Tcpdump: "admin prohibited filter"

Florin Andrei florin at andrei.myip.org
Thu Jul 1 18:58:11 UTC 2004


On Thu, 2004-07-01 at 01:30, Andrea Giuliano wrote:
> Dear all,
> 
> trying to make my ADSL connection working, I ran across this suspicious
> line in the output from  "tcpdump -i ppp0":
> 
> 23:50:26.876061 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 217.144.248.190 unreachable - admin prohibited filter
> 
> The output is full of such lines (you can see the whole output below).
> What do they mean? Who's the admin? Myself on my local host or the admin
> of the remote host (in other words, one of the ISP's admins)?

What are those addresses that you mention?

"admin prohibited filter" means that there's a firewall that blocks a
connection, and it does that in the most user-friendly way possible: it
send back an ICMP packet that means precisely that: the admin of that
firewall doesn't want those packets to get through.

It could be a firewall at the destination site.
It could be a firewall in between.
It could be iptables on your own Linux machine. :-)
It all depends on what those IP addresses are.

-- 
Florin Andrei

http://florin.myip.org/






More information about the fedora-list mailing list