[clug] wierd messages in the syslog

Andrew Pollock andrew-clug at andrew.net.au
Mon Apr 26 06:02:44 GMT 2004


Hi Joel,

/usr/include/netinet/ip_icmp.h sez that's destination unreachable, port
unreachable.

I'd hazard a guess and say that you're getting portscanned (fact of life on
the Internet), and you are correctly responding with an ICMP destination
unreachable, port unreachable, for the UDP ports that you're not listening
on.

As for why it's getting syslogged ad infinetium, I really don't know. The
fact that it's sending them to your broadcast address suggests that either
you've got your subnet mask wrong, and your broadcast address isn't really
your broadcast address, and whatever you've got set as your broadcast
address is doing the portscanning (your ISP?), or something else is afoot.

If you have the inclination, you could run Ethereal, and look at the ICMP
traffic you're sending back, and it'll include information about the
original packet that it's sending an unreachable response about.

Hope this helps.

regards

Andrew

On Mon, Apr 26, 2004 at 02:18:13AM +1000, Joel Pearson wrote:
> Hey,
> 
> I recently installed Fedora Core 1 and my syslog is filling up with lots of
> these error messages:
> 
> 203.16.208.62 sent an invalid ICMP type 3, code 3 error to a broadcast:
> 203.16.208.63 on eth0
> 
> sometimes there is only 1 every few minutes other times it is a couple a
> minute.
> 
> I'm running bridged adsl and my ifcfg-eth0 script is as follows:
> [root at office root]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
> DEVICE=eth0
> ONBOOT=yes
> BOOTPROTO=static
> IPADDR=203.16.208.62
> NETMASK=255.255.255.252
> GATEWAY=203.16.208.61
> 
> I had a look in google and there were people asking similar questions, but
> with no answers.
> 
> Thanks
> 
> -Joel
> 
> 


More information about the linux mailing list