[ale] Tracking down an ICMP reply
Alex Carver
agcarver+ale at acarver.net
Sun Jun 28 13:45:39 EDT 2015
I was looking at my firewall a few days ago and noticed an ICMP packet
being sent from a Hurricane Electric IP indicating host not found (type
3 code 1). I can't seem to figure out what is triggering the response.
I tossed in some logging on the firewall looking for an outbound
connection to the IP range but I've gotten no hits. I don't have IPv6
enabled anywhere inside the network (though I do need to go back through
and make sure that's absolutely true) but I'm not sure why I'm not able
to find the outbound packet either.
I am probably not understanding how connections to Hurricane Electric
actually work. Right now the messages come from a single IP
216.218.133.66 and I have set up in the postrouting chain:
iptables -t nat -I POSTROUTING 1 -d 216.218.128.0/17 -j LOG
--log-prefix="HE"
I would have expected a reply from that IP would have been initiated by
a packet to the IP but there's nothing.
More information about the Ale
mailing list