network security related question
Smoot Carl-Mitchell
smoot at tic.com
Fri Feb 27 18:44:56 UTC 2009
On Fri, 2009-02-27 at 17:45 +0000, Vitorio Okio wrote:
> On Thu, 26 Feb 2009 22:38:23 -0700, Smoot Carl-Mitchell wrote:
>
> > If they are ICMP and they are reaching the firewall, then they must be
> > some type of response to a request initiated from your Linux box.
>
> In such case wouldn't my firewall accept the response rather then block
> it?
In this case it should unless you are specifically blocking ICMP
"connection refused" packets which you should not do because it would
violate some essential protocol behavior. Without seeing a packet trace
I am doing a bit of guessing as to what your issue might be. My
suggestion is a way of narrowing the scope of the issue you are seeing.
With your NATed router it is difficult, but not impossible to construct
packets which will get past the router and be received by your Linux
box. I'd suggest capturing some of the dropped packets and seeing what
they contain.
--
Smoot Carl-Mitchell
Computer Systems and
Network Consultant
smoot at tic.com
+1 480 922 7313
cell: +1 602 421 9005
More information about the ubuntu-users
mailing list