wrote:
>
> SC>
> SC> ICMP is a control protocol. It's used by computers to signal funny stuff
> SC> like "nobody listening on that port!", amongst other things. ICMP type 8
> SC> (not port 8) is ECHO_REQUEST. It means "Please send me an ECHO_REPLY
> SC> packet", which is just another ICMP packet type.
> SC>
Snip
>
> >
> > So I have this in my firewall now:
> >
> > # Drop ICMP packets with TOS set to Minimize-Delay
> > iptables -A $CHAIN_IN -p icmp --icmp-type echo-request -m tos --tos
> > 0x10 -j log_info
> >
> > which happily drops the virus icmps:
> > </end quote>
>
> ----- end quote from oz-isp -----
Thank you for all the added info.
It looks as though my custom-tailored firewall is set up to deal
adequately with ECHO _REQUESTS from marauding aliens.
The same cannot be said for my computer's ability to locate my ISP -
recently relocated to somewhere near the Indian Ocean. My ability to
establish a connection with him has now become a game of Russian Roulette.
My response to this situation has been to cut my losses and find another
local ISP. How wise I was in the selection will doubtless become
evident in due course.
My reason for posting this info is that I now have a further (minor)
problem on my hands.
Resubscribing to lists from the new address is easy. But how do I
unsubscribe from my previous address - when I have little evidence that
any sent emails actually reach their destination.
Felix Karpfen
--
Felix Karpfen
felixk at fwi.net.au
Public Key 72FDF9DF (DH/DSA)
More information about the linux
mailing list