Mailinglist Archive: opensuse (1470 mails)

< Previous Next >
Re: [opensuse] What is the meaning of these firewall log entries?
On 2016-02-13 13:26, Darryl Gregorash wrote:
On 12/02/16 10:32 PM, Carlos E. R. wrote:


You're saying the same thing as John, except slightly different, and a
lot more complicated. Iptables allows you to do an awful lot of nifty
things, including allowing ping requests while blocking other ICMP traffic.

Yes.

A ping (echo request) is an ICMP type 8 message. The response is an echo
reply, which is an ICMP type 0.

Yes.

None of which is relevant I think. Marcus said it in the very first
response to you:

But which I did not understand.

the destination host appears to be blocking UDP on port 6666. That is
pretty much obvious in the logged firewall messages. The destination's
response is a "port unreachable" response, ie. an ICMP type 3/code 3
message.

If you will just open UDP on port 6666 on your LAN systems, I think you
will find all is fine.


But the thing is, the port is open! Has been opened for months. Which is
why it doesn't make sense.

And the other detail, which I found out today, is that the event *only*
happens during the process of going into hibernation. I saw the messages
flashing by in the screen, yesterday, and today I read them in the log.


The destination machine doesn't log any blocked package at that time in
the firewall log (both machines run oS 13.1), but it is not set to log
all, anyway. But the content of those packets on port 6666 are being
correctly written to the intended file, so they are traversing the
firewall correctly.

--
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 "Bottle" at Telcontar)

< Previous Next >