I was looking through some logs my filter box was producing and had a thought about a particular packet drop I was seeing.
The drop I am seeing is:
May 2 02:44:44 gw.ilinx kernel: INPUT IN=ppp0 OUT= MAC=
SRC=207.177.88.6 DST=my_gateway LEN=56 TOS=0x00 PREC=0x00 TTL=239
ID=46501 DF PROTO=ICMP TYPE=3 CODE=3 [SRC=my_gateway
DST=207.177.88.6 LEN=79 TOS=0x00 PREC=0x00 TTL=45 ID=0 FRAG:64
PROTO=UDP ]
So I was going to go write a rule to allow the icmp message back to
the originating host and then it dawned on me that there is no way to
conntrack this back to it's originator, or am I missing something?
b.
--
Brian J. Murrell
msg00877/pgp00000.pgp
Description: PGP signature
