13.02.2016 06:18, John Andersen пишет:
On 02/12/2016 11:19 AM, Carlos E. R. wrote:
That's why I was interested in these firewall log entries. I know (now) that it is not the first time I have got caught by this issue of icmp, I opened it in the firewall, then I forgot. Sigh.
Are we sure that netconsole is involved at in in the icmp issue?
You only see the messages because your firewall blocks icmp.
No. He sees this message because other system blocks UDP [SRC=192.168.1.14 DST=192.168.1.15 LEN=343 TOS=0x00 PREC=0x00 TTL=64 ID=3128 PROTO=UDP SPT=6666 DPT=6666 LEN=323 ]
Were you not blocking, the would just go through and you would never know.
DHCP servers ping before leasing an IP, just to make sure no one manually assigned it. There are probably more legitimate uses for ping on your network as well.
Its uncommon to block icmp on your LAN, but common to block it on your Public facing Nic.