[Dshield] ICMP problems

Martin Forest martin at forest.gen.nz
Tue Jun 28 20:25:12 GMT 2005


My firewall is not logging icmp type or code. All I have is protocol 1, 
ICMP. When I submit log files with source port and destination port as 0 
and protocol 1, the lines are rejected.
Does that mean that unless I specify icmp type, i can not submit blocked 
icmp?
the rejected lines looks like:
rejected lines (up to 10)
  -> 2005-06-29 00:00:00 +12:00    123    1    195.112.100.50    0    
x.x.236.72    0    1
  -> 2005-06-29 00:00:02 +12:00    123    1    217.248.164.16    0    
x.x.26.40    0    1
  -> 2005-06-29 00:00:02 +12:00    123    1    66.248.192.2    0    
x.x.108.115    0    1

/Martin Forest




More information about the list mailing list