[ previous ] [ next ] [ threads ]
 
 From:  Frederick Page <fpage at thebetteros dot oche dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Invalid ICMP type 3 code 0 on LAN
 Date:  Fri, 27 Aug 2004 17:28:57 +0200 
Hallo Fred,

Fred Wright schrieb am 26. August 2004:

>> 192.168.100.100 (this is m0n0wall) sent an invalid ICMP type 3, code 0
>> to a broadcast 192.168.100.255 on eth0

>Does it really think that's a broadcast address?  What's the
>netmask?

That's /24 (255.255.255.0) on all machines.

>If FreeBSD isn't broken, then it must have received a packet *from*
>192.168.100.255, and didn't consider that to be a broadcast.

As Manuel suggested, I ran a tcpdump trace and found the solution:

The Linux-machine has a Samba-Server running, Samba sends UDP packets
on Port 138 to 192.168.100.255 in order to find any Windows-machines.

The problem in front of the machine thought, it would be a clever
idea, to REJECT UDP-Ports 137-138 on the LAN-interface of m0n0wall.
I just blocked TCP/UDP 135-139 on the LAN-interface and the messages
stopped ;-)

Of course m0n0 is completely innocent, it just did, what it was told:
send "ICMP destination unreachable" when UDP traffic came in on Port
138.

I feel pretty stupid now ;-)

Kind regards

Frederick