2.6.23-rc1: ipv4_get_l4proto: Frag of proto 17
Patrick McHardy
kaber at trash.net
Thu Jul 26 12:22:00 CEST 2007
Indan Zupancic wrote:
> On Thu, July 26, 2007 11:50, Patrick McHardy wrote:
>
>>iptables -t raw -I PREROUTING \
>> -m icmp --icmp-type destination-unreachable -j LOG
>>
>>should log the packets.
>
>
> So with this when I get a Frag of proto it should also log an ICMP error?
Exactly.
> Considering that the errors happened with a near exact 1 second interval
> and a 0.5s interval I think it's highly likely that it were retry packets to
> an unreachable host. But why is the proto UDP and not ICMP?
Its the inner packet that is parsed by nf_ct_get_tuplepr.
More information about the netfilter-devel
mailing list