[Firewall] Mysterious ICMP pings behind firewall

K. Workman kw_member at aegis.dynalias.net
Tue Mar 3 04:57:10 CET 2009


I'm not sure. I've not seen any of these packets, for a while now. And, 
the Firestarter logs are not clear on that point. Well, at least, to me.

Since then, however, I've run into an issue with Firestarter (Ubuntu 
firewall) stopping my virtualization sessions from reaching the 
internet. So, I've replaced it with your firewall script (of course) and 
now networking is working with my virtual sessions. I'll monitor the 
firewall logs to see if this problem still occurs.

Thank you.

Arno van Amersfoort wrote:
> Are you sure it's ICMP-request (aka ping)? And not some other ICMP 
> packet like ie. ICMP-reply or ICMP-port-unreachable?
>
> a.
>
> K. Workman wrote:
>> Hello,
>>
>> I just recently installed an Ubuntu linux system in my LAN. It is 
>> behind my firewall (running your firewall script, obviously) box, 
>> that runs Debian 4.0. Anyway, I activated Firestarter on the Ubuntu 
>> system. Well, to my surprise, the Firestarter log started reporting 
>> ICMP pings from outside my LAN. I'm not aware that my debian box is 
>> allowing pings through. Also, I don't see how a host on my internal 
>> network is being targeted. So, I was  hoping someone could tell me 
>> how this can happen or perhaps give me some pointers as to how I 
>> might troubleshoot this??
>>
>> My Ubuntu system is on my private network (192.168.123.0/24).
>>
>> Thanks in advance.
>>
>>
>>
>>
>>
>> _______________________________________________
>> Firewall mailing list
>> Firewall at rocky.eld.leidenuniv.nl
>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
>>
>


More information about the Firewall mailing list