[time] icmp reachability?
Fri Mar 16 04:23:31 UTC 2007
My firewall logs are filled with message like
ipmon: 18:52:39.107683 sis1 @0:18 b 126.96.36.199 ->
188.8.131.52 PR icmp len 20 56 icmp unreach/port
for 184.108.40.206,123 - 220.127.116.11,123
PR udp len 20 76 IN
18.104.22.168 is my pool server.
I am accepting udp packets for destination port 123 and everything
seems to be working correctly, but I don't understand what these ICMP
packets are about. No doubt this reflects my substantial ignorance
of IP, but I would like to know whether I should/need to allow ICMP
through as well as udp 123 for NTP to work properly.
The log line is from ipfilter running on a m0n0wall system. sis1 is
the WAN facing interface.
Jeffrey Goldberg http://www.goldmark.org/jeff/
More information about the pool