On Tue, 10 Apr 2001, will trillich wrote: > here's a logcheck message i got recently, where ipchains is > logging certain unwelcome hits (based on what's primarily the > default ipmasq filtering rules)-- > > ----- Forwarded message from root <[EMAIL PROTECTED]> ----- > > Security Violations > =-=-=-=-=-=-=-=-=-= > Apr 8 17:45:10 server kernel: Packet log: input DENY eth0 PROTO=1 > 172.149.223.27:10 224.0.0.2:0 L=28 S=0x00 I=11290 F=0x0000 T=128 (#7)
PROTO=1 means that it was an ICMP packet. Someone is trying to ping you. Look at /usr/include/netinet/ip_icmp.h for an explanation of ICMP types. The type is listed after the : on your host address. Type 0 is ICMP_ECHOREPLY -B -- Brandon High [EMAIL PROTECTED] War is Peace. Slavery is Freedom. AOL is the Internet.
