[clug] Dropped icmp packets - et al

Felix Karpfen felixk at fwi.net.au
Fri Aug 29 06:46:32 EST 2003

* Marek Samoc <mjs111 at rsphy1.anu.edu.au> [28.08.03 09:33]:
> On Mon, 25 Aug 2003, Sam Couter wrote:
> SC>
> SC> ICMP is a control protocol. It's used by computers to signal funny stuff
> SC> like "nobody listening on that port!", amongst other things. ICMP type 8
> SC> (not port 8) is ECHO_REQUEST. It means "Please send me an ECHO_REPLY
> SC> packet", which is just another ICMP packet type.
> SC>

> >
> > So I have this in my firewall now:
> >
> >   # Drop ICMP packets with TOS set to Minimize-Delay
> >   iptables -A $CHAIN_IN -p icmp --icmp-type echo-request -m tos --tos
> > 0x10 -j log_info
> >
> > which happily drops the virus icmps:
> > </end quote>
> ----- end quote from oz-isp -----

Thank you for all the added info.

It looks as though my custom-tailored firewall is set up to deal
adequately with ECHO _REQUESTS from marauding aliens.

The same cannot be said for my computer's ability to locate my ISP -
recently relocated to somewhere near the Indian Ocean.  My ability to
establish a connection with him has now become a game of Russian Roulette.

My response to this situation has been to cut my losses and find another
local ISP.  How wise I was in the selection will doubtless become
evident in due course.

My reason for posting this info is that I now have a further (minor)
problem on my hands.

Resubscribing to lists from the new address is easy.  But how do I
unsubscribe from my previous address - when I have little evidence that
any sent emails actually reach their destination.

Felix Karpfen 
Felix Karpfen
felixk at fwi.net.au
Public Key 72FDF9DF (DH/DSA)

More information about the linux mailing list