Mailinglist Archive: opensuse (1470 mails)

< Previous Next >
Re: [opensuse] What is the meaning of these firewall log entries?
On 13/02/16 07:49 AM, Carlos E. R. wrote:
On 2016-02-13 13:32, Darryl Gregorash wrote:
On 12/02/16 11:47 PM, Andrei Borzenkov wrote:

During all this time, on there is a "netcat -u -l 6666 | tee -a
remote_log" process logging entries coming from, by netconsole,
which TODAY is indeed working, as I got entries in the remote_log file:

[1086086.299979] Syncing filesystems ... [1086086.299979] Syncing filesystems
... done.
[1086086.828979] Freezing user space processes ...
[1086086.829327] SFW2-INext-DROP-DEFLT IN=eth0 OUT=
MAC=00:21:85:16:2d:0b:00:03:0d:05:17:fc:08:00 SRC=
DST= LEN=62 TOS=0x00 PREC=0xC0 TTL=64 ID=52521 PROTO=ICMP TYPE=3
CODE=3 [SRC= DST= LEN=34 TOS=0x00 PREC=0x00 TTL=64
ID=3399 PROTO=UDP SPT=6666 DPT=6666 LEN=14 ]
[1086086.830161] SFW2-INext-DROP-DEFLT IN=eth0 OUT=
MAC=00:21:85:16:2d:0b:00:03:0d:05:17:fc:08:00 SRC=
DST= LEN=107 TOS=0x00 PREC=0xC0 TTL=64 ID=52522 PROTO=ICMP TYPE=3
CODE=3 [SRC= DST= LEN=79 TOS=0x00 PREC=0x00 TTL=64
ID=3401 PROTO=UDP SPT=6666 DPT=6666 LEN=59 ]
[1086096.119680] Restarting kernel threads ... done.
[1086096.125260] Restarting tasks ... done.

So everything is working now, except those dropped ICMP messages despite the
port being open, and the packages being accepted and logged. But only during
the hibernation process.

These log entries are from ...14, yes? If these are being sent by ...15,
perhaps that system might have corresponding log entries to indicate why
the ICMP packets are being sent in the first place. If ...15's firewall
is open on port 6666, there is no reason at all why it should be sending
"port unreachable" responses. Since there is something listening on that
port on that system, there should be no ICMP messages from ..15 to ..14
at all.

(I can't find a smiley for "tearing my hair out" so I picked 3
alternates ;) )

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups