Tcpdump: "admin prohibited filter"
Yang Xiao
yxiao at ohpp.com
Thu Jul 1 12:49:39 UTC 2004
> -----Original Message-----
> From: Andrea Giuliano [mailto:a.giuliano at iccu.sbn.it]
> Sent: Thursday, July 01, 2004 4:30 AM
> To: For users of Fedora Core releases
> Subject: Tcpdump: "admin prohibited filter"
>
>
> Dear all,
>
> trying to make my ADSL connection working, I ran across this
> suspicious line in the output from "tcpdump -i ppp0":
>
> 23:50:26.876061 IP 192.168.100.1 > 82.53.151.158: icmp 36:
> host 217.144.248.190 unreachable - admin prohibited filter
>
> The output is full of such lines (you can see the whole
> output below). What do they mean? Who's the admin? Myself on
> my local host or the admin of the remote host (in other
> words, one of the ISP's admins)?
>
> Since I simply cannot use the connection, even it seems to be
> up and running, I was wondering if this messages could hide
> the actual cause of my problems: maybe my ISP has made some
> changes that prevent me from use the line effectively?
>
> Please note the following:
>
> 1) I only had the connection working for one day, June 21, on FC1.
> 2) On June 22 I upgraded to FC2, and the connection became
> slow, but still working.
> 3) Since June 23, the connection is definitely useless. No
> host can be reached, not even the DNS server of my ISP, as
> listed in the syslog after the ppp0 interface has come up.
>
> Best regards.
>
> --
> Andrea Giuliano, Ph. D.
> ICCU - Istituto Centrale per il Catalogo Unico
> Viale Castro Pretorio 105, Rome - ITALY
> Tel. +39064989509, Fax +39064059302
Hi,
The message means there's some sort of firewall, IP filtering setup
somewhere along the way from your host to the destination for ICMP messages,
such as a IPTABLES rule to block ICMP traffic, nothing suspicious.
You can test this by setup IPTABLES port filtering on one host and do a
tcpdump from another host, try access the port at the same time, you will
see similar messages.
Yang
More information about the fedora-list
mailing list