Re: Help: meaning of ICMP_UNREACH message from firewall

On Tue, 04 Apr 2006 22:47:04 +0100, Zak wrote:

> I can't understand what to do about this ICMP message from my
> Filseclab software firewall:
>
> Application: SYSTEM
> Direction: In
> Remote IP: rz.vrx.net
> Status/Bytes: RECV/70
> Description: ICMP_UNREACH[ICMP_UNREACH_PORT](bad port)|RT:9|
>
> Presumably this has something to do with an ICMP packet not being
> able to reach some port on my system. Can someone explain this a bit
> more please.

Not quite. What happened is that something on your machine tried to open
a connection to some remote system, and that one answered with a "port
unreachable" - nothing listening on the port or the port us blocked
(filtered). This is part of the normal (presumably TCP) negotiation.

Try looking up the ICMP types and decide which ones you want to allow in
(hint: a lot of them are undesirable, but this is not one of them).

-- 
Mailman
----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----