Help: meaning of ICMP_UNREACH message from firewall

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I can't understand what to do about this ICMP message from my
Filseclab software firewall:

Application: SYSTEM
Direction: In
Remote IP:
Status/Bytes: RECV/70
Description: ICMP_UNREACH[ICMP_UNREACH_PORT](bad port)|RT:9|

Presumably this has something to do with an ICMP packet not being
able to reach some port on my system.  Can someone explain this a bit
more please.

And importantly, what can I do on Filseclab to overcome this?

If I turn my firewall OFF then DNS lookups seem to happen faster and
some (but not all) of the Usenet servers I belong to work faster.  I
suspect that these trapped ICMP messages might have something to do
with the slowness I am getting.

Re: Help: meaning of ICMP_UNREACH message from firewall

On Tue, 04 Apr 2006 22:47:04 +0100, Zak wrote:

Quoted text here. Click to load it

Not quite. What happened is that something on your machine tried to open
a connection to some remote system, and that one answered with a "port
unreachable" - nothing listening on the port or the port us blocked
(filtered). This is part of the normal (presumably TCP) negotiation.

Try looking up the ICMP types and decide which ones you want to allow in
(hint: a lot of them are undesirable, but this is not one of them).

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==---- The #1 Newsgroup Service in the World! 120,000+
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

Re: Help: meaning of ICMP_UNREACH message from firewall

Quoted text here. Click to load it

This particular firewall does not permit me to choose which type of
ICMP it passes or rejects.  So to avoid problems I set it to pass all
ICMP traffic.  

But I stil get that wierd message.  If I close the firewall down
completely then the app seems to communicate ok.  Does this help
anyone to know what might be happening?

Site Timeline