ann kok wrote: > Hi all > > The machine provides the name service > > I got the following in the dmesg. > > What is it? > > Can I have rules to prevent it? > > UDP: bad checksum. From outside-ip:61479 to > machine-ip:61 ulen 45 > UDP: bad checksum. From outside-ip:62499 to > machine-ip:61 ulen 45 > UDP: bad checksum. From outside-ip:64135 to > machine-ip:61 ulen 45 > UDP: bad checksum. From outside-ip:64135 to > machine-ip:61 ulen 45 > UDP: bad checksum. From outside-ip:65383 to > machine-ip:61 ulen 45 > > outside-ip sent an invalid ICMP type 3, code 3 error > to a broadcast: 248.32.x.x on eth0 > outside-ip sent an invalid ICMP type 3, code 3 error > to a broadcast: 248.32.x.x on eth0 > outside-ip sent an invalid ICMP type 3, code 3 error > to a broadcast: 248.32.x.x on eth0 > 'outside-ip', is that the IP of this system, or some random external internet IP, or what? odd, 248.32.x.x isn't a broadcast or multicast address AFAIK, is that part of one of your subnets or something? I'm not sure what udp/61 is, /etc/services says 'NI-MAIL', that appears to be something from the dusty basement of pre-internet networking ("JNT mail over NIFTP"). ICMP type 3 code 3 is 'port unreachable'. see: http://www.iana.org/assignments/icmp-parameters if you block those you won't be able to do traceroutes. if you just got a few of those, I'd ignore them. if you got lots and lots, it may be a weak attempt at a denial of service attack anyways, dunno why you'd need any rules, the kernel rejected those packets on the grounds given.