Need help to interp kernel log message.
webmaster at swedehost.com
Mon Sep 15 03:17:13 PDT 2003
On Saturday 13 September 2003 03.24, Roman Neuhauser wrote:
> # webmaster at swedehost.com / 2003-09-12 05:37:17 +0200:
> > I 've got a message in my logfiles that I don't understand.
> > The ip-addresses are none that I'm to my knowing are associated
> > with. Wonder what it is or if it's anything to worry about.
> > odin.swedehost.com kernel log messages:
> > > icmp redirect from 184.108.40.206: 220.127.116.11 =>
> > > 18.104.22.168
> > Checking up on the above Ip-addresses don't ring any bells ider.
> Looks like your machine was sending traffic to 22.214.171.124,
> and an intermediate host at 126.96.36.199 sent an ICMP redirect
> message telling it to send them to 188.8.131.52 instead. See RFC
> As for security concerns: any packet might have the source
> address spoofed, and obeying ICMP type 5 messages in a hostile
> environment (like the internet) means you're giving your network
> traffic out for public consumption.
Thx for your answer.
In my rc.conf file, I do have
but I guess that's not enough.
Probably have to block in my firewall.
After reading your reply, I've done some more digging, and this is what
5 Redirect [RFC792]
0 Redirect Datagram for the Network (or subnet)
1 Redirect Datagram for the Host
2 Redirect Datagram for the Type of Service and Network
3 Redirect Datagram for the Type of Service and Host
More information about the freebsd-questions